Netværkskrav for Webex-tjenesteydelser

Document Revision History

This article is intended for network administrators, particularly firewall and proxy security administrators, who want to use the Webex Suite of cloud collaboration services within their organization. The primary focus of this document is on the network requirements of Webex Meetings and Webex Messaging, and the document also provides links to documents that describe the network requirements for Webex Calling.

This article will help you configure network access to the Webex suite of services used by:

Cloud registered Webex app clients for Meetings, Messaging, and Calling
Cloud registered Webex Meetings Centre app clients
Cloud registered Cisco Video devices, Cisco IP Phones, Cisco video devices, and third-party devices that use SIP to connect to the Webex Suite services.

This document primarily focuses on the network requirements of Webex cloud registered products that use HTTPS signaling to communicate with Webex Suite services but also separately describes the network requirements for products that use SIP signaling to the Webex cloud. Disse forskelle er opsummeret herunder:

Oversigt over enhedstyper og protokoller, der understøttes af Webex

Webex-cloud-registrerede apps og enheder

Alle cloud-registrerede Webex-apps og -enheder bruger HTTPS til at kommunikere med Webex-besked- og -mødetjenesteydelser:

The Webex app uses HTTPS signaling for Webex messaging and meeting services. The Webex app can also use the SIP protocol to join Webex meetings, but this is subject to the user either being called via their SIP address or choosing to dial a SIP URL to join a meeting (rather than use the meeting functionality native to the Webex app).
Cloud registered Cisco Video devices use HTTPS signaling for all Webex services.
Lokale SIP-registrerede Webex-enheder kan også bruge HTTPS-signaler, hvis funktionen Webex Edge til enheder er aktiveret. This feature allows Webex devices to be administered via Webex Control Hub and to participate in Webex Meetings using HTTPS signaling (for details, see https://help.webex.com/en-us/cy2l2z/Webex-Edge-for-Devices).

Webex cloud and on-premises call control registered devices using SIP
The Webex Calling service and on-premises call control products such as Cisco Unified CM use SIP as their call control protocol. Cisco Video devices, Cisco IP Phones, and 3rd party products can join Webex Meetings using SIP. For on-premises SIP-based call control products such as Cisco Unified CM, a SIP session is established through a border controller such as Expressway C & E, or CUBE SBC for calls to and from the Webex Cloud.

For details on the specific network requirements for the Webex Calling service see: https://help.webex.com/en-us/b2exve/Port-Reference-Information-for-Cisco-Webex-Calling

Transportprotokoller og krypteringsprogrammer til cloud-registrerede Webex-apps og -enheder

All cloud registered Webex apps and Cisco Video devices initiate outbound connections only. Cisco’s Webex Cloud never initiates outbound connections to cloud registered Webex apps and Cisco Video devices, but can make outbound calls to SIP devices.

Webex services for meetings and messaging are hosted in globally distributed data centers that are either Cisco owned (e.g. Webex data centers for identity services, meeting services, and media servers) or hosted in a Cisco Virtual Private Cloud (VPC) on the Amazon AWS platform (e.g. Webex messaging micro-services, messaging storage services). Webex services also reside in Microsoft Azure data centers for Video Interop with Microsoft Teams (VIMT).

Trafiktyper:

Webex app and Cisco Video devices establish signaling and media connections to the Webex cloud.

Signaling traffic
Webex app and Cisco Video devices use HTTP as HTTP over TLS (HTTPS) and Secure Web Sockets (WSS) over TLS for REST based signaling to the Webex cloud. Signaling connections are outbound only and use URLs for session establishment to Webex services.

TLS signaling connections to Webex services use TLS version 1.2 or 1.3. The cipher selection is based on the Webex server TLS preference.

Using either TLS 1.2 or 1.3, Webex prefers ciphers suites using:

ECDHE for key negotiation
RSA-based certificates (3072-bit key size)
SHA2 authentication (SHA384 or SHA256)
Strong encryption ciphers using 128 or 256 bits (for example, AES_256_GCM)

Webex supports cipher suites in the following preference order for TLS version 1.2 connections*:

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

Note - CBC mode encryption is supported for older browsers without more secure GCM mode encryption.

Webex supports cipher suites in the following preference order for TLS version 1.3 connections*:

TLS_AES_256_GCM_SHA384
TLS_CHACHA_POLY1305_SHA256
TLS_AES_128_GCM_SHA256

Note – With TLS 1.3, ECDHE key negotiation and RSA-based certificates are a mandatory part of the specification and this detail is therefore omitted in the cipher suite description.

