Webex Teams Security Features and Deployment Practices

As enterprise customers increase their adoption of cloud-based services, the amount of Internet traffic generated by enterprise users also increases. Today, the ratio of the cost of enterprise WAN bandwidth (for example, MPLS) to that of Internet bandwidth can be as much as 200:1. Moving your cloud/Internet access to sites where your cloud users reside can provide significant savings in monthly bandwidth costs. Although this direct Internet access model is growing in popularity, many customers who deploy a centralized/regionalized Internet access model today have concerns that provisioning Internet access in each of their sites will perforate the security perimeter that surrounds their network. These security concerns can be addressed by limiting Internet access in these sites so that only traffic to and from approved cloud-based services is accessible via the site-based Internet connection.

Internet Access for Cloud-Based Services

You should provision Internet access as close as possible to the site where your Webex Teams and Webex devices reside. By providing local cloud/Internet access at each site for Webex devices, you can eliminate the need to transport Webex Teams traffic over the enterprise WAN to a regionalized/centralized Internet access point. Figure 6-40 and Figure 6-41 show the media flows for Webex Teams deployments with per-branch Internet access and centralized Internet access, respectively.


Figure 6-40 Media paths for Webex Teams deployments with per-branch Internet/cloud access


Figure 6-41 Media paths for Webex Teams deployments with centralized Internet/cloud access

Reducing Traffic to the Webex Cloud by Deploying Video Mesh Nodes

You can deploy Video Mesh Nodes in the enterprise network to provide local media processing. By processing audio and video media locally, the Video Mesh Nodes deliver a better quality experience for audio, video, and content sharing in meetings. A Video Mesh Node can also reduce or eliminate bandwidth consumption from the enterprise network to the Webex cloud. Webex Teams also provides automatic overflow to Media Nodes in the Webex cloud when large meetings/large numbers of meetings exhaust the locally available Video Mesh Node resources.

Figure 6-42 and Figure 6-43 show the media flows for Webex Teams deployments with per-branch Internet access and centralized Internet access, respectively, where a Video Mesh Node has also been deployed at the central site to provide local media processing. The Video Mesh Node processes media for local devices in meetings and, if needed, creates a cascade link to a Media Node in the Webex cloud for remote meeting participants.


Figure 6-42 Media paths for Webex Teams deployments with a central site Video Mesh Node and per-branch Internet access


Figure 6-43 Media paths for Webex Teams deployments with a central site Video Mesh Node and centralized Internet access

Leave a Reply

Your email address will not be published. Required fields are marked *