Blog
The Blog

KB N° 2795: OPTIMIZE ACCESS TO VIDEOCONFERENCING TOOLS

KB Olfeo On-Premise
June 5, 2023

How to optimize access to videoconferencing tools through the Olfeo proxy

BACKGROUND

 

When you take part in online meetings via videoconferencing tools such as Microsoft Teams, Cisco WebEX, Tixeo, etc., the streams are processed by the Olfeo HTTP proxy, which may perform transparent authentication and/or SSL/TLS decryption for HTTPS URL requests. In order to optimize the operation of these videoconferencing tools, it is recommended not to perform SSL/TLS authentication or decryption on requests to domains exposed by these tools. This article explains the procedure to follow.

Attention

Some applications do not use, or only partially use, the proxy settings configured in the system and browsers. 
Some network streams bypass the proxy and are sent live to the Internet, so check firewall logs to troubleshoot 
connection problems and instability.

This article does not deal with the category filtering part of these feeds, most of which belong to the following themes and categories:

  • Business Services" theme > "Business Services" category
  • Topic "Bandwidth" > Category "Internet telephony, VoIP
  • Topic "Bandwidth" > Category "Remote Control, Online Collaboration Tools
  • Privacy" theme > "Chat" category

Here we assume that the filtering rules and policies are correctly configured to authorize access to the corresponding domains for the user.
If you encounter any difficulties in this area, please use the real-time statistics tool available in the Olfeo administration interface.

 

PROCEDURE

 

1. Create a new list of domains :

2. Name the list "Videoconference", for example, by filling in the Description field.

3. Download the file containing the list of domains by right-clicking on the button below and selecting Save link as... :
DOWNLOAD

4. Click on the Browse... button , specify the location of the Liste_domaines. txt file saved in the previous step and click on the Open button:

5. Click on the Add button to add the contents of the file to the Domains field:

6. Click on the Validate button

Note: this list must not contain blank lines or spaces at the beginning or end of lines.

 

Authentication management

To override authentication for requests to domains exposed by these videoconferencing tools, access the authentication rules engine from the corresponding menu :

Note: if you don't have the Advanced Proxy license, this page can be found in the Settings > HTTP Proxy menu.

1. Add a rule using the

2. Define the following criteria:

  • Sources : All
  • User-Agent: All (click on Mandatory , then on the Validate button in the new window)
  • Proxy ports: All
  • Destination : Domain lists > Videoconferencing
    Note: do not select other domain lists in this rule, create another rule if necessary.
  • Authentication : No authentication

Note: these criteria can be adapted to suit the proxy configuration.

3. Confirm the rule:

 

SSL/TLS decryption management

To override SSL/TLS decryption for requests to domains exposed by these videoconferencing tools, access the decryption rules engine from the corresponding menu :

1. Add a rule using the

2. Define the following criteria:

  • Proxy ports: All
  • Destination : Domain lists > Videoconferencing
    Note: do not select other domain lists in this rule, create another rule if necessary.
  • Action : No decryption

Note: these criteria can be adapted to suit the proxy configuration.

3. Confirm the rule: