After a test in Test Environment the migrating PAM virtual machines from Vmware ESX on-premises to Azure VMware Solution (AVS), administrators observed a significant increase in network latency between PAM and the on-prem Active Directory, which could impact services relying on frequent AD communication.

This scenario involves PAM 4.2.1 VMs running on-premises, upgraded to hardware Vmware Vsphere version 13, and then vMotioned to AVS, with tests conducted in a QA (pre-production) environment.

The migration to a cloud environment (AVS) introduces a longer network path between PAM and on-prem AD, resulting in increased latency

It is recommended to thoroughly test all latency-sensitive features (especially those using AD) in a non-production environment before migrating to production; if session recordings are in use, place PAM nodes in Maintenance mode before migration to allow active sessions to complete gracefully, and be aware that support for this scenario is on a best-effort basis due to its undocumented nature.

A migration in this environment took roughly 3 hours, and although 43ms latency is typical for cloud-to-on-prem scenarios, it’s essential to monitor AD performance and replication times post-migration; also, always maintain current backups and perform post-migration validation.