Close popover

Table of Contents

Network migrations: benefits and impacts

The latest Pega Cloud Services infrastructure supports an enhanced network topology that uses allow list configurations for your Virtual Private Cloud (VPC).

The new network topology enables you to scale by adding new networks and environments without requiring subsequent allow list reconfigurations on your enterprise network. This requires a one-time Pega Cloud network migration for your environments, allowing you to take advantage of the Pega seamless infrastructure maintenance using the new network topology.

The network migration does not impact clients who do not add connections to their firewall allow list in their enterprise network or those who do not use the above allow list configurations. All existing clients must answer the questionnaire to consent to the migration. New clients automatically receive the new network topology and do not need to answer the questionnaire.

For verification consent purposes, you must answer a Pega-provided questionnaire to determine if your current allow list configurations require changes to support the new network topology. If the new network topology does not support your allow list configuration, Pega Cloud Services will work with you to ensure that your environment connectivity meets its required reconfiguration. After you verify that your allow list reconfigurations meet the requirements for the new network topology and consent to the migration, Pega Cloud Services completes the migration using a zero-downtime process.

For more information about allow list configurations, see Configuring public access between your Pega Cloud environment and your enterprise network.

Benefits of Pega Cloud Services network migration

Changes to your environments take effect following the network migration. The benefits of the enhanced network to the infrastructure include the items detailed below:

  • Use of a more reliable and scalable Pega Cloud network infrastructure
  • Enhances security of your underlying network infrastructure
  • Enhances the stability of the software upgrade and patch and infrastructure update processes

For more information, see Pega Cloud Services maintenance and types of system updates.

Network migration planning considerations

The Pega Cloud network migration impact clients with the following allow list configurations:

  • Inbound traffic from isolated environment types (Development, Staging, Production) from your Pega Cloud environment to your enterprise network.
  • Inbound traffic from fully isolated environments of the same type (Development 1, Development 2) in your Pega Cloud environment to your enterprise network.
  • Outbound traffic from your enterprise network to the Pega Cloud SFTP service to your Pega Cloud environment.

Pega Cloud Services proactively contacts you to plan the network migration to the new network topology. This communication includes a questionnaire that Pega uses to determine if you use the above allow list configurations. In order for the migration to proceed, you must reconfigure these allow lists. To see the questionnaire, see Preparing for the network migration questionnaire below.

For more information about allow list configurations, see Configuring public access between your Pega Cloud environment and your enterprise network.

Pega Cloud environments no longer supports placing individual environments of the same type (Devtest1, Devtest2) on separate allow lists after the network migration. For more information, see Network migration FAQ.

Clients should plan to complete the following processes in order to proceed with the migration:

  • Share the questionnaire with your enterprise network administrator and other relevant stakeholders to collaborate with Pega Cloud Services in determining allow list reconfiguration requirements for the network migration to proceed.
  • Plan for the zero-downtime network migration to proceed within your next standard maintenance window.
  • Clients who must reconfigure any of their allow lists must complete the following tasks:
    • Reconfigure your allow lists using the new Pega-provided static IP addresses.
    • Confirm with Pega Cloud Services that you updated your allow lists.
    • Remove previously-used IP addresses for your Pega Cloud environment from the allow list.

If the network migration does not impact your allow list configurations, you still must answer the questionnaire to provide consent for the migration to proceed.

Pega responsibilities

During a network migration, Pega Cloud Services performs the following tasks:
  • Coordinates with the client to facilitate any required client-side networking changes to support the network migration.
  • Sends the client a questionnaire via email correspondence to determine if they require allow list reconfigurations for the migration to proceed.
  • If the client must reconfigure their allow list, Pega accomplishes the following tasks:
    • Shares a set of new static IP addresses for the client to place on an inbound allow list to minimize impact to their network during the migration.
    • For clients who added their SFTP connection to an allow list, provides the client with a new static IP address for their SFTP service.
    • Confirms with the client that new static IP addresses are placed on an allow list.
    • After the migration, shares a list of static IP addresses with the client that are no longer associated with the Pega Cloud environment for the client to remove from their enterprise network allow list.

