Beginning on February 5th, 2024, Broadcom will initiate a series of maintenance events to enable Agent Traffic Manager (ATM). The feature will be enabled on a per-tenant basis over a period of six weeks, until the expected completion date of April 18th, 2024.
Once rolled out, ATM improves the granularity of agent traffic interception to reduce the risk associated with adopting new capabilities like:
For more information, see the Agent Traffic Manager documentation.
If Cloud Firewall Service (CFS) is disabled in your tenant(s), you must disable all existing enabled CFS rules.
This action is necessary because the CFS-level enable/disable toggle is deprecated with the introduction of ATM and all enabled rules will become active by default.
Other use cases:
An example of a tenant where the Cloud Firewall Service is disabled but has an enabled rule:
Be sure to select all enabled CFS rules by checking the toggle next to each rule, disable or delete them, and then activate the policy.
Disabling the rules will not affect your active policy because CFS is disabled.
** In case, you have CFS Enabled and have any application running on ports 8080 and 8443.
When ATM is enabled for your account, it will start sending ALL traffic by default to Cloud SWG, therefore, you will need to add a new rule to Accept TCP/8080 and TCP/8443.
Contact technical support by visiting: https://support.broadcom.com/security if you need further assistance.