*The cipher suites and cipher suite preference order may vary for some Webex services

Establishing signaling connections to Webex services using URLs
If you have deployed proxies, or firewalls to filter traffic leaving your enterprise network, the list of destination URLs that need to be allowed to access the Webex service can be found in the section "Domains and URLs that need to be accessed for Webex Services".

Webex strongly recommends that you do not alter or delete HTTP header values as they pass through your proxy/ firewall unless permitted in these guidelines https://www.w3.org/TR/ct-guidelines/#sec-altering-header-values. Modification or deleting of HTTP headers outside of these guidelines can impact access to Webex Services, including loss of access to Webex services by Webex apps and Cisco Video devices.

Filtrering af Webex-signaleringstrafik efter IP-adresse understøttes ikke, da de IP-adresser, der bruges af Webex, er dynamiske og kan ændres når som helst.

Media traffic
The Webex app and Cisco Video devices encrypt real-time media for audio, video, and content sharing streams using the following encryption ciphers:

AES-256-GCM-kode
AES-CM-128-HMAC-SHA1-80-kode

AES-256-GCM is the preferred encryption cipher by the Webex app and Cisco Video devices to encrypt real time media.

AES-CM-128-HMAC-SHA1 is a mature cipher that has proven interoperability between vendors. AES-CM-128-HMAC-SHA1 is typically used to encrypt media to Webex services from endpoints using SRTP with SIP signaling (e.g. Cisco and 3rd party SIP devices).

In preference order, Webex apps and Cisco Video devices support UDP, TCP and TLS as media transport protocols. If UDP ports are blocked by your firewall, Webex apps and Cisco Video devices will fall back to TCP. If TCP ports are blocked Webex apps and Cisco Video devices will fall back to TLS.

UDP – Cisco recommended media transport protocol
In line with RFC 3550 RTP – A Transport Protocol for Real-Time Applications, Cisco prefers and strongly recommends UDP as the transport protocol for all Webex voice and video media streams.

Disadvantages of using TCP as a media transport protocol
Webex apps and Cisco Video devices also support TCP as a fall-back media transport protocol. Cisco anbefaler dog ikke TCP som en transportprotokol til lyd- og videomediestreams. Dette skyldes, at TCP er forbindelsesorienteret og designet til at levere korrekt arrangeret data på pålidelig vis til protokoller i øverste lag. Med TCP bliver afsenderen ved med at sende tabte pakker, indtil de bekræftes, og modtageren bufferlagrer pakkestreamen, indtil de tabte pakker genoprettes. For mediestreams manifesterer denne funktionsmåde sig selv som øget latenstid/forvrængning, hvilket igen påvirker mediekvaliteten for opkaldets deltagere.

Disadvantages of using TLS as a media transport protocol
Encrypted TCP connections (TLS) can suffer from a further degradation in media quality due to potential Proxy server bottlenecks. If TLS is used as the media transport protocol by Webex apps and Cisco Video devices with a configured proxy server, this media traffic will be routed through your proxy server which can create bandwidth bottlenecks and subsequent packet loss. Cisco strongly recommends that TLS is not used to transport media in production environments.

Webex-medier flyder i begge retninger ved hjælp af en symmetrisk indvendigt aktiveret 5-delt stream (kilde-IP-adresse, destinations-IP-adresse, kildeport, destinationsport, protokol) til Webex Cloud.

The Webex app and Cisco Video devices also use STUN (RFC 5389) for firewall traversal and media node reachability testing. Du kan læse mere i Webex Firewall Technical Paper.

Webex – Destination IP address ranges for media
To reach Webex media servers that process media traffic leaving your enterprise network, you must allow the IP subnets that host these media services to be reachable via your Enterprise firewall. Destinations-IP-adresseintervallerne for medietrafik, der sendes til Webex-medienoder, kan ses i afsnittet "IP-undernet til Webex-medietjenester".

