Change in pod IP addresses for IICS Sandbox (PRE-RELEASE)

Version 1

    As part of our continuous infrastructure improvement, Informatica Intelligent Cloud Services is reducing the number of IP addresses needed to be allowed in your company’s firewall. Please find the current list at the bottom for reference that will be replaced with the 2 IP addresses.

     

    With the new update, any new node additions in the future will not need additional IP addresses to be allowed on your firewall. This change will be effective as of 16th Nov for your pod.

     

    The Identity Service and Package Dependency Manager IP addresses are not impacted by this change and should remain allowed.

     

    Please allow these IP addresses on your organization firewall no later than 15th Nov to avoid any service disruption.

     

    New Primary IP Addresses to be added:

    15.197.208.76

    3.33.244.205

     

     

    URL to test if the site is accessible:

    https://usw1-testing.dmr-us.informaticacloud.com/

     

     

     

    Frequently Asked Questions:

     

    Q: Is my organization impacted?

    A: If your organization needed to allow specific IP addresses for outbound communication in the past to access IICS, then you will need to allow these new IP addresses as well. These 2 new IP addresses replace the existing IP address list.

    If you never had to allow IP addresses for outbound communication on port 443 or if you allow traffic based on domain names (*.informaticacloud.com and *.informatica.com) then NO further action is needed.

     

    Q: Which IICS POD is impacted by this?

    A:This is applicable for Sandbox (PRE-RELEASE) pod.

     

    Q: Is there a deadline for making this change?

    A: YES, November 15th.

     

    Q: Why are these IPs needed?      

    A:  These IPs are static and will ensure you do not have to add additional IPs in case IICS needs to scale up with additional nodes.

     

    Q: What will be the impact of not allowing these additional IP addresses?

    A: There will be service disruption. Secure agent services and UI accessibility via browser will be impacted.

     

    Q: Do we need to remove IP addresses allowed earlier?

    A: You can remove them from firewall allow list after November 30th 2021.

     

    Q: How to test connectivity to the new site ?

    A: To test connectivity one can run "curl" or "telnet" from the Secure Agent machine. ("curl" can be also downloaded from: curl - Download )

    Example outputs are below:

     

    Please run:

    curl -v https://usw1-testing.dmr-us.informaticacloud.com/

    or

    telnet usw1-testing.dmr-us.informaticacloud.com 443

     

    If connected, the above commands would show the same:

     

    Curl example output: (Please IGNORE ssl related messages)

    curl -v https://usw1-testing.dmr-us.informaticacloud.com/

    * Rebuilt URL to: https://usw1-testing.dmr-us.informaticacloud.com/

    *   Trying 15.197.208.76...

    * TCP_NODELAY set

    * Connected to usw1-testing.dmr-us.informaticacloud.com (15.197.208.76) port 443 (#0)

     

    Telnet Example output:

    telnet usw1-testing.dmr-us.informaticacloud.com 443

    Trying 15.197.208.76...

    Connected to ace005701b6837a92.awsglobalaccelerator.com.

     

     

    Q: Who do we need to work with to allow these IPs?

    A: These IPs are to be allowed on your organization firewall/proxy. Hence, please contact your organization's IT/Network administrators who manage the firewall/proxy configurations.

     

     

    Current list of IP addresses that can be removed after November 30th 2021:

    https://knowledge.informatica.com/s/article/629498

     

    35.165.141.163
    54.148.210.92
    54.189.222.109
    34.215.246.130
    34.213.89.5
    54.68.80.56