Web proxy server support for Zoom Phone
It is common for companies to employ web proxies on the company network for the purpose of securing outbound internet traffic. Additionally, administrators may configure a web proxy to allow remote workers to securely access corporate workloads on their workstations using web proxy software. As a result of overcrowded networks, web proxy servers can add another component to the network that inspects traffic, which can create performance issues for real-time applications. Website proxy servers may cause delays, packet loss, and jitter, among other performance-related problems.
In order to ensure that real-time traffic will flow directly to Zoom data centers from clients through a corporate firewall, Zoom recommends that all real-time traffic be allowed on a web proxy. It is recommended that UDP traffic through the web proxy be allowed instead of Zoom traffic if it can’t be allowed. This may cause latency and jitter and may deteriorate the user experience.
Contents
Do I need a web proxy server for Zoom Phone?
Zoom Phone provides users with a real-time experience, which is not always possible through web proxies due to Zoom Phone’s real-time nature. Furthermore, Zoom Phone already encrypts all traffic so, in this case, web proxies do not add to the security as it’s already encrypted. It is for this reason that when deploying and using Zoom Phone, the best practice is to bypass the web proxy.
Why is it best practice to avoid web proxy servers when using Zoom Phone?
By making use of the latest standards-based Voice over Internet Protocol (VoIP) technology, Zoom Phone provides businesses with a secure and reliable alternative to traditional on-premise PBX solutions. Session Initiation Protocol (SIP) is used for configuring the call, setting up calls, and providing information in calls, which is also encrypted using TLS1.2 technology and PKI certificates issued by a commercially trusted certificate authority. AES 256-GCM profiles are used by Zoom to encrypt voice traffic via Secure Real-Time Transport Protocol (SRTP). This ensures that unauthorized parties cannot listen in on conversations. Visit the Zoom Trust Center to learn more about Zoom Phone security.
How can I secure my Zoom Phone traffic without a web proxy server?
Zoom recommends that users be able to route traffic from their devices directly without a web proxy to Zoom data centers, so that Zoom users have an optimal experience.
In order to ensure that personally identifiable information is protected, Zoom has taken the following steps:
- There are three types of traffic generated by Zoom clients:
- Configuration – The process of downloading firmware and provision files
- Signaling – For setting up and tearing down calls
- Media – The actual stream of voice that is being used to carry out the conversation
- From the Zoom client is encrypted using industry-standard technologies. There are several elements that are employed to ensure the privacy of this traffic, including using encryption with TLS version 1.2 for the signaling traffic, which reduces the chances of eavesdropping, tampering, or forging this data.
- It is important to point out that the network traffic for Real-Time Transport Protocol (RTP) is encrypted with Secure Real-Time Transport Protocol, which provides the necessary confidentiality and message authentication.
- Files such as firmware and configuration files must be downloaded over a secure HTTPS channel. Due to the fact that this is not real-time traffic, a web proxy can be used.
- Known IP addresses and ports can be allowed for Zoom clients. Zoom typically initiates traffic outbound to its data centers, reducing the need to open firewall ports for inbound traffic. Check out the IP ranges list to make sure you have the most updated list of IP addresses.
- We maintain a high level of security in our datacenter. Our SOC2 reports, which can be obtained upon request, document our security posture. To maintain our high security posture, we conduct third-party audits. Please refer to the security compliance section of the website for more information.
Read it also –
About Firewall Or Proxy Server Configuration Requirements In Zoom App |
Scheduling Proxy Authority In Zoom App |
Frequently Asked Question
What protocol does Zoom phone use?
When it comes to phone provisioning and call encryption, Zoom Phone supports 256-bit Advanced Encryption Standard (AES) 256-bit encryption using SIP over TLS 1.2 Advanced Encryption Standard (AES) 256-bit algorithms as a standard encryption option. In addition to this, for all devices, the call media is also transported and protected by SRTP using the AES-128 algorithm with the SRTP protocol.
Does Zoom use proxy?
How do I unblock Zoom on firewall or proxy?
You can find Windows Security by opening the Start menu and searching for it. You can click on it by clicking on the link. After you have clicked on the Firewall & network protection section, you should then be able to see a list of features. 3) You will have to select an option that allows you to allow an application to pass through the firewall.
How do I know if my proxy is blocking Zoom?
- You can find Windows Security by opening the Start menu and searching for it. …
- Afterwards, you will need to click on Firewall & network protection on the left-hand side of the screen in order to do this.
- To allow an app to pass through a firewall, you will need to check the box entitled Allow an app to pass through a firewall.
- In the new window that appears, select Change Settings once it has been opened.
- Check if the checkboxes next to “Zoom Video Conference” are ticked when you scroll down to the bottom of the page.
How do I setup a Zoom proxy?
Proxy authority can be scheduled at any time by using the Zoom App and can be accessed at any time.
- The best way to schedule a meeting is to assign or delegate users or multiple users to your account for the purpose of scheduling.
- There is the option to schedule a meeting yourself if you do not wish a single or multiple users who are granted scheduling privileges on your behalf to schedule the meeting for you. This option is available if you do not wish to allow one or more users to do so.