Webex-trafik via proxyer og firewalls

De fleste kunder installerer en internetfirewall eller internetproxy og firewall for at begrænse og kontrollere den HTTP-baserede trafik, der forlader og kommer ind i deres netværk. Følg vejledningen til firewall og proxy herunder for at aktivere adgang til Webex-tjenesteydelser fra dit netværk. Hvis du kun bruger en firewall, skal du være opmærksom på, at filtrering af Webex-signaleringstrafik ved hjælp af IP-adresser ikke understøttes, da de IP-adresser, der bruges af Webex-signaleringstjenester, er dynamiske og kan ændres når som helst. If your firewall supports URL filtering, configure the firewall to allow the Webex destination URLs listed in the section "Domains and URLs that need to be accessed for Webex Services".

Webex-tjenesteydelser – portnumre og protokoller

The following table describes ports and protocols that need to be opened on your firewall to allows cloud registered Webex apps and Cisco Video devices to communicate with Webex cloud signaling and media services.

The Webex apps, devices, and services covered in this table include:
The Webex app, Cisco Video devices, Video Mesh Node, Hybrid Data Security node, Directory Connector, Calendar Connector, Management Connector, Serviceability Connector.
For guidance on ports and protocols for devices and Webex services using SIP can be found in the section "Network requirements for SIP based Webex services".

Webex-tjenesteydelser – portnumre og protokoller
Destinationsport	Protokol	Beskrivelse	Enheder, der bruger denne regel
443	TLS	Webex HTTPS-signalering. Sessioner, der er ligestillet med Webex-tjenesteydelser, er baseret på definerede URL-adresser i stedet for IP-adresser. If you are using a proxy server, or your firewall supports DNS resolution; refer to the section "Domains and URLs that need to be accessed for Webex Services" to allow signaling access to Webex services.	Alle
123 (1)	UDP	Netværkstidsprotokol (NTP)	Alle
53 (1)	UDP TCP	Domain Name System (DNS) Bruges til DNS-søgning for at finde IP-adresser til tjenester i Webex-cloud. De fleste DNS-forespørgsler foretages over UDP; dog kan DNS-forespørgsler også bruge TCP.	Alle
5004 og 9000	SRTP via UDP	Encrypted audio, video, and content sharing on the Webex App and Cisco Video devices For a list of destination IP subnets refer to the section "IP subnets for Webex media services".	Webex App Cisco Video Devices Video Mesh Nodes
50,000 – 53,000	SRTP via UDP	Krypteret lyd, video og indholdsdeling – kun Video Mesh Node	Video Mesh Node
5004	SRTP via TCP	TCP fungerer også som en fallback-transportprotokol til krypteret lyd, video og indholdsdeling, hvis UDP ikke kan bruges. For a list of destination IP subnets refer to the section "IP subnets for Webex media services".	Webex App Cisco Video Devices Video Mesh Nodes
443	SRTP via TLS	Bruges som en fallback-transportprotokol til krypteret lyd, video og indholdsdeling, hvis UDP og TCP ikke kan bruges. Media over TLS is not recommended in production environments For a list of destination IP subnets refer to the section "IP subnets for Webex media services".	Webex App Cisco Video Devices

Hvis du bruger NTP- og DNS-tjenester på dit virksomhedsnetværk, behøver port 53 og 123 ikke at blive åbnet via din firewall.

MTU size for Webex IPv4 and IPv6 Traffic

Webex supports both IPv4 and IPv6 for signaling and media services. For most customers, supporting Webex over IPv4 and IPv6 should not present any issues. Still, issues can arise if your network's Maximum Transmissible Unit (MTU) is set to non-default values.

The Maximum Transmissible Unit (MTU) is the maximum size of the IP packet that can be transmitted over a network link without fragmentation. The IPv6 RFC mandates a minimum MTU size of 1280 bytes. Most routing and switching devices support a default maximum MTU size of 1500 bytes on all interfaces.

IPv6 adds additional overhead to IP packets, which increases packet size compared to IPv4 traffic. The IPv6 RFC mandates a minimum MTU size of 1280 bytes.

Webex recommends keeping the default maximum transmission unit (MTU) size of 1500 bytes for all IP packets received and sent on your network. If you need to reduce the MTU size in your network, Webex recommend reducing this to no less than 1300 bytes.

IP-undernet til Webex-medietjenester

The majority of Webex media services are hosted in Cisco data centers.

Cisco also supports Webex media services in Microsoft Azure data centers for Video Integration with Microsoft Teams (VIMT). Microsoft has reserved its IP subnets for Cisco's sole use, and media services located in these subnets are secured within Microsoft Azure virtual network instances. For guidance on VIMT deployment, see https://help.webex.com/en-us/article/nffx8kj/Deploy-the-Webex-video-integration-for-Microsoft-Teams.

