Migration of Carbon Black EDR Cloud Services from AWS to GCP (Alliance IP Change)
search cancel

Migration of Carbon Black EDR Cloud Services from AWS to GCP (Alliance IP Change)

book

Article ID: 410888

calendar_today

Updated On:

Products

Carbon Black EDR

Issue/Introduction

Alliance migration from AWS to GCP will change the IP address.

  • Potential disconnect to Alliance for those using IP for communication vs FQDN
  • Temporary "Threat Intel Not Connected" in the server dashboard. 

Environment

  • Carbon Black EDR: All Versions
  • Alliance/Threat Intelligence

Resolution

Carbon Black EDR on-premises: Migration of cloud services used to provide threat intelligence from AWS to GCP 

Carbon Black EDR on-premises threat intelligence feeds and endpoint process binary data stored in the cloud will be migrated from AWS to Google Cloud Platform (GCP).

Required Action for On-Premises Carbon Black EDR Customers
To ensure uninterrupted access to threat intelligence feeds and threat analysis services, on-premises Carbon Black EDR customers with restrictive firewall rules (default deny) must allowlist the following IP address no later than October 6, 2025:


35.196.247.169

This change ensures that the Carbon Black EDR server can continue to communicate with cloud services for enhanced detection, visibility, and analysis.

Impacted DNS Names

The following DNS names will be resolved to the above IP address once we migrate to GCP:

  • threatintel.bit9.com
  • intel.threatintel.carbonblack.io
  • api.alliance.carbonblack.com

 

Support

For further details or assistance, please contact Broadcom ESG Support.

Frequently Asked Questions (FAQs)
1. Why are you migrating the cloud services used to provide threat intelligence  to a new cloud platform?
We are migrating the services needed to provide threat intelligence from AWS to GCP to enhance security, improve system performance, and ensure higher availability for our customers. 

2. Will the migration cause downtime of product functionality?

Yes, a short period of downtime may be incurred while we complete the migration. We will schedule this during non-peak hours to minimize the impact to our customers.

3. How long will the downtime last?

We expect the downtime to be limited (typically 8-10 hours). The exact maintenance window will be communicated in advance with clear start and end times.

4. Will my data be affected during the migration?

Only binary file data will be impacted. All customer binary file data up to one year of age will be preserved and securely migrated. 

5. Do I need to make any changes on my end?

Yes, you need to allowlist IP address 35.196.247.169 if you wish to maintain your connection to the cloud services that are used to provide threat intelligence.

6. Who do I contact if I experience issues after the migration?

If you encounter any problems, please contact customer support for immediate assistance.

Additional Information

Powered by Wolken Software