VIP Maintenance October 28, 2022

The maintenance is now complete. Thanks for your patience.

The scheduled maintenance is now underway. We'll keep you updated on our progress.

Update:

This release includes the following new features and updates:

• As part of Broadcom's continued effort to maximize the security of our platforms, TLS v1.0 and v1.1 are being disabled on all Symantec VIP web portals and VIP APIs in this maintenance release. After the change is complete, TLS v1.2 will be the only supported TLS version.

Note: At this time, the VIP Web Service endpoints will continue to support TLS1.0 and TLS 1.1. All other endpoints will support TLS 1.2 only.

If you have not already done so, Broadcom recommends that you perform any changes needed on your end to accommodate this change and avoid any impact on your services immediately. To assist with this, Broadcom provides endpoints for customers to test the protocol and cipher suite that your client software uses to connect to VIP endpoints to ensure that you are not using the older protocols. See the VIP Authentication Services 2022.August.01 Release Notes for procedures for using these endpoints.

If you are running any version of VIP Enterprise Gateway earlier than 9.8.4, Broadcom recommends that you upgrade to 9.8.4 or later to avoid TLS-related service interruptions. See the VIP Enterprise Gateway documentation available on the Symantec VIP Documentation portal for information and upgrade instructions for VIP Enterprise Gateway.

For more information about this change, see the Symantec VIP Transport Layer Security (TLS) 1.0 and 1.1 disablement on VIP Web Portals Knowledge Base article.

• The VIP User Services API is updated to improve how expired Remembered Device credentials are handled.
• Internal improvements and bug fixes.

See the VIP Authentication Services 2022.October.01 Release Notes for more information about this release.

For assistance, or if you have further questions, visit https://support.broadcom.com/security.

Update

As part of Broadcom's continued effort to maximize the security of our platforms, TLS v1.0 and v1.1 are being disabled on all Symantec VIP web portals and VIP APIs in the October maintenance release. After the change is complete, TLS v1.2 will be the only supported TLS version.

If you have not already done so, Broadcom recommends that you perform any changes needed on your end to accommodate this change and avoid any impact on your services immediately. To assist with this, Broadcom provides endpoints for customers to test the protocol and cipher suite that your client software uses to connect to VIP endpoints to ensure that you are not using the older protocols. See the VIP Authentication Services 2022.August.01 Release Notes for procedures for using these endpoints.

For VIP Enterprise Gateway Customers: Versions of VIP Enterprise Gateway earlier than 9.8.4 are no longer supported. If you are running any version of VIP Enterprise Gateway earlier than 9.8.4, Broadcom recommends that you upgrade to 9.8.4 or later to avoid TLS-related service interruptions. See the VIP Enterprise Gateway documentation available on the Symantec VIP Documentation portal for information and upgrade instructions for VIP Enterprise Gateway.

For more information about this change, see the Symantec VIP Transport Layer Security (TLS) 1.0 and 1.1 disablement on VIP Web Portals Knowledge Base article.

For assistance, or if you have further questions, visit https://support.broadcom.com/security

Symantec, a division of Broadcom, is performing maintenance starting on October 28th, 2022 at 00:30 UTC (October 27th, 2022: 17:30 PST), for a duration of 4 hours.

This release of VIP Authentication Services includes the deprecation of TLS 1.0 and TLS 1.1 versions and adding support for TLS 1.3 as referenced in the KB Article.