Bypassing Netskope for improved performance

Method-1 (Sample Configuration): Bypassing using Custom Firewall Application

If the exception traffic destination IP address/subnet/CIDR (or) Domains, protocol (TCP, UDP) and ports are available then this method is preferable.

Important notes:

In the firewall application definition, it is recommended to configure fine grained custom application rules including IP address/Domains, protocol and ports specific to voice/video traffic.
For IPSec/GRE GW steering methods, we recommend customers to configure equivalent bypass rules in access gateways in their client network.
If FQDN/PQDN is used in custom firewall applications, then we need to make sure to send DNS traffic also through the cloud firewall so that the firewall can be aware of IP to domain mapping. This is needed only for IPSec/GRE GW steering methods and customers can’t configure bypass rules in their access gateways.

Configuration Steps:

Create the Custom Firewall Application in Settings > Security Cloud Platform > TRAFFIC STEERING > App Definition with IP addresses/FQDN, Protocols (TCP, UDP) and ports

Add the custom application to New Application exception in Settings > Security Cloud Platform > TRAFFIC STEERING > Steering Configuration page

Address	Protocol	Ports	Is Bypass Required
3.238.83.128/25, 3.251.93.0/26, 3.133.18.38/32, 3.135.139.181/32, 13.51.179.176/32, 13.228.200.40/32, 52.76.233.79/32, 52.221.167.63/32, 54.253.118.63/32, 54.253.248.99/32, 54.253.250.85/32, 54.253.254.161/32, 54.254.43.153/32, 165.75.5.0/24	TCP	443,1720,1935,5060-5061,30000-50000	Yes
"204.141.11.0/24", "204.141.12.0/24", "204.141.217.0/24"	TCP	443, 80, 8080	No
3.238.83.128/25, 3.251.93.0/26, 3.133.18.38/32, 3.135.139.181/32, 13.51.179.176/32, 13.228.200.40/32, 52.76.233.79/32, 52.221.167.63/32, 54.253.118.63/32, 54.253.248.99/32, 54.253.250.85/32, 54.253.254.161/32, 54.254.43.153/32, 165.75.5.0/24	UDP	443,1719,5060,40000-50000	Yes
"204.141.11.0/24", "204.141.12.0/24", "204.141.217.0/24"	UDP	443, 80, 8080	No
204.141.12.0/24 3.251.93.0/26 13.228.200.40/32 54.254.43.153/32 52.206.127.180/32 34.192.154.13/32	TCP	443, 40000-50000	Yes
204.141.12.0/24 3.251.93.0/26 13.228.200.40/32 54.254.43.153/32 52.206.127.180/32 34.192.154.13/32	UDP	443, 40000-50000	Yes

Configuration Steps

We will configure GlobalMeet voice traffic bypass using Custom Firewall Application (Method-1).

Create the 2 Custom Firewall Applications in Settings > Security Cloud Platform > TRAFFIC STEERING > App Definition with IP addresses/FQDN, Protocols (TCP, UDP) and ports

Example: UDP

Example: TCP
Add the custom application to New Application exception in Settings > Security Cloud Platform > TRAFFIC STEERING > Steering Configuration page
Validate bypass location is at the client in Security Cloud Platform > Traffic Steering > Steering Configuration > Edit > Cloud, Web and Firewall > Bypass exception traffic at “Client”

Video Bridge Guide for Presenters and Guest Admins

Video Bridge Overview (Moderators)

How do I connect and broadcast using the Video Bridge?

About Presenter Webcam Layouts on the Video Bridge

Change the Presenter Webcam Layout on the Video Bridge

Adding Virtual Backgrounds on the Video Bridge

Spotlight Presenter Webcams on the Video Bridge

Hiding Presenters from Appearing on the Video Bridge

Video Bridge Integrations - Zoom

Help Video - Testing a Video Bridge Connection

Help Video - Video Bridge Training for Guest Speakers

Help Video - Video Bridge Training for Administrators/Hosts

Video Bridge Tab Mini-View

Screen Sharing on the Video Bridge

Video Bridge Presenter Management Best Practices

Video Bridge Connectivity Guide

Video Bridge Control Room Settings

Connecting to Social Media for Live Streaming

Bypassing Netskope for improved performance

Method-1 (Sample Configuration): Bypassing using Custom Firewall Application

Configuration Steps