This information is subject to change. Please check back often for updates.
If you use the On-Premises SEPM managed solution only, the following information does not apply to you.
Symantec's integration into Broadcom has presented operational and business opportunities that will enable us to sharpen our focus on delivering industry-leading security software for our customers. To help accelerate our cloud roadmap and strengthen integrations within our portfolio, we are moving from Amazon Web Services (AWS) to the Google Cloud Platform (GCP) tentatively in early December 2020.
1. What are the benefits of this migration?
Accelerated development of transformational cloud services.
Reduced latency for service-to-service communications.
Virtually infinite scale and improved resilience.
Strengthened infrastructure compliance certifications.
Reduced reliance on congested public internet routes.
To achieve this, Symantec’s cloud services that currently operate in a combination of co-located data centers and AWS will migrate to GCP. This seamless transition will provide significant customer value and simplification of our operational environment. We want to stress that our applications are not changing; only the underlying infrastructure is changing.
2. What you need to do
A refreshed version of the SEP14.3 MP1 (14.3.1169.0100) agent that fully supports GCP is available now. You can download the installation media from the Broadcom Download Center. The Symantec Agent is also available for auto-upgrade now using the pre-release channels.
Based on your feedback, we are extending support for the agent versions prior to 14.3MP1 as we understand that agent upgrades may require more planning and can take more time. Support for versions prior to 14.3MP1 will be extended on GCP until March 31, 2021.
We recommend that you move to the latest version of the SEP agent as soon as possible in order to get the latest fixes, better performance, and to make sure the agent continues to function as expected.
You must upgrade to SEP14.3 MP1 (14.3.1169.0100) or newer by March 31, 2021 to avoid the following:
No support for Get Files from endpoints for Cynic/Sandbox integration.
Failure to update file and application inventory from the endpoints.
Data from a hybrid-managed SEPM will not synchronize with the cloud console.
In support of the migration, a new set of URLs have been published. You must allow these URLs if you use a proxy server or perimeter firewall in your network. More details are here: URLs that allow SEP and SES to connect to Symantec servers
NOTE: If you haven't already done so, subscribe to notifications at https://status.broadcom.com/. Find your product and click "Subscribe." This subscription will alert you to the GCP cutover activity, and the timeline of migration.
3. Expected downtime
We are expecting 8 - 12 hours of downtime for the migration from AWS to GCP. This downtime will take place over a weekend to minimize impact to our customers; we will provide further information in subsequent updates. Notifications are also sent to those who are subscribed to the status update page.
4. Expectation during downtime
The expected behavior during downtime is as follows:
Management Console - https://sep.securitycloud.symantec.com/
Will be inaccessible during the downtime.
Device, device-group, policy management will not be available.
Reports, Alerts and tasks won’t be generated during the maintenance window.
All the scheduled and dynamic activities will recover after the maintenance window.
Will continue to be protected and will get the latest definitions from the live update server.
Will not be able to request new policy changes.
Will not be able to publish events or telemetry during that time, although submissions will restart after the maintenance window with no data loss.
Enrollments for new endpoints won’t be available. These activities will restart after the maintenance window.
APIs will not be accessible during the maintenance window. SIEM integrations will not be able to fetch events during the window. However, no events will be lost and they will be available after the maintenance window, with the export API.
Post-maintenance, all of the supported endpoints are expected to switch transparently to the GCP environment and should function normally without external intervention.
5. What will be migrated?
Symantec Endpoint Security and Symantec Endpoint Security Complete.
6. What is the migration timeline?
The migration is expected to be complete in early December 2020. We will provide more information in subsequent updates.
7. Where is the GCP data center for Symantec located?
South Carolina (US-EAST1).
8. Does Symantec have any plans to use any other GCP regions outside of the US and Europe?
Symantec's current priority will be to migrate existing infrastructure to GCP infrastructure in the same regions where we are located today. There are no near-term plans to expand to any new locations, but Symantec continues to monitor market demand.
9. Why GCP?
Google is the world's largest and most diverse hyper-scale cloud application provider. Their powerful network and platform technologies will benefit all of Symantec's cloud-delivered services. Google's high-speed network on-boards customer-to-SEP traffic closer to the end user, reducing reliance on congested public internet routes. Google’s platform is capable of delivering virtually unlimited compute on-demand, significantly increasing our ability to scale quickly to meet customer needs.
Other key features:
All the security controls built into Symantec Endpoint Security and Symantec Endpoint Protection today will be carried into GCP.
GCP POPs meet FedRAMP and many other diverse compliance standards.
Broadcom environment in GCP will be fully isolated from other tenants.
GCP is trusted by leading brands, including large financial institutions.
10. In simple terms, what does this migration mean?
Put simply, we are moving to a new data center provider that also provides compute and network infrastructure. This move removes the need to manage physical infrastructure, which lets us focus more on our core business.
11. Can I subscribe to notifications
If you haven't already done so, subscribe to notifications at https://status.broadcom.com/. Find your product and click "Subscribe." This subscription will alert you to the maintenance activity on the cloud portal.
For more information regarding the Status page please visit: https://knowledge.broadcom.com/external/article?legacyId=INFO4285
Your support contacts can provide additional information should you have other questions regarding this migration.