Archer Community

Updated Dec. 8, 2017 - CONFIDENTIAL

(PDF for download attached below)

Due to Capgemini’s impending closure of the data centers used in the provision of U.S.-based RSA Archer Hosted Services, RSA will be changing providers and data center locations for its U.S.-based Hosted Services offering.

Q:  Why is Capgemini closing data centers?

A:   RSA does not comment on business decisions made by third parties.

Q:  Which Capgemini data center facilities used to provide RSA Archer Hosted Services are affected?

A:   The primary facility and geographically redundant warm site are both affected. These Capgemini data centers are located in Phoenix, AZ and Marlborough, MA, respectively.

Q:  Who has RSA selected as the new data center and managed services provider?

A:   RSA Archer has selected Virtustream as the new data center and managed services provider. Virtustream is an enterprise-class cloud service and software provider trusted by enterprises worldwide to migrate and run their mission-critical applications in the cloud. For more information about the company, visit www.virtustream.com.

Q:  Where are the Virtustream data centers located?

A:   The future primary data center facility for U.S.-based RSA Archer Hosted Services is located at:

7135 S. Decatur Blvd.

Las Vegas, NV 89118

The future geographically redundant warm site data center facility for U.S.-based RSA Archer Hosted Services is located at:

21110 Ridgetop Dr.

Sterling, VA 20166

Q:  When are the cutovers targeted to take place and how long will they take to complete?

A:   Please refer to the RSA Archer Customer/Partner Community on RSA Link (https://community.rsa.com/docs/DOC-79619) for information and the latest updates.

Access to the private RSA Archer Customer/Partner Community on RSA Link is restricted to registered members who are current RSA Archer customers and partners. Registration is a quick and easy two-step process:

1. Register an account on RSA Link at: https://community.rsa.com/welcome
2. Request access to the RSA Archer Customer/Partner Community at: https://emcinformation.com/389603/REG/.ashx

Q:  What audits/attestations are in place regarding the future RSA Archer Hosted Services?

A:   For the future U.S.-based primary data center facility in Las Vegas, NV:

• Positive auditor attestation for a SOC1, Type II audit
• Positive auditor attestation for a SOC2, Type II audit

For the future U.S.-based geographically redundant warm site data center facility in Sterling, VA

• Positive auditor attestation for a SOC1, Type II audit
• Positive auditor attestation for a SOC2, Type II audit

For Virtustream, as a managed services provider utilizing the aforementioned facilities to provide services to RSA:

• Positive auditor attestation for a SOC1, Type II audit
• Positive auditor attestation for a SOC2, Type II audit

For RSA, as a service provider to RSA Archer Hosted Services customers:

• Positive auditor attestation for a SOC2, Type II audit

Q:  How can I obtain due diligence information/materials that I might need as a result of this change?

A:   RSA is currently preparing a package of such information, and the timeline for availability of this information is forthcoming. Customers should contact their account representative to convey their interest in obtaining the package when it becomes available.

Q:  What, if anything, will change with regard to RSA Archer services, service levels, and security obligations?

A:   Nothing will change with regard to the services, service level objectives, or industry standard security approaches of the U.S.-based RSA Archer Hosted Services. Things RSA Archer Hosted Services does for you today are things RSA Archer Hosted Services will continue to do for you.

Q:  Will this change in provider and data centers affect the current pricing of my Hosted Services?

A:   No, there is no change in pricing as a result of this data center cutover.

Q:  Will the currently-hosted version of the RSA Archer GRC software change as part of the provider and data center changes?

A:   No, the software will not change. The current version of RSA Archer software will be maintained during this cutover.

Q:  Will the URL I use to reach my hosted instance(s) change when the provider and data centers change?

A:   No, the URL will not change. Your URL and existing links will continue to work.

Q:  If I use federation (Single Sign On) with my instance(s), will any federation reconfiguration be required to support the change in provider and data centers?

A:   No, there is no reconfiguration required.

Q:  Will external IP addresses change when the provider and data centers change?

A:   Yes. RSA has always recommended using and monitoring fully qualified domain names instead of IP addresses for whitelisting functions, as this allows IP addresses to be seamlessly changed. Information regarding the new IP addresses will be made published/distributed via DNS updates as part of the cutover.

Q:  Will data feeds change with this cutover?

A:  No, data feeds will not require any reconfiguration after the cutover.

Q:  Will the systems be accessible over IPv4 once cutover to the new provider and data centers?

A:   Yes, RSA Archer Hosted Services will continue to be IPv4 only.

Q:  Will SSL certificates change when the provider and data centers change?

A:  No, SSL certificates will not change. All SSL certificates will remain the same. If you have whitelisted or manually imported any certificates or certificate chains for communication with Archer, validation will continue to work.

Q:  Will the SSH host key used for data feed file upload via SFTP change when the provider and data centers change?

A:   Yes, the SSH host key will change. With this move, the SSH host key for SFTP connections will be upgraded to a new 2048-bit key in order to take this opportunity to improve our SFTP security posture.

      The new 2048-bit host key thumbprints are as follows:
      a. SHA256: QiFXQievbcXhe/VftqD7HPUKMFe9ujmAX9PswAtsH64=
      b. MD5: d5:9f:96:85:90:59:8c:9d:69:39:12:2e:b4:3c:63:92

Q:  What happens if users try to access the RSA Archer Hosted Services during a cutover to the new provider and data centers?

A:   Users attempting to access the RSA Archer GRC software while a cutover is in progress will see a message on-screen to alert them that it is not currently available.

Q:  Will there be any data loss during the cutovers facilitating the provider and data center changes?

A:   No, there will not be any data loss during cutovers. Prior to performing cutover activities, RSA will take the relevant Hosted Services offline such that no changes can be made to customer data during the cutover. Upon successful cutover, all customer data relevant to the specific environment (Non-Production or Production) will be just as it was prior to the cutover for that environment.