Cloud SWG: General Product Maintenance (Milan, Algeria, Malta, Tunisia) April 2nd, 2024

Tuesday, 2 April 23 hours and 59 minutes
Complete
Complete

The maintenance is now complete. Thanks for your patience.

Underway

The scheduled maintenance is now underway. We'll keep you updated on our progress.

Scheduled

Broadcom will perform general maintenance on the Cloud SWG Milan datacenter (GITMO) on April 2nd, 2024. During the maintenance, the Localization Zones for Algeria, Malta and Tunisia will be moved to europe-west8. This requires some IP changes, please carefully review the information below to avoid disruption of service.

What are Localization Zones?

Localization Zones allow WSS to request content using IP addresses that match the country of the end user. This gives content providers the ability to return content in the optimal language for the user, better matching their native web experience. It’s important to note that content providers choose whether or not to localize their content and what localizations they support.

The Localization Zones for Algeria, Malta and Tunisia will use the following new egress IP addresses:

  • Algeria

    • 34.154.250.192/27 - NEW April 2nd,2024
    • 46.235.156.0/27 - TO BE RETIRED April 2nd, 2024

  • Malta

    • 34.154.50.128/27 - NEW April 2nd,2024
    • 46.235.156.160/27 - TO BE RETIRED April 2nd, 2024

  • Tunisia

    • 34.154.50.192/27 - NEW April 2nd,2024
    • 46.235.157.192/27 -TO BE RETIRED April 2nd, 2024

Impact

During this maintenance event all services will remain operational and available. The following describes what happens to connected clients, depending on access method used:

  • Explicit proxy / Proxy Forwarding / WSS Agent / Symantec Enterprise Agent: The service automatically redirects connections to active data pods within the same data center or geographic location. This is for information only, and the customer does not need to take any action.
  • IPSec: A short fail-over delay may occur as the load balancer directs traffic to another active data pod within the data center. This is for information only, and the customer does not need to take any action.

Required Action prior to the maintenance

  • Firewall rules regulating connectivity to/from your network to Cloud SWG should be adjusted to allow traffic to pass to the NEW IP network listed above.
  • Third party applications that regulate connections by source IP address should be updated to accept connections from the NEW egress IP networks listed above to ensure traffic proxied through Cloud SWG can reach the application.
  • Auth Connector must be able to communicate with all egress ranges listed above on TCP 443, where applicable.

Failure to make these changes could prevent users from connecting to Cloud SWG, accessing third party web applications, or authenticating against the service using the Auth Connector (where applicable).

For a full list of IP networks used by WSS, please visit: https://knowledge.broadcom.com/external/article?legacyId=TECH242979

Reporting Problems

Experiencing issues? Contact technical support by visiting: https://support.broadcom.com/security.

For service status and maintenance updates visit and subscribe to Broadcom Service Status: https://status.broadcom.com/services/cloud-secure-web-gateway/.

Began at:

Affected components
  • Cloud Secure Web Gateway
    • Point of Presence (POP) - Europe And The Middle East
      • Milan, Italy (GITMI)
      • Milan, Italy (GITMO)
      • Valletta, Malta (GMTVA)
    • Point of Presence (POP) - Africa
      • Algiers, Algeria (GDZAL)
      • Tunis, Tunisia (GTNTU)