After CloudSOC moved from AWS to the GCP platform, new CloudSOC IP ranges were needed.
As outlined in the GCP migration page, this is the current CloudSOC IP range:
The new securelisting consists of two actions: (1) firewall rule changes to allow connections to CASB ingress IP list and port numbers; (2) your Securlets and Gatelets SaaS applications access control changes to accept CASB egress IP list in those applications that restrict source IP addresses.
CASB Audit and Gateway customers have additional IP address ranges and port numbers to consider beyond the common new IP range 144.49.240.0/21; see the following table.
CASB Customer Features |
CASB Ingress IP List and Port Number |
CASB Egress IP List |
Apps to Accept Egress IP |
All CASB Customers |
144.49.240.0/21 Port 443 |
144.49.240.0/21 |
Securlet SaaS Apps |
Customers with Audit |
144.49.240.0/21 Port 22 if SFTP is used |
144.49.240.0/21 |
|
Google Cloud Storage service at port 443 if SpanVA is used |
|||
Customers with Gateway |
Gatelet SaaS Apps |
https://support.broadcom.com/external/content/product-advisories/Symantec-Information-Security-product-migration-to-the-Google-Cloud-Platform-Migration-What-you-need-to-know/16109