J.P. Morgan is continually improving the products and services we provide to clients. New strategic data centers have been built and will be ready for J.P. Morgan applications in 2023. This includes the J.P. Morgan Host-to-Host application that is used to exchange files with clients.
Starting in 2023, all client file transmissions will begin transitioning to these new strategic data centers.
The goal of this program is to accelerate our modernization efforts, which will allow us to operate more effectively in meeting your technological needs, both now and in the future.
This event affects both incoming and outgoing file transmissions and will result in IP address changes for all J.P. Morgan servers. You will have to make changes to your file transmission infrastructure to accommodate these changes.
Examples of the types of changes that may be required include:
- Application Upgrade — If you are using widely supported applications to exchange files with J.P. Morgan, they must be updated to their most current release levels to meet the applicable security standards for protocols, ciphers, message authentication, key exchange algorithms and host key algorithms.
- Application Retirement — If your application is out of date and cannot support the latest security standards (RFCs 4251-4254), then it is possible that it must be replaced with a new application with a more current set of capabilities. Migration to the new J.P. Morgan environment will not be possible if security standards cannot be met, and safety net accommodations can only be made available for a very limited time.
- Business Partner Connectivity — Clients with dedicated network connectivity and point-to-point Virtual Private Network (VPN) solutions over the J.P. Morgan Business Partner Network must make several changes during the migration. Client-owned infrastructure components in the J.P. Morgan data centers will be moved, and solutions must be re-engineered.
Due to the nature of this work, it is possible that some of this will require your technical team's engagement for infrastructure design and implementation, and for application cutover.
- Firewall Rules — Your firewalls must be updated to allow traffic to and from the new J.P. Morgan data centers.
- Hostname Files and Key Stores — If your application uses a known host configuration to cross-reference IP addresses and domain names to public encryption keys (typical with SFTP applications), then this configuration must be changed to accommodate the new J.P. Morgan addresses.
- Internet and SOCKS Proxies — New IP addresses with fully qualified domain names may need to be configured for internet and SOCKS proxies, if used in your environment.
- Application Whitelists — Your administrators must make changes to any applications which use IP whitelisting in their configuration to improve cyber controls.
- AS2 Configuration Changes — If you use an AS2 application, your network and application administrators will have to update web and SOCKS proxies to reconfigure bi-directional AS2 traffic over non-standard port 10443.
- Business Continuity Configuration — Any changes that are made to your primary configuration must also be applied to your contingency setup.
This is not an exhaustive list of impacts but gives you an idea of the types of things that must be addressed. Your specific actions are determined by your environment and configuration.
Given the nature and extent of these changes, you should plan for an extensive amount of testing for this initiative and know that the J.P. Morgan team will be there to support you during your transition.
We will communicate additional details as they become available. To ensure that you receive these communications, please make sure that your J.P. Morgan relationship team has accurate email addresses for the members of your technical team who are responsible for Host-to-Host.
Contact us via email at email@example.com.
Please note the support team cannot advise clients on specific actions needed to make the required system changes. Clients should contact the application vendors for this information.
All trademarks, trade names and service marks appearing herein are the property of their respective owners.