Thales Data Protection on Demand 

https://thalesdocs.com/dpod/support/changelog/index.html

Migration to Thales OneWelcome Identity Platform - Migration Dates

Thales is changing the Identity Provider (IDP) used in the DPoD platform to Thales OneWelcome Identity Platform. This enables the platform to provide modern authentication options to users as well as simplifying logins for users that manage multiple tenants on the platform.

Thales will migrate each region per the schedule below.

  • North America: February 22, 2025
  • Europe: March 8, 2025

A maintenance window with exact timing for the migrations and service impacts will be shared through the DPoD Status Page. We recommend subscribing to the status page to be notified of any updates or schedule changes.

After the migration DPoD will be accessible through the new login URL - https://welcome.dpondemand.io, and users will receive instructions to register a new MFA OTP with their device on their first login.

If you have additional questions regarding the IDP migration to One Welcome, please consult the DPoD IDP Migration FAQ on thalesdocs.com. 

DPoD IDP Migration and Luna Cloud HSM Client Network Connectivity

Early in 2025 Thales Data Protection on Demand (DPoD) will be changing the Identity Provider (IDP) used in the DPoD platform to Thales OneWelcome. To ensure continued network connectivity between your Luna Cloud HSM client and the service partition please ensure that you update your include lists to allow the Thales OneWelcome fully qualified domain names. The Luna Cloud HSM data centers are configured with floating IP addresses and as a result of this configuration we do not support using static IP addresses or hardcoded IP addresses to access the services. 

For more information about the IDP migration see the DPoD IDP Migration FAQ. For more information about configuring and troubleshooting your client connection see Client Network Connectivity and Troubleshooting the Client Connection.

DPoD IDP Migration

Thales Data Protection on Demand (DPoD) will be changing the Identity Provider (IDP) used in the DPoD platform to Thales OneWelcome. This update enables the platform to provide modern authentication options as well as simplifying logins for users that manage multiple tenants on the platform. 

For more information about this upcoming change and potential impacts to you please see the DPoD IDP Migration FAQ.

Deprecation of CPv1 Cloning

In the upcoming release of FW 3.0 for Luna Cloud HSM, CPv1 will be removed from FIPS firmware support as it is no longer compliant with 140-3. As this only affects FIPS mode, all affected users should use CPv4 or transition service to non-FIPS mode. If Luna Network HSM users want to clone to Luna Cloud HSM with a FIPS partition they will have to use Luna 7.8 or higher. See Universal Cloning for more information.

Floating IP for Luna Cloud HSM Datacenters

Starting in January 2024, Luna Cloud HSM Datacenters will be configured with a floating IP address. Users should be aware that any client configuration that relies on a static IP address configuration will no longer operate once this change is made. Please consult the Client Network Connectivity Documentation for information about configuring your client environment. Thales does not recommend using any static IP filtering when accessing the service. Should your configuration require the use of static IP address filtering, please contact Thales Customer Support for more information.

Removed Service Provider Tenant Usage Report and Associated Endpoints

The Service Provider Tenant Usage Report and the associated tenants/usageReport, tenants/usageDetails, and service_instances/usageDetails endpoints have been removed from the platform.

As an alternative use the Service Report in the DPoD service provider tenant or the /v1/service_instances/usageBillingReport endpoint, and the  /v1/backoffice/serviceAgreements{tenantId} endpoint to compile tenant usage information.

Deprecated Service Provider Tenant Usage Report and Associated Endpoints

The Service Provider Tenant Usage Report and the associated tenants/usageReport, tenants/usageDetails, and service_instances/usageDetails endpoints are deprecated and will be removed from the platform by the end of 2023. 

As an alternative use the Service Report in the DPoD service provider tenant or the /v1/service_instances/usageBillingReport endpoint, and the /v1/backoffice/serviceAgreements{tenantId} endpoint to compile tenant usage information.

CipherTrust Data Security Platform Beta in EU

The CipherTrust Data Security Platform is now visible in EU tenants as a beta service offering. Access to the beta service is restricted at this time. The beta service is disabled in all tenants that are not participating in the beta.

For more information about registering for the CipherTrust Data Security Platform beta please contact steve.kingston@thalesgroup.com.

Luna Cloud HSM Partition Cloning Fails with the 10.5 Client

Bugs Found 

  • DPS-10104 - Luna Cloud HSM Partition Cloning Fails with the 10.5 Client
    Cloning keys between two Luna Cloud HSM partitions fails when using the 10.5 client. There are currently two possible workaround scenarios.
    -> Workaround #1 - If there is a Luna SA7 (or any other separate device to use as an intermediary for the cloning) then clone to and from that device.
    -> Workaround #2 - If there is no separate device then completely uninstall the 10.5 client and install the 10.4 client from scratch. For this option please raise a support ticket to the Thales Customer Support portal to request to join the 2 partitions together as the 10.4 client does not support dynamic partition loading.
    You can make the request by following this link:
    https://thalesdocs.com/dpod/resources/client_resources/client_connect_to_multiple_services/index.html
Show Previous EntriesShow Previous Entries