FAQs About Extended FQDNs in Skyhigh Security Products

Last updated
Save as PDF

Skyhigh is migrating its remaining McAfee extended FDQNs and URLs in all its products as part of divestiture. Starting September 30, 2024, all remaining extended fully qualified domain names will transition from mcafee.com to the following domains:

skyhighsecurity.com
skyhigh.cloud
trellix.com

This transition is a crucial step in our ongoing efforts to improve our products and services. Failure to update the remaining extended fully qualified domain names from mcafee.com by September 30, 2024, will result in a significant impact on functionality, as we will no longer be supporting McAfee domains after September 30, 2024.

Below is a list of all impacted products and its recommended actions to continue the usage of Skyhigh Securtity services. Failure to upgrade to the recommended versions before September 30, 2024 will result in loss of functionality.

Products Affected:

Secure Gateway for On-Prem
Skyhigh Client Proxy (SCP)
Skyhigh Private Access
CASB
DLP
Content Security Reporter (CSR)
Logging Client

SWG On-Prem

All versions below 11.2.16 (EOL announced)

Recommended action: Upgrade all SWG appliances to version 12.2.3 or later

Please refer to this page for SWG EOL versions

SCP

All versions below 4.5.2 (EOL announced) & policies pointing to old McAfee domains
Any SCP version (4.5.2+) but policies still pointing to old McAfee domains

Recommended actions: Customers are strongly recommended to refer to this KB article to understand the scenarios better & plan their action items.

If you are using an SCP version prior to 4.5.2, upgrade all SCP versions to 4.8.1 or later & make sure that the policies are pointing to Skyhigh domains & not to the old McAfee domains
If you are using an SCP version greater than 4.5.2, please make sure that the policies are pointing to the new Skyhigh domains and not to the old McAfee domains. It is recommended to upgrade the SCP to 4.8.1 or later.

Please refer to this page for SCP EOL versions

Private Access

Connector V1
Skyhigh Client (Android, iOS)

Recommended action:

Upgrade to V2 version of connector.
Upgrade to Android Client (3.0.7 or later); iOS Client version to be updated soon.

Skyhigh CASB, DLP

The authentication workflow to access the APIs will need to be modified to use the new Skyhigh URL instead of the existing McAfee URL. The API functionality is not impacted.

Recommendations: Customers are recommended to modify scripts to use the new domains for IAM to obtain user tokens.

Content Security Reporter
- All versions below 2.9.2

Recommended action: Upgrade to version 2.9.2 or later.

Secure Web Gateway for On-Prem

Customer Impact:

Communication failures to GTI services
Communication failure for AV and URL updates
Not changing the web hybrid address after the update will result in policy synchronization issues once the legacy domain is shut down.

Recommendations: Customers are recommended to upgrade 12.2.3 or later firmware versions

McAfee FQDN	Replacement FQDN	Impacted Product Versions	Customer Action Items before September 2024
*.gti.mcafee.com	http://swg.repl.gti.trellix.com/	All versions below 11.2.16	Upgrade to 12.2.3 or later firmware versions https://success.skyhighsecurity.com/Skyhigh_Secure_Web_Gateway_(On_Prem)/Troubleshooting/Migration_to_Skyhigh_FQDN
tau.mcafee.com	tau.skyhigh.cloud	All versions below 11.2.16	Upgrade to 12.2.3 or later firmware versions https://success.skyhighsecurity.com/Skyhigh_Secure_Web_Gateway_(On_Prem)/Troubleshooting/Migration_to_Skyhigh_FQDN
*.wgcs.mcafee-cloud.com	*.hybrid.skyhigh.cloud	All versions below 11.2.16	Upgrade to 12.2.3 or later firmware versions https://success.skyhighsecurity.com/Skyhigh_Secure_Web_Gateway_(On_Prem)/Troubleshooting/Migration_to_Skyhigh_FQDN

Secure Web Gateway for Cloud

Customer Impact:

