Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Login Domain Name Change from mcafee.com to trellix.com

  1. Last updated
  2. Save as PDF

On January 17, 2023, from 3:30 - 09:30 UTC, Skyhigh Security and Trellix changed the Fully Qualified Domain Name (FQDN) of their site from mcafee.com to trellix.com. Both Skyhigh Security and Trellix use the trellix.com domain, as they have a shared login infrastructure. 

The information in this article also impacts Trellix products. For Trellix-specific information, see KB96089.

There is no transition or redirect for this change. It is a hard cutover. 

After January 17, 2023, 09:30 UTC, the following URLs have changed.

URL Change From  To  Redirect Impact Action
https://auth.ui.mcafee.com/
 		 https://auth.ui.trellix.com/ No Unable to access the product.
  • Update bookmarks after January 17, 2023.
  • Allow new URLs through your firewall before January 17, 2023.
https://login.auth.ui.mcafee.com
 		 https://login.auth.ui.trellix.com No SSO users are unable to access the product through their IDP.
  • SSO customers need to update the IDP configuration on January 17, 2023 (no earlier). See below for further guidance.
  • Allow new URLs through your firewall before January 17, 2023.
https://uam.ui.mcafee.com
 		 https://uam.ui.trellix.com No

Unable to access the users and roles page.
  • Allow new URLs through your firewall before January 17, 2023.
https://uam.mcafee-cloud.com  https://uam.api.trellix.com  No Unable to access the users and roles API.
  • Allow new URLs through your firewall before January 17, 2023.

 

What's My Impact?

Be aware of these use cases to make this change as seamless as possible. 

  • If You Sign In to the product with these URLs
    If you sign in to the product using the URLs above, and you have bookmarked your product's sign-in page, you'll need to update your bookmark. Skyhigh and Trellix will display a banner on the existing mcafee.com and trellix.com sign-in pages to update your bookmarks before the deadline.
  • If You Have Configured SAML or SSO and Use your Own IDP 
    If you have configured to use Single Sign-On to your own Identity Provider, you will need to change the Assertion Consumer Service URL  there from https://login.auth.ui.mcafee.com to https://login.auth.ui.trellix.com
  • If you have configured URLs in your firewall
    We will provide an updated list of URLs to allow in firewalls. See Add Domains or URLs to Allowlist for Skyhigh Security Cloud. 

Impact of Migration on Product Components

You may see the following results during the maintenance window due to the product migration:

Component Impact Recommendations
Secure Web Gateway
  • SWG itself and filtering traffic are not affected.
  • SWG Hybrid sync (sending on-premise policies the cloud) might return authentication errors during the maintenace window, but will recover automatically, and continue to synchronize once the authentication backend is back up.
  • The Log Download API might return authentication errors during the maintenance window, but will recover automatically once the authentication backend is back up.
  
DLP ePO
  • Incident sync will be delayed.
  • Classification and policy changes from ePO won't be synced with Cloud DLP. 
  • Sync will be resumed automatically once the maintenance window is over. 
  • We recommend not making any Classification or policy changes during the maintenance window. 
DLP Integrator
  • Fingerprints in process of being created or updated may fail. 
  • DLP Integrator installation and restart won't work during the maintenance window. 
  • We recommend not creating or updating fingerprints during the maintenance window. 
  • Regenerate the Index of any failed fingerprints. 
  • Don't install or restart the DLP Integrator during the maintenance window. 

 
Skyhigh Cloud Connector

 

If you experience any issues with the Cloud Connector during the maintenance window, we recommend that you restart Cloud Connector

Users who have subscribed to Cloud Connector Status notifications will receive emails if there are any disruptions in service.

For more information, contact Skyhigh Support.

 

Exempt a User from your IDP (Optional)

We recommend that you always exempt one or more members of your organization from the IDP so if a problem occurs, you still have access to the product. While these steps are not required, we recommend them so that you can retain access while you update your IDP configuration.

  1. Sign in to Skyhigh Security.
  2. Enter this URL in your browser: https://uam.ui.mcafee.com/idp_config.html#!/.
  3. Select the Exempt from SSO box next to one or more users with administrator privileges.
  4. Click Save Changes.
  5. Sign out of the product.
  6. Navigate to https://auth.ui.mcafee.com/

    NOTE: AfterJanuary 17, 2023, at 09:30 UTC, this URL will be https://auth.ui.trellix.com/
  7. Confirm that you can access the product using the user you exempted from SSO. 

Reconfigure your IDP

Before January 17, 2023, make sure you have at least one administrator account exempt from your IDP so you can continue to have access to the console until you can update your IDP configuration. After January 17, 2023, at 09:30 UTC update your IDP configuration to change the URL from https://login.auth.ui.mcafee.com to https://login.auth.ui.trellix.com

Here are explicit instructions for how to make this change in the Microsoft Azure admin portal.

These instructions are provided as an example as Azure is a common IDP. Instructions for other IDPs might be similar. For assistance, contact your IDP support team. 

  1. Sign in to the Azure admin portal.
  2. Select Manage Azure Active Directory.
  3. Select Enterprise Applications from the left-hand menu.
  4. From the list of Enterprise Applications, select the SAML App defined for the Trellix or Skyhigh product you are using.
  5. Select Setup Single Sign-On.
  6. Inside the Basic SAML Configuration section, click Edit.
  7. Modify the Reply URL (Assertion Consumer Service URL) to https://login.auth.ui.trellix.com/sso/saml2/<YOUR ID HERE>

The value in the URL after /sso/saml2 is unique to your tenant and must not be changed.

 

​Example:

  • Before: https://login.auth.ui.mcafee.com/sso/saml2/0oaguwse78gWdlhi02p7
  • After: https://login.auth.ui.trellix.com/sso/saml2/0oaguwse78gWdlhi02p7
  1. Modify the Default Relay State to https://auth.ui.trellix.com.

​    Example:

  • Before: https://auth.ui.mcafee.com
  • After: https://auth.ui.trellix.com
  1. Click Save
  2. Test your SAML Single Sign-On. 
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. domain
    2. McAfee
    3. Topic ID 289