Client responsibilities

To ensure the process maintains zero-downtime to transfer Pega Cloud environments to the new network topology, clients must perform the following tasks:

References to client enterprise networks include integrations with third-party vendors and partners.
  • Respond to Pega Cloud Services questionnaire that asks for the required enterprise network information.
  • Confirm a standard maintenance window with Pega Cloud Services to execute the network migration.
  • For all of your environments that require an allow list reconfiguration, complete the following tasks:
    • Obtain necessary approvals from network administrators and other relevant stakeholders regarding inbound allow list changes to Pega Cloud environments.
    • For clients who added their SFTP connection to an allow list, update the allow list with the new SFTP static IP address.
    • Prior to the migration, update the allow list with the new Pega-provided static IP addresses.
    • Confirm with Pega that you updated your allow lists.
    • After completing the migration, remove the static IP addresses provided by Pega Cloud Services in the correspondence for your enterprise network inbound allow list.

Preparing for the network migration questionnaire

Pega Cloud Services sends the network migration questionnaire to all existing clients. The following table presents the content of the questionnaire and the implication of your reply to the email correspondence. Clients should review the table to understand which scenarios require network reconfigurations, and what actions you must complete before Pega Cloud proceeds with the migration. All clients who do not need any allow list reconfigurations must confirm this and approve the migration to proceed with the network migration.

Question If yes: If no:
Does your current inbound allow list distinguish traffic coming from different Pega environments (Devtest, Staging, Production)? Respond to the request with the following details:
  1. Provide the reason why you need to distinguish traffic instead of using a general allow list for all environments.
  2. State what specific environment types they want to place on an allow list.
Pega Cloud Services sends you new static IP addresses for your specific Pega Cloud environments.
  1. Prior to the migration, reconfigure all your network allow lists to the new Pega-provided static IP addresses for the specific environment types.
  2. Confirm with Pega Cloud Services via email that you added the new static IP addresses to your allow list.
  3. After the migration, remove IP addresses from your network that Pega Cloud Services did not use to connect to specific environments on Pega Cloud.
Pega Cloud Services sends you new static IP addresses for your Pega Cloud environment.

After receiving the static IP addresses, perform the following tasks:

  1. Prior to the migration, reconfigure all your network allow lists to the new Pega-provided static IP addresses.
  2. Confirm with Pega Cloud Services via email that you added the new static IP addresses to your allow list.
  3. After the migration, remove IP addresses from your network that Pega Cloud Services did not use to connect to each environment on Pega Cloud.
Does your current inbound allow list distinguish traffic between environments of the same type (such as Devtest 1 and Devtest 2)? Update your inbound allow list to permit traffic that does not distinguish between individual environments of the same type coming from your Pega Cloud environment. Pega Cloud Services sends you new static IP addresses for your Pega Cloud environment.

After receiving the static IP addresses, perform the following tasks:

  1. Prior to the migration, reconfigure all your network allow list to new Pega-provided static IP addresses.
  2. Confirm with Pega Cloud Services through email that you added the static IP addresses to your allow list.
  3. After the migration, remove IP addresses from your network that Pega Cloud Services did not use to connect to each environment on Pega Cloud.
Does your outbound allow list from your enterprise network include your Pega-provided SFTP service IP address? Pega Cloud Services sends you a new static IP address for your SFTP connection.

After receiving the SFTP static IP address, perform the following tasks:

  1. Prior to the migration, reconfigure your SFTP connection to a new Pega-provided SFTP static IP addresses.
  2. Confirm with Pega Cloud Services via that you added the connection to your allow list to the request that Pega sent you.
Pega can perform the network migration without any further changes on your behalf.

After the client provides their network information, Pega Cloud Services can effectively plan and execute a seamless migration process. For frequently asked questions about the network migration, see Network migration FAQ.

Suggest Edit

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.