Login Domain Name Change from mcafee.com to trellix.com
On January 17, 2023, from 3:30 - 09:30 UTC, Skyhigh Security and Trellix changed the Fully Qualified Domain Name (FQDN) of their site from mcafee.com to trellix.com. Both Skyhigh Security and Trellix use the trellix.com domain, as they have a shared login infrastructure.
The information in this article also impacts Trellix products. For Trellix-specific information, see KB96089.
There is no transition or redirect for this change. It is a hard cutover.
After January 17, 2023, 09:30 UTC, the following URLs have changed.
URL Change From | To | Redirect | Impact | Action |
---|---|---|---|---|
https://auth.ui.mcafee.com/ |
https://auth.ui.trellix.com/ | No | Unable to access the product. |
|
https://login.auth.ui.mcafee.com |
https://login.auth.ui.trellix.com | No | SSO users are unable to access the product through their IDP. |
|
https://uam.ui.mcafee.com |
https://uam.ui.trellix.com | No |
Unable to access the users and roles page. |
|
https://uam.mcafee-cloud.com | https://uam.api.trellix.com | No | Unable to access the users and roles API. |
|
What's My Impact?
Be aware of these use cases to make this change as seamless as possible.
- If You Sign In to the product with these URLs
If you sign in to the product using the URLs above, and you have bookmarked your product's sign-in page, you'll need to update your bookmark. Skyhigh and Trellix will display a banner on the existing mcafee.com and trellix.com sign-in pages to update your bookmarks before the deadline. - If You Have Configured SAML or SSO and Use your Own IDP
If you have configured to use Single Sign-On to your own Identity Provider, you will need to change the Assertion Consumer Service URL there from https://login.auth.ui.mcafee.com to https://login.auth.ui.trellix.com. - If you have configured URLs in your firewall
We will provide an updated list of URLs to allow in firewalls. See Add Domains or URLs to Allowlist for Skyhigh Security Cloud.
Impact of Migration on Product Components
You may see the following results during the maintenance window due to the product migration:
Component | Impact | Recommendations |
---|---|---|
Secure Web Gateway |
|
|
DLP ePO |
|
|
DLP Integrator |
|
|
Skyhigh Cloud Connector |
|
If you experience any issues with the Cloud Connector during the maintenance window, we recommend that you restart Cloud Connector. Users who have subscribed to Cloud Connector Status notifications will receive emails if there are any disruptions in service. For more information, contact Skyhigh Support. |
Exempt a User from your IDP (Optional)
We recommend that you always exempt one or more members of your organization from the IDP so if a problem occurs, you still have access to the product. While these steps are not required, we recommend them so that you can retain access while you update your IDP configuration.
- Sign in to Skyhigh Security.
- Enter this URL in your browser: https://uam.ui.mcafee.com/idp_config.html#!/.
- Select the Exempt from SSO box next to one or more users with administrator privileges.
- Click Save Changes.
- Sign out of the product.
- Navigate to https://auth.ui.mcafee.com/
NOTE: AfterJanuary 17, 2023, at 09:30 UTC, this URL will be https://auth.ui.trellix.com/ - Confirm that you can access the product using the user you exempted from SSO.
Reconfigure your IDP
Before January 17, 2023, make sure you have at least one administrator account exempt from your IDP so you can continue to have access to the console until you can update your IDP configuration. After January 17, 2023, at 09:30 UTC update your IDP configuration to change the URL from https://login.auth.ui.mcafee.com to https://login.auth.ui.trellix.com.
Here are explicit instructions for how to make this change in the Microsoft Azure admin portal.
These instructions are provided as an example as Azure is a common IDP. Instructions for other IDPs might be similar. For assistance, contact your IDP support team.
- Sign in to the Azure admin portal.
- Select Manage Azure Active Directory.
- Select Enterprise Applications from the left-hand menu.
- From the list of Enterprise Applications, select the SAML App defined for the Trellix or Skyhigh product you are using.
- Select Setup Single Sign-On.
- Inside the Basic SAML Configuration section, click Edit.
- Modify the Reply URL (Assertion Consumer Service URL) to https://login.auth.ui.trellix.com/sso/saml2/<YOUR ID HERE>
The value in the URL after /sso/saml2 is unique to your tenant and must not be changed.
Example:
- Before: https://login.auth.ui.mcafee.com/sso/saml2/0oaguwse78gWdlhi02p7
- After: https://login.auth.ui.trellix.com/sso/saml2/0oaguwse78gWdlhi02p7
- Modify the Default Relay State to https://auth.ui.trellix.com.
Example:
- Before: https://auth.ui.mcafee.com
- After: https://auth.ui.trellix.com
- Click Save.
- Test your SAML Single Sign-On.