Ensuring reliable operation of Zextras Team in complex corporate networks
In the last article, we told you about the Zextras Team - a solution that allows you to add the functionality of corporate text and video chats to the Zimbra Collaboration Suite Open-Source Edition, as well as the ability to conduct video conferences with a large number of participants, without the need to use third-party services and without transferring any Any data to the side. This usage scenario is ideal for companies that have a strictly defined security perimeter in the form of an internal network and can provide their information security by protecting this perimeter. However, the internal network of the enterprise is far from always something simple and understandable. Often in one large network there are a huge number of different subnets, many of which, if we are talking about geographically remote branches and offices, are connected via VPN. The complex structure of the internal network can interfere with the correct operation of video chats and video conferencing in Zextras Team and now we will tell you about what can be done to ensure that everything works correctly and without failures.
Installing Zextras Team is as simple as possible. After installing Zextras Suite Pro, it is enough to activate the com_zextras_Team winter from the administrator console, after which all Zimbra OSE users in the enterprise will have the corresponding functionality. After that, the system administrator can limit the functionality of the Zextras Team both for different user groups and for individual accounts. This is done using the following commands:
The first command allows you to disable a number of functions related to text chat for various groups or individual users. The second command allows you to disable the saving of chat history. This action can be performed for all users as well as for users of a specific server, as well as for various groups or individual users. The third command allows you to disable the functions associated with video chats. This function can be disabled globally, on a separate server, as well as for a group of users or for a specific account.
After all the necessary restrictions have been introduced, the administrator can only make sure that the video communication at the enterprise is working properly. Since Zextras Team is based on peer-to-peer WebRTC technology, two things are critically important for its operation: ease of connection setup and sufficient channel bandwidth. And if the administrator does not have to worry about the channel width and signal quality in the internal network, then the complex network architecture can prevent the establishment of a connection between the employees of the enterprise.
In order to avoid problems when establishing a connection between clients, the developers of Zextras Team put in support TURN-servers, which help to establish a connection between users in any, even the most branched internal networks. In order to do this, it is necessary to add a node with TURN on board to the internal network of the enterprise that is visible to other domains.
For example, suppose that the corresponding node in the corporate network will be called turn.company.ru . We need to ensure that when trying to create a video chat, the Zextras Team contacts the TURN server with the user's authentication data and, if everything is fine, establish a connection like WebSocket and allow users to communicate normally with each other.
In order to connect the TURN server to Zextras Team, we introduce a console command of the form zxsuite Team iceServer add turn: turn.company.ru: 3478? Transport = udp credential password username admin cos default . In the case of this team, we added a new TURN server to the Zextras Team list, indicating its network address and administrator account information, and allocated it to the default user group for use. Using the same principle, you can add several TURN servers at once so that users from different groups use different servers for connection.
In addition to adding new TURN servers, you can remove them from the list added using the zxsuite Team iceServer remove turn.company.ru command , and also view the list of added servers using the zxsuite Team iceServer get command . Note that creating the same users on the TURN server as in Zimbra OSE is not required. For comfortable work on a TURN server, you need only an administrator account.
Thus, after adding a TURN server to the local network and a small setup, the connection between Zextras Team users will be established quite quickly regardless of the network structure, and the channel width of the internal network will have to provide consistently good image both during private video chat and during video conferencing.
For all questions related to the Zextras Suite, you can contact the representative of the company "Zextras" Ekaterina Triandafilidi by e-mail katerina@zextras.com
Installing Zextras Team is as simple as possible. After installing Zextras Suite Pro, it is enough to activate the com_zextras_Team winter from the administrator console, after which all Zimbra OSE users in the enterprise will have the corresponding functionality. After that, the system administrator can limit the functionality of the Zextras Team both for different user groups and for individual accounts. This is done using the following commands:
- zxsuite config teamChatEnabled false
- zxsuite config historyEnabled false
- zxsuite config videoChatEnabled
The first command allows you to disable a number of functions related to text chat for various groups or individual users. The second command allows you to disable the saving of chat history. This action can be performed for all users as well as for users of a specific server, as well as for various groups or individual users. The third command allows you to disable the functions associated with video chats. This function can be disabled globally, on a separate server, as well as for a group of users or for a specific account.
After all the necessary restrictions have been introduced, the administrator can only make sure that the video communication at the enterprise is working properly. Since Zextras Team is based on peer-to-peer WebRTC technology, two things are critically important for its operation: ease of connection setup and sufficient channel bandwidth. And if the administrator does not have to worry about the channel width and signal quality in the internal network, then the complex network architecture can prevent the establishment of a connection between the employees of the enterprise.
In order to avoid problems when establishing a connection between clients, the developers of Zextras Team put in support TURN-servers, which help to establish a connection between users in any, even the most branched internal networks. In order to do this, it is necessary to add a node with TURN on board to the internal network of the enterprise that is visible to other domains.
For example, suppose that the corresponding node in the corporate network will be called turn.company.ru . We need to ensure that when trying to create a video chat, the Zextras Team contacts the TURN server with the user's authentication data and, if everything is fine, establish a connection like WebSocket and allow users to communicate normally with each other.
In order to connect the TURN server to Zextras Team, we introduce a console command of the form zxsuite Team iceServer add turn: turn.company.ru: 3478? Transport = udp credential password username admin cos default . In the case of this team, we added a new TURN server to the Zextras Team list, indicating its network address and administrator account information, and allocated it to the default user group for use. Using the same principle, you can add several TURN servers at once so that users from different groups use different servers for connection.
In addition to adding new TURN servers, you can remove them from the list added using the zxsuite Team iceServer remove turn.company.ru command , and also view the list of added servers using the zxsuite Team iceServer get command . Note that creating the same users on the TURN server as in Zimbra OSE is not required. For comfortable work on a TURN server, you need only an administrator account.
Thus, after adding a TURN server to the local network and a small setup, the connection between Zextras Team users will be established quite quickly regardless of the network structure, and the channel width of the internal network will have to provide consistently good image both during private video chat and during video conferencing.
For all questions related to the Zextras Suite, you can contact the representative of the company "Zextras" Ekaterina Triandafilidi by e-mail katerina@zextras.com
All Articles