Configure your firewall to allow access to these destinations, Webex IP subnets, and transport protocol ports for media streams from Webex apps and devices.

Webex apps and Cisco Video devices support UDP, TCP, and TLS as media transport protocols. If UDP ports are blocked by your firewall, Webex apps and Cisco Video devices will fall back to TCP. If TCP ports are blocked, Webex apps and Cisco Video devices will fall back to TLS.

UDP is Cisco’s preferred transport protocol for media, and we strongly recommend using only UDP to transport media. Webex apps and Cisco Video devices also support TCP and TLS as transport protocols for media, but these are not recommended in production environments as the connection-orientated nature of these protocols can seriously affect media quality over lossy networks.
Bemærk:
De IP-undernet, der er angivet herunder, er til Webex-medietjenester. Filtrering af Webex-signaleringstrafik efter IP-adresse understøttes ikke, da de IP-adresser, der bruges af Webex, er dynamiske og kan ændres når som helst. HTTP signaling traffic to Webex services can be filtered by URL/domain in your Enterprise Proxy server before being forwarded to your firewall.

IP-undernet til medietjenester
4.152.214.0/24*	66.114.160.0/20
4.158.208.0/24*	66.163.32.0/19
4.175.120.0/24*	69.26.160.0/19
20.50.235.0/24*	114.29.192.0/19
20.53.87.0/24*	144.196.0.0/16
20.57.87.0/24*	150.253.128.0/17
20.68.154.0/24*	163.129.0.0/16
20.76.127.0/24*	170.72.0.0/16
20.108.99.0/24*	170.133.128.0/18
20.120.238.0/23*	173.39.224.0/19
23.89.0.0/16	173.243.0.0/20
40.119.234.0/24*	207.182.160.0/19
44.234.52.192/26	209.197.192.0/19
52.232.210.0/24*	210.4.192.0/20
62.109.192.0/18	216.151.128.0/19
64.68.96.0/19

* Azure data centers – used to host Video Integration for Microsoft Teams (aka Microsoft Cloud Video Interop) services

Webex apps and Cisco Video Devices perform tests to detect the reachability of, and round-trip time to, a subset of nodes in each media cluster available to your organization. Medienodernes tilgængelighed testes via UDP-, TCP- og TLS-transportprotokoller og sker ved opstart, en netværksændring og regelmæssigt, mens appen eller enheden kører. The results of these tests are stored and sent to the Webex cloud prior to joining a meeting or a call. The Webex cloud uses these reachability test results to assign the Webex app/ Webex device the best media server for the call based on transport protocol (UDP preferred), round trip time, and media server resource availability.

Cisco does not support or recommend filtering a subset of IP addresses based on a particular geographic region or cloud service provider. Filtrering af regionen kan forårsage alvorlig forringelse af mødeoplevelsen, op til og herunder manglende evne til at deltage i møder.

Hvis du har konfigureret din firewall til kun at tillade trafik at et undersæt af IP-undernet ovenfor, kan du muligvis stadig se reachability test-trafik traversing dit netværk, i et forsøg på at nå medieknuder i disse blokerede IP-undernet. Media nodes on IP subnets that are blocked by your firewall will not be used by Webex apps and Cisco Video devices.

Webex-signaltrafik og virksomhedsproxy-konfiguration

De fleste organisationer bruger proxyservere til at undersøge og kontrollere HTTP-trafik, der forlader deres netværk. Proxyer kan bruges til at udføre flere sikkerhedsfunktioner såsom at tillade eller blokere adgang til specifikke URL-adresser, brugerbekræftelse, IP-adresse/domæne/værtsnavn/URI-omdømmesøgning samt trafikdekryptering og -inspektion. Desuden bruges proxyservere typisk som den eneste sti, der kan videresende HTTP-baseret trafik mod internettet til virksomhedsfirewallen, så firewallen kan begrænse udgående internettrafik til den, der kun stammer fra proxyservere. Din proxyserver skal konfigureres til at give Webex-signaltrafik adgang til de domæner/URL-adresser, der er anført i afsnittet nedenfor:

Webex strongly recommends that you do not alter or delete HTTP header values as they pass through your proxy/ firewall unless permitted in these guidelines https://www.w3.org/TR/ct-guidelines/#sec-altering-header-values. Modification or deleting of HTTP headers outside of these guidelines can impact access to Webex Services, including loss of access to Webex services by Webex apps and Cisco Video devices.

