Multiple users have reported issues with the stability of Zoom, as well as the performance of the application itself. Common complaints or issues relating to audio dropping, audio quality, and screen redraws or slowness painting the screen. Due to these issues, as seen traversing a proxy, it is recommended that Zoom traffic be bypassed and go directly to the destination, at least for real-time traffic.
We do recommend using our Next Generation API Data Protection for Zoom. With its current release, audit events, standard user behavior analytics alerts in Skope IT, and DLP alerts may be seen in the tenant. Future improvements to API data protection includes, threat protection, inventory and dashboard remediation actions, and retroscan.
Instructions
The following instruction set allows you to bypass Zoom traffic using the Netskope Client’s real-time traffic steering method.
- Go to https://support.zoom.us/hc/en-us/articles/201362683-Zoom-network-firewall-or-proxy-server-settings and locate the section for “Zoom firewall rules”.
- Create Cloud Firewall applications to be bypassed.
- Use the hosts listed in the “Zoom firewall rules” section in addition to “zoom.ada.support” to create a CFW app to bypass connections from all Zoom clients on TCP ports 80 and 443.
NOTE: “zoom.ada.support” is bypassed for support of ADA accessibility.
- Use the IP addresses in the “Zoom firewall rules” section to create a CFW app to bypass TCP connections on TCP ports 443, 8801, and 8802.
- Use the IP address in the “Zoom firewall rules” section to create a CFW app to bypass UDP connections to UDP ports 3478, 3479, and 8801 - 8810.
- Use the hosts listed in the “Firewall rules for certificate validation” section to create a CFW app to bypass certificate verification sites.
- Update steering configurations to bypass the CFW applications.
You will need to check the Zoom site for network firewall settings on a regular basis. Zoom updates the site without notice and has seen the list grow and shrink as they make changes.
