What are the biggest concerns when considering an Office 365 migration? Generally, they’re centered around network performance and user experience. And those concerns are heightened when organizations include Skype or Teams as part of their Office 365 deployment.
That’s because real-time voice and audio protocols can wreak havoc on your network, and users will definitely notice.
Of course, Skype for Business is a popular meeting and collaboration application that specializes in providing video chat, group conversations, and voice calls between computers, tablets, smartphones, and other devices via the Internet. How popular? Due to its phenomenal success as a consumer platform, Microsoft purchased Skype in 2011 and made it the cornerstone of its Office 365 strategy to enable collaboration and productivity across organizations.
Being a full-featured video conferencing platform, Skype for Business demands real-time interactions without buffering or skipping, which requires the lowest latency possible. To achieve this low latency, Skype audio/video is most often routed via User Datagram Protocol (UDP) traffic.
UDP uses a simple connectionless communication model with a minimum of protocol mechanisms. It has no handshaking dialogues, and thus exposes the application to any unreliability of the underlying network. In essence, there is no guarantee of delivery, ordering, or duplicate protection.
UDP avoids the overhead of such processing in the protocol stack. Time-sensitive applications often use UDP because dropping packets is preferable to waiting for packets delayed due to retransmission, which may not be an option in a real-time system.
Real-time video and audio streaming protocols are designed to handle occasional lost packets, so only slight degradation in quality occurs, rather than longer delays if lost packets were retransmitted. Because both TCP and UDP run over the same network, many businesses are finding that a recent increase in UDP traffic from these real-time applications is hindering the performance of applications using TCP, such as point of sale, accounting, and database systems. When TCP detects packet loss, it will throttle back its data rate usage. Since real-time and business applications are business-critical, it's also important to developing quality-of-service solutions.
The introduction of latency on this UDP traffic will immediately be noticed by users. After all, it is difficult not to notice a dropped video connection during an important meeting.
According to Microsoft, organizations must provision the network to guarantee a maximum end-to-end delay of no more than 150 milliseconds under peak load. But, to be safe, that number really should be lower.
With miles of MPLS on the traditional corporate network and stacks of latency-inducing appliances at the gateway, this latency requirement can often be a challenge. The kicker is that end users don’t really appreciate your struggle. They’ve been using Skype for quite some time at home to call their relatives, and the performance has been exemplary. It’s your network vs. their home network and, once again, you’re losing out and your users’ experience is suffering.
The first problem is your legacy proxy solution. Legacy proxies can’t support UDP, so Skype UDP traffic follows the default path to the internet, which would be out of a legacy firewall in the data center.
But, as we’ve mentioned in our previous posts about Office 365 migration, Microsoft recommends local egress as the best connection method for Office 365, and controlling this connection will help guarantee a healthy Office 365 deployment and branch connectivity. Of course, that is sometimes easier said than done, unless you have some assistance. Zscaler Cloud Firewall allows full-control, direct-to-internet connections over all traffic, ports, and protocols.
The second consideration is hairpinning. Microsoft recommends against hairpin connections. Forcing mobile users through VPN and back into the network for security and control, only to go back out again, kills performance, especially with Skype calls.
Fortunately, the Zscaler cloud security stack can go everywhere your users go. Cloud delivery enables you to easily control and secure user connections while getting them onto the Microsoft network as fast as possible. And Zscaler offers one-click deployment to meet Office 365 configuration requirements and to enable automated updates.
Office 365 is an exciting platform and promises the tremendous potential to transform your users’ productivity and collaboration. The reality is that it’s also probably one of the largest platforms your IT organization will ever have to move to the cloud.
It’s easy to get distracted by all the exciting new apps and features in Office 365. But, by keeping your eye on the prize and, with a little help from Zscaler, you can navigate your migration, deliver world-class collaboration, and come out on top with the boss—even with Skype.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Steve Grossenbacher is a Head of Product Marketing for Zscaler Internet Access