Domæner og URL-adresser, der skal tilgås for Webex-tjenesteydelser

Bemærk: Et * i begyndelsen af en URL-adresse (f.eks. *.webex.com) angiver, at tjenester på det øverste domæneniveau og alle underdomæner skal være tilgængelige.

Cisco Webex-tjenesteydelsers URL-adresser
Domæne/URL-adresse	Beskrivelse	Webex-apps og -enheder, der bruger disse domæner/URL-adresser
.webex.com .cisco.com .wbx2.com .ciscospark.com *.webexapis.com	Webex-mikrotjenester. For example : Webex Meetings services Messaging services File management service Key management service Software upgrade service Profile picture service Whiteboarding service Proximity service Presence service Registration service Calendaring service Search service Identity services Authentication OAuth services Device onboarding Cloud Connected UC	Alle
*.webexcontent.com (1)	Webex storage for user-generated content and logs, including: Shared files, Transcoded files, Images, Screenshots, Whiteboard content, Client & device logs, Profile pictures, Branding logos, images Log files Bulk CSV export files & import files (Control Hub)	All
Yderligere Webex-relaterede tjenester – Cisco-ejede domæner
URL-adresse	Beskrivelse	Webex-apps og -enheder, der bruger disse domæner/URL-adresser
*.accompany.com	People Insights-integration	Webex-apps
Yderligere Webex-relaterede tjenester – domæner fra tredjeparter
URL-adresse	Beskrivelse	Webex-apps og -enheder, der bruger disse domæner/URL-adresser
.sparkpostmail1.com .sparkpostmail.com	e-mailtjeneste til nyhedsbreve, tilmeldingsoplysninger, meddelelser	Alle
*.giphy.com	Giver brugerne mulighed for at dele GIF-billeder. Denne funktion er aktiveret som standard, men kan deaktiveres i Control Hub	Webex-app
safebrowsing.googleapis.com	Used to perform safety checks on URLs before unfurling them in the message stream. Denne funktion er aktiveret som standard, men kan deaktiveres i Control Hub	Webex-app
*.walkme.com s3.walkmeusercontent.com	Webex-brugervejledningsklient. Provides onboarding and usage tours for new users For more info, see https://support.walkme.com/knowledge-base/access-requirements-for-walkme/	Webbaserede Webex-apps
speech.googleapis.com texttospeech.googleapis.com speech-services-manager-a.wbx2.com	Google-taletjenester. Bruges af Webex Assistant til at håndtere talegenkendelse og tekst-til-tale. Disabled by default, opt-in via Control Hub. Assistant kan også deaktiveres på enhedsbasis.	Webex Room Kit and Cisco Video devices Details of Cisco Video devices that support Webex Assistant are documented here: https://help.webex.com/hzd1aj/Enable-Cisco-Webex-Assistant
msftncsi.com/ncsi.txt captive.apple.com/hotspot-detect.html	Third-party internet connectivity checks to identify cases where there is a network connection but no connection to the Internet. The Webex app performs its own internet connectivity checks but can also use these 3rd party URLs as a fallback.	Webex-app
.appdynamics.com .eum-appdynamics.com	Sporing af præstation, registrering af fejl og nedbrud, sessionsmålinger (1)	Webex-app Webex-webapp
*.amplitude.com	A/B-test og -statistik (1)	Webex Web App Webex Android App
.livestream.webex.com .vbrickrev.com	This domain is used by attendees viewing Webex Events and Webcasts	Webex Events, Webex Webcasts
.slido.com .sli.do *.data.logentries.com slido-assets-production.s3.eu-west-1.amazonaws.com	Used for Slido PPT add-in and to allow Slido webpages to create polls/quizzes in pre-meeting Used for exporting questions and answers, poll results, etc, from Slido	Alle
.quovadisglobal.com .digicert.com .godaddy.com .identrust.com *.lencr.org	Bruges til at anmode om certifikattilbagetrækkelseslister fra disse certifikatmyndigheder Bemærk: Webex understøtter både CRL- og OCSP-hæftning med henblik på at fastslå tilbagekaldelsesstatussen for certifikater. With OCSP stapling, Webex apps and devices do not need to contact these Certificate Authorities	Alle
*.intel.com	Bruges til at anmode om certifikattilbagetrækkelseslister og kontrollere certifikatstatus med Intels OCSP-tjeneste for certifikater, der er sendt med baggrundsbilleder, som bruges af Webex-apps og -enheder	Alle
.google.com .googleapis.com	Underretninger til Webex-apps på mobile enheder (f.eks. ny meddelelse) Googles Firebase Cloud Messaging-tjeneste (FCM) https://firebase.google.com/docs/cloud-messaging/concept-options#messaging-ports-and-your-firewall Apple Push Notification Service (APNS) https://support.apple.com/en-us/HT203609 Bemærk: For APNS viser Apple kun de IP-undernet, der bruges til denne tjeneste	Webex-app
cdnjs.cloudflare.com cdn.jsdelivr.net static2.sharepointonline.com appsforoffice.microsoft.com	URLs for Webex Scheduler for Microsoft Outlook Microsoft Outlook users can use the Webex Scheduler to schedule Webex meetings or Webex Personal Room meetings directly from Microsoft Outlook in any browser. For details see: Klik her	Alle
Core Webex services being deprecated
URL-adresse	Beskrivelse	Webex-apps og -enheder, der bruger disse domæner/URL-adresser
*.clouddrive.com	Webex storage for user generated content and logs File storage on clouddrive.com was replaced by webexcontent.com in Oct 2019 Organizations with long retention periods for user generated content may still be using cloudrive.com to store older files	Alle
*.ciscosparkcontent.com	Overførsel af logfiler Lagertjenesten til logfiler bruger nu *.webexcontent.com-domænet	Webex App
*.rackcdn.com	Indholdsleveringsnetværk (CDN) til *.clouddrive.com-domænet	Alle