Access to SWG APIs by obtaining user token from IAM and used in customer automation is affected if scripts using the old domains are not migrated. Customers should also use replacement FQDN in their web policy scripts

Recommendations: Customers are recommended to

Modify scripts to use the new domains for IAM to obtain user tokens.
Modify scripts to use the new domain for Web policy configuration changes

McAfee FQDN

Replacement FQDN

Customer Action Items before September 2024

iam.mcafee-cloud.com

webpolicy.cloud.mvision.mcafee-cloud.com

iam.skyhigh.cloud

webpolicy.cloud.mvision.skyhigh.cloud

Update scripts using this service to get access tokens.
Modify scripts to use the new domain for Web policy configuration changes

Skyhigh Client Proxy (SCP)

Impacted SCP Versions:

All versions below 4.5.2
SCP version below 4.5.2 & policies pointing to old McAfee domains
Any SCP version with policies still pointing to old McAfee domains

Customer Impact:

Customer who falls under any of the above 3 categories and is using the impacted Skyhigh Client Proxy (SCP) versions with policies still pointing to the old McAfee domains & does not follow the recommended actions before September 30, 2024, they run the risk of going offline resulting in end-user connectivity issues.

Recommendations: Customers are strongly recommended to upgrade to 4.8.1 or later & refer to this KB article for more information on the action items that they need to plan for.

McAfee FQDN

Replacement FQDN

Impacted Product Versions

Customer Action Items before September 2024

*.wgcs.mcafee-cloud.com

*.wgcs.skyhigh.cloud

All versions below 4.5.2

Recommended to upgrade version 4.8.1 or later & check the policies to confirm that none of the policies are pointing to old McAfee domains.

For more information refer the below KB article:

https://success.skyhighsecurity.com/...d_FQDN_for_SCP

Skyhigh Private Access

Impacted Versions:

Connector V1
Skyhigh Client (Android, iOS)

Customer Impact:

Access to Private application will be affected if Connector, Skyhigh Client (iOS, Android) not upgraded

Recommendations: Customers are recommended to

Upgrade to Connector V2
Upgrade to latest Skyhigh Client Android (3.0.7 or higher). iOS Client version to be updated soon.
Use new Private Access Launchpad URL

McAfee FQDN	Replacement FQDN	Impacted Product Versions	Customer Action Items before September 2024
*.wgcs.mcafee-cloud.com	*.pa-wgcs.skyhigh.cloud mobile.skyhigh.cloud (for Skyhigh Client)	Connector V1 Skyhigh Client (Android, iOS)	Upgrade to Connector V2 Upgrade to latest Skyhigh Client Android (3.0.7 or higher). iOS Client version to be updated soon.
api.wgcs.mcafee-cloud.com	api.wgcs.skyhigh.cloud	PA Launchpad / Dashboard	Refer to Mindtouch KB for the latest steps

CASB, DLP

Customer Impact:

The changes in FQDN impacts the access to CASB and DLP APIs due to the change in the authentication workflow. The URLs to obtain the access token will change from a McAfee FQDN to a Skyhigh branded FQDN (given in the table below). Post authentication, the functionality of the APIs will remain the same. Customers who are using these APIs to extract data from Skyhigh either on a one-off basis or using automation scripts will need to update the authentication FQDNs as listed below. List of publicly available CASB and DLP APIs is available here - https://success.skyhighsecurity.com/Skyhigh_SSE_APIs

Recommendations: Customers are recommended to modify scripts to use the new domains for IAM to obtain user tokens.

McAfee FQDN	Replacement FQDN	Customer Action Items before September 2024
iam.mcafee-cloud.com	iam.skyhigh.cloud	Update scripts using this service to get access tokens.

Content Security Reporter (CSR)

Recommendation: Customers are recommended to upgrade to CSR 2.9.2 and later.

Logging Client

Recommendation: Customers are recommended to use Logging Client 2.0.1 and later.