The Broadcom authentication systems used by Symantec cloud product administrators will transition to a new technology in 2025.  There are two types of authentication experience: federated and non-federated. 

• You are a “federated user” if you use your corporate credentials to log into Symantec cloud product portals/consoles. 
• You are a “non-federated” user if you enter credentials directly into the Broadcom Login service or a product portal when accessing a cloud-based management interface. 

Symantec Cloud Services, integrated with Broadcom Login, will start switching to new infrastructure in mid-January 2025.  

The new authentication platform will be hosted at access.broadcom.com.  For federated users, there will be a three (3) month transition period where both old and new configurations will function for federated customers.   Federated configurations should be updated by the end of April 2025.

In January, non-Federated users will be asked to configure a new password in the access.broadcom.com system.  Broadcom will email individual user migration schedules in batches.  The full transition of non-Federated users is expected to complete in April 2025.  

Q:  What is changing?

A:  As part of Broadcom’s ongoing system updates, the underlying technology of the common login service will be replaced.  The current technology hosted at login.broadcom.com is used for administrator authentication by most of the Symantec Cloud Services.  The new system hosted at access.broadcom.com will be activated for Symantec customers in January 2025.

Q:  What are the key dates?

A:  In mid-January 2025, Symantec’s shared platform will deploy an update enabling Federated customers to begin using the access.broadcom.com service.  Symantec asks those customers to complete the reconfigurations to use access.broadcom.com during the transition window of January 2025 to April 28th, 2025.  Non-Federated customers should expect notifications with instructions from Broadcom on converting their accounts in January 2025.  Throughout the transition periods, both old and new systems will continue functioning.  

Q:  How will administrator authentication change during the transition window?

A:  Following the Symantec platform update, customer administrators will automatically be redirected to the new authentication system.  If necessary, the authentication flow will revert to the current login.broadcom.com.  For Federated customers, a brief notice may be displayed during the redirection.  

Q:  How will administrator authentication be affected after the old Login.Broadcom.com technology is deprecated? 

A:  After April 28th, 2025, the previous login.broadcom.com technology will be retired.  At that time logins still dependent on the old technology will fail.  For Symantec cloud products the impact will be loss of access to the management portals/consoles.  The products themselves will continue to function based on the current configurations.  API-based management will not be affected. 

Q:  What is the recovery process if a customer/user misses this transition window?

A:  In general, completion of the transition steps will be sufficient to re-establish authentications.  Federated customers can re-establish federation by updating their Identity Provider (IdP) configuration to trust the access.broadcom.com service.  Non-federated customers will still be able to reset their passwords as described in the transition notifications.  As always, Symantec Support remains available to assist as needed.

Q:  If my customer is not currently federated, should this be configured before the transition?

A:  Only if necessary.  Federations configured before the transition period will require re-establishment of trust during the transition window.  For this reason, it is recommended new federations be deferred until the new Broadcom authentication system is available, in January 2025.    Customers may implement the federation of most Symantec cloud products via the shared platform configuration UI (https://techdocs.broadcom.com/us/en/symantec-security-software/cloud-console/accounts/cloud-portal/identity-provider-page.html).  

Q:  What are the configuration details related to switching federation trust?

A:  Specific meta-data and configuration steps for common IdP vendors will be made available ahead of the transition window.  

Q:  What changes are needed in my network? 

A:  For most networks no changes are needed.  However for organizations with highly restricted internet access, please update permissions to allow access.broadcom.com.

Q:  When will access.broadcom.com be resolvable?

A:  access.broadcom.com is DNS resolvable now.  The system is in production use for certain Broadcom products already.  

Q: On which dates does a customer need to re-configure the IdP Federation with Broadcom to keep access?

A:  UPDATE:   The transition window for IdP federation configuration changes has been shifted to mid-January 2025 through April 2025 (three months). 

Q:  Will this change authentication to the support.broadcom.com portal?

A:  Yes.  Authentication to support.broadcom.com also uses the Broadcom Login system and will be transitioning on the same schedule.  However, IdP federation of support.broadcom.com is independently configured from product federations.  If a customer was previously non-federated for the Support portal they will remain so after the transition.