Each week, the CMS Cloud program provides a list of upcoming changes, maintenance windows, and updates to help customers build awareness and plan effectively and summarizes changes from the previous week.
This newsletter includes:
Completed change summary for the week of 2/27/2025
To learn details about previous changes please go to the News and Updates section on cloud.cms.gov. (Secure Access required)
For Patching and Gold Image release schedule please view :Patching and Gold Image Release Calendar - 2025
3/13/2025 - Tenable Security Center Minor Version Upgrade
Summary:
Maintenance on Tenable Security Center tool for upgrade from v.6.3.0 to v.6.5.1.
Actions we are taking:
Minor version upgrade to Tenable Security Center
When is this happening?
Start Time: Thursday, 3/13/2025 at 11:00 a.m. ET
End Time: Thursday, 3/13/2025 at 6:00 p.m. ET
Who will be impacted?
All AWS Commercial, AWS GovCloud, MAG and DRaaS accounts; all customers using Tenable tool.
What is the impact?
All customers may have scans delayed within all environments until the upgrade is complete. The customer impact to an outage is low as findings are still available in customer dashboards like Security Hub, Splunk, and Jira. Adhoc scan requests will be unavailable, but can be completed following a successful upgrade. Tenable scans will be halted until the upgrade process is complete. This change will occur during business hours to minimize the impact because most scans run outside of business hours.
3/15/2025 - Restart Production and Non-Prod HEC Servers
Summary:
In order to keep the environment performing well, the CMS Hybrid Cloud team will conduct maintenance on the Cloud instances of the Http Event Collector (HEC) infrastructure every Saturday, starting March 8th from 10 AM to 11:30 PM through May 31st.
Actions we are taking:
- Restart Production and Non-Prod HEC Services
When is this happening?
Start Time: Saturday, 3/15/2025 at 10:00 a.m. ET
End Time: Saturday, 3/15/2025 at 11:30 p.m. ET
Restarts will be every Saturday from 10:00 am ET through 11:30 PM ET until the End date/time.
Who will be impacted?
There is no expected impact to users.
What is the impact?
Restart Production and Non-Prod HEC Services - There is no anticipated downtime or impacts to the logging ingest process.
3/19/2025 - Non-Marketplace SSM patching - DEV/TEST/IMPL
Summary:
- Non-Marketplace DEV/TEST/IMPL
- SSM Linux & Windows Vulnerability Patching
Actions we are taking:
As part of our normal patching, the CMS Hybrid Cloud team will apply the latest Windows and Linux patches on Wednesday, 3/19/2025 at 5:00 p.m. ET. The week's patches will impact the DEV/TEST/IMPL environment for the affected Non-Marketplace applications noted below.
When is this happening?
Start Time: Wednesday, 3/19/2025 at 5:00 p.m. ET
End Time: Wednesday, 3/19/2025 at 11:00 p.m ET
Who will be impacted?
Reboot - CEDAR, Million Hearts, FFSDCS, RASS, OC Base- eLDAP, SC CLIA, NTP LMS, Spott MACBIS, MDP, OC Base- WNMG, NEIL/HRES, OC Base- EWST, MacFin, eAPD Hi-C, OC Base- CMS Cloud Legacy, OC Base- DevSecOps SecDevOps, iServ, MDP, PECOS2.0, SEI, NDW, OC Base- PWSS, TRA, CMS ARTS, MCIM, RAD Analysis Tools, MCIM, Perm, CMS Cloud - CRE, CMS Cloud - Enterprise Agile Tools, CMS Cloud tamer, CMS Cloud - CARD, CMS Cloud - ECS Fargate, CMS Cloud - Direct Connect, CMS Cloud - Jfrog SonarCube, CMS Cloud - DNS Prod, CMS Cloud - SRE, CMS Cloud - Governance 2.0, MEOWx, CMS Cloud - CloudBees Jenkins, CMS Cloud - CET, CMS Cloud - DevSecOps, CMS Cloud - Utilities, CMS Cloud - Testrail, CMS Cloud - CircleCI, CMS Cloud - Sam GSS Security GovCloud, SWIFT
No reboot - MEPBS, EACMS, MacPro, PS&R, RDS, OC Base- APIM GEO, 1115 PMDA, CMS Cloud - Governance 2.0, CMS Cloud - QuickDNS, CMS Cloud - CMSNet, CMS Cloud - CCG Web Content, CMS Cloud - Network Arch, CMS Cloud - VPC Automation, CMS Cloud - Security Team, CMS Cloud - CCG Web Content, CMS Cloud Temporal, CMS Cloud - Splunk, CMS Cloud - CET, AWS GSS Security GC, CMS Cloud - Splunk GovCloud Dev
What is the impact?
Patches will be transmitted to the affected areas. For some customers, reboots may occur depending upon the tags applied.
3/19/2025 - Marketplace SSM patching - DEV/TEST
Summary:
- Marketplace DEV/TEST
- SSM Linux & Windows Vulnerability Patching
Actions we are taking:
As part of our normal patching, the CMS Hybrid Cloud team will apply the latest Windows and Linux patches on Wednesday, 3/19/2025 at 5:00 p.m. ET. The week's patches will impact the DEV/TEST environment for the affected Marketplace applications noted below.
When is this happening?
Start Time: Wednesday, 3/19/2025 at 5:00 p.m. ET
End Time: Wednesday, 3/19/2025 at 11:00 p.m ET
Who will be impacted?
FFM_Opera, FFM_QAO XES - CyberArk, OCEAN, VAMS, TWS, XES - XOC Tools, SERVIS, FFM_Shared_Services, FFM MLMS, XES - MSI Tech Lab, FFM_FM, FFM_TWS, FFM_PM, XES - Service Virtualization
DSRS, FFM, FFM DSH, FFM EDI, FFM EFT, FFM ESDCU, MCR, FLH, OC Base- FLH, OC Base PET
What is the impact?
Patches will be transmitted to the affected areas. For some customers, reboots may occur depending upon the tags applied.
Need help? We are here to support you.
If you have any questions, don't hesitate to reach out to your assigned Hosting Coordinator. CMS IT Support can be reached via cloudsupport@cms.hhs.gov, or call (800) 562-1963, and is documented here at Support Page on cloud.cms.gov.
|
