BLOG

KB No. 2795: OPTIMIZING ACCESS TO VIDEO CONFERENCING TOOLS

KB OLFEO On-Premise
June 5, 2023

How to optimize access to videoconferencing tools through the Olfeo proxy

 

BACKGROUND

 

When you participate in online meetings via videoconferencing or video conferencing tools such as Microsoft Teams, Cisco WebEX, Tixeo, etc., the flows are processed by the Olfeo HTTP proxy, which is capable of performing transparent authentication and/or SSL/TLS decryption for HTTPS URL requests. In order to optimize the functioning of these videoconferencing tools, it is recommended not to perform SSL/TLS authentication or decryption on requests to domains exposed by these tools. This article provides the procedure to follow.

Warning

Some applications do not use or only partially use the proxy settings configured in the system and browsers. 
Network traffic bypasses the proxy and is sent directly to the Internet. Also check the firewall logs to troubleshoot 
any connection and instability issues.

This article does not cover the category filtering aspect of these feeds, most of which belong to the following themes and categories:

  • Theme: "Business Services" > Category: "Business Services"
  • Theme: "Bandwidth" > Category: "Internet Telephony, VoIP"
  • Theme: "Bandwidth" > Category: "Remote Control, Online Collaboration Tools"
  • Theme "Privacy" > Category "Chat"

Here we assume that the filtering rules and policies are correctly configured to allow access to the corresponding domains for the user.
If you encounter any difficulties with this part, use the real-time statistics tool available in the Olfeo administration interface.

 

PROCEDURE

 

1. Create a new domain list:

2. Name the list "Video conference," for example, by filling in the Label field and , if desired, the Description field.

3. Download the file containing the list of domains by right-clicking on the button below and selecting Save link as...:
DOWNLOAD

4. Click the Browse... button, specify the location of the List_domains.txt file saved in the previous step , and click the Open button:

5. Click the Add button to add the contents of the file to the Domains field:

6. Click the Validate button.

Note: this list must not contain any blank lines or spaces at the beginning or end of a line.

 

Authentication management

To bypass authentication for requests to domains exposed by these videoconferencing tools, access the authentication rules engine from the corresponding menu:

Note: If you do not have the Advanced Proxy license, this page can be found in the Settings > HTTP Proxy menu.

1. Add a rule using the button

2. Define the following criteria:

  • Sources: All
  • User-Agent: All (click on Required, then on the Validate button in the new window that appears)
  • Proxy ports: All
  • Destination: Domain lists > Videoconferencing
    Note: Do not select other domain lists in this rule; create another rule if necessary.
  • Authentication: No authentication

Note: these criteria can be adapted depending on the proxy configuration.

3. Validate the rule:

 

SSL/TLS decryption management

To override SSL/TLS decryption for requests to domains exposed by these videoconferencing tools, access the decryption rule engine from the corresponding menu:

1. Add a rule using the button

2. Define the following criteria:

  • Proxy ports: All
  • Destination: Domain lists > Videoconferencing
    Note: Do not select other domain lists in this rule; create another rule if necessary.
  • Action: No decryption

Note: these criteria can be adapted depending on the proxy configuration.

3. Validate the rule: