Genesys Cloud
2024 Genesys CIDR expansion and firewall requirements notification – FedRAMP

Announced on Effective date

Description

On August 26, 2024 Genesys Cloud’s FedRAMP media services will fully migrate US-East 2 (Ohio) to a Genesys-owned CIDR block. Genesys Cloud’s cloud media services will then be fully migrated to the Genesys-owned CIDR block in FedRAMP. For more information, see Cloud media services CIDR IP address range.

Genesys CIDR for FedRAMP is (164.152.64.0/22).

On August 26, 2024 Genesys Cloud FedRAMP will also expand the Media RTP port range from udp/16384-32768 to udp/16384-65535.

What does this mean?

Genesys will move the FedRAMP region from AWS-owned IPs to the Genesys FedRAMP CIDR range. Affected customers must allow connections to the new range (164.152.64.0/22), in addition to the existing AWS owned IPs. When the AWS owned IPs are no longer necessary, Genesys will provide guidance.

Genesys will expanding the Media RTP port range from udp/16384-32768 to udp/16384-65535. Customers must ensure outbound connections are allowed to this expanded RTP range as well as the corresponding ingress response traffic.

Am I affected?

The following customers are affected:

  • FedRAMP customers using firewall policies to restrict outbound connections from Genesys Cloud clients, and phones are affected. Network administrators can view detailed information on affected services, addresses, and ports, and perform the self-readiness checks. For more information, see Cloud media services CIDR IP address range.
  • FedRAMP customers who use Genesys Cloud for voice interactions, video, and screen recordings are affected.

What do I need to do to prepare for this expansion?

Affected customers must add the new address range (164.152.64.0/22) to their firewall configuration before August 26, 2024. Begin to engage with your network team now to have the new block added. Ensure that outbound connections are allowed to the CIDR range on the expanded RTP range (udp/16384-65535), as well as ensure that corresponding ingress response traffic is allowed.

Notes:
  • Add the FedRAMP CIDR block of IP addresses to your existing firewall allowlist. You do not need to remove access to current addresses.
  • Allow the full /22 FedRAMP CIDR block of IP addresses.

What if I need help or have questions?

Contact your Genesys Technical Account Manager or your Customer Success Manager. You can also contact My Support