Web Security Service - UPDATE Cloud Portal IP Address Migration
Scheduled Maintenance Report for Symantec Web Security Service
Completed
The scheduled maintenance has been completed.
Posted May 23, 2020 - 08:02 UTC
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted May 23, 2020 - 00:00 UTC
Update
Please make a note of the following correction of the IP address for ctc.threatpulse.com in bold below and increased detail for the maintenance impact description.

  • ctc.threatpulse.com will change to: 130.211.30.2

    As part of the previously announced migration to Google Cloud Platform (GCP), changes in the IP addresses used by the Broadcom Web Security Service (WSS) portal and related systems will start on May 23, 2020 starting at 00:00 UTC. This maintenance will last for up to 24 hours.

    Impact
    During the maintenance certain services will be affected in the following ways:
  • WSS Portal will be unavailable for configuration changes and API calls.
  • Log-download requests will be interrupted or fail.
  • Auth-Connector related orchestration will be unavailable. If an agent-based or fixed-site IPsec connection transition to previously unused data center components, Auth-Connector mediated Identity (IPsec only) and group-membership (agents and IPsec sites) information will be unavailable for policy use.

    Throughout the maintenance:
  • WSS end-user traffic processing will continue to function based on the last configuration.
  • All end-user traffic logging will be collected and processed into reporting infrastructure.
  • Following the maintenance, logs will be available for export as normal.
  • Agent datacenter selection services will remain functional.
  • User Identity and Group membership information from SAML based authentication will remain available.

    At the conclusion of the maintenance, the WSS Portal components will be hosted in GCP on new IP addresses. Firewall rules may need to be updated as described in the Required Action section below.
  • Posted May 13, 2020 - 21:32 UTC
    Scheduled
    As part of the previously announced migration to Google Cloud Platform (GCP), changes in the IP addresses used by the Broadcom Web Security Service (WSS) portal and related systems will start on May 23, 2020 starting at 00:00 UTC. This maintenance will last for up to 24 hours.

    Impact
    At the conclusion of the maintenance, the WSS Portal components will be hosted in GCP on new IP addresses. Firewall rules may need to be updated as described in the required action section below.

    Required Action
    The required action depends on the customer’s network configuration. All IP address changes will be implemented by modifications to DNS resolution. Systems that utilize hostnames will generally be unaffected.

    If connectivity from your network to WSS is regulated by firewall rules, these rules must be adjusted to allow traffic to pass from your network to the new IP addresses. Further restrictive application security or automations based on destination IP addresses should also be updated in order to avoid interruption of associated service functions (examples: API-based actions and Log Downloading).

    Please review the following hostname to use-case mappings carefully to identify any potential impacts.

    All functionality available via portal.threatpulse.com (administrative interface, API functionality, and log-download processes) will change to: 35.245.151.224 and 34.82.146.64.

    All functionality available via cloudwebsecurity.att.com will change to: 35.245.151.230 and 34.82.146.70.

    All functionality available via other partner offered portals will change to: 35.245.151.231 and 34.82.146.71.

    Authentication Orchestration Service (auth.threatpulse.com), used by Auth-Connector (“BCCA”) software, will change to: 35.245.151.226 and 34.82.146.65.

    On-Prem Policy Management (sgapi.threatpulse.com and sgapi.es.bluecoat.com), used by Management Center for policy upload or ProxySG for policy download, will change to: 35.245.151.229 and 34.82.146.69.

    Additional service points used by roaming devices - these are contacted by some versions of end-point Agent software to assist with datacenter selection and device configuration:
    ctc.threatpulse.com will change to: 130.211.30.2
    mobility.threatpulse.com will change to: 35.245.151.228 and 34.82.146.68

    The following hostname resolutions remain unchanged. They are provided for informational purposes, and no action is required.

    Explicit-over-IPsec (“transproxy”) target proxy addresses:
    ep.threatpulse.net and ep-all.threatpulse.net

    SAML redirection target hostname:
    saml.threatpulse.net

    Additional Information
    Please visit these KB articles for a full list of production IP networks used by WSS:
    Worldwide data center IP addresses: https://knowledge.broadcom.com/external/article?legacyId=TECH242979
    Authentication / egress IP addresses: https://knowledge.broadcom.com/external/article?legacyId=TECH240889

    Questions?
    Please visit this KB article for additional details on the Web Security Service Migration to Google Cloud Platform: https://knowledge.broadcom.com/external/article?legacyId=tech257356

    If you have further questions regarding this announcement, contact Technical Support. Support information is located at: https://support.broadcom.com/security

    For real time updates and status visit and subscribe to Broadcom Service Status: https://wss.status.broadcom.com

    Schedule
  • Start Date: May 23, 2020 at 00:00 UTC
  • End Date: May 24, 2020 at 00:00 UTC
  • Posted May 06, 2020 - 04:37 UTC
    This scheduled maintenance affected: Global Services (Data Center Selection  Services, Mobile Device Enrollment Service) and Portal & Reporting (API Services, Cloud Portal, Log Transfer Services, Management UI).