(1) Webex bruger tredjepart til at indsamle diagnostiske og fejlfinding data; og indsamling af data om nedbrud og brug. Data, som kan blive sendt til disse tredjepartswebsteder, er beskrevet i dataarkene om Webex-databeskyttelse. For detaljer, se:

Content Delivery Networks used by Webex Services
Webex uses Content Delivery Network (CDN) services to efficiently deliver static files and content to Webex apps and devices. Hvis du bruger en proxyserver til at kontrollere adgangen til Webex-tjenesteydelser, behøver du ikke tilføje CDN-domæner på listen over tilladte domæner for Webex-tjenesteydelser (fordi DNS-fortolkning til CDN CNAME udføres af din proxy efter den indledende URL-filtrering). If you are not using a Proxy server (e.g. you are only using a firewall to filter URLs), DNS resolution is performed by the OS of your Webex app / device, and you will need to add the following CDN URLs to the domain to allow list in your firewall :

*.cloudfront.net

*.akamaiedge.net

*.akamai.net

*.fastly.net

Yderligere URL-adresser til Webex-hybrid-tjenester

Konfigurer din proxy til at give adgang til URL-adresserne i tabellen nedenfor for Webex-hybrid-tjenester. Adgang til disse eksterne domæner kan begrænses ved, at du kun konfigurerer din proxy til kun at tillade, at det er kilde-IP-adresserne til dine hybrid-tjenestenoder, der kan nå disse URL-adresser.

Cisco Webex-URL-adresser til hybrid-tjenester
URL-adresse	Beskrivelse	Bruges af:
.docker.com (1) .docker.io (1) *dkr.ecr.us-east-1.amazonaws.com	Oplysninger om hybrid-tjenester	Video Mesh Node Hybrid-datasikkerhedstjeneste-node
*s3.amazonaws.com (1)	Overførsler af logfiler	Video Mesh Node Hybrid-datasikkerhedstjeneste-node
*.cloudconnector.webex.com	User Synchronization	Directory Connector til hybrid-tjenester

(1) We plan to phase out the use of *.docker.com and *.docker.io for Hybrid Services Containers, eventually replacing them with subdomains in *.amazonaws.com.
Bemærk:
If you use a Cisco Web Security Appliance (WSA) Proxy and want to automatically update the URLs used by Webex services, please refer to the WSA Webex Services configuration document for guidance on how to deploy a Webex External Feed-in AsyncOS for Cisco Web Security.

For a CSV file containing the list of Webex Services URIs, see: Webex Services CSV File

Din proxyserver skal konfigureres til at give Webex-signaltrafik adgang til de domæner/URL-adresser, der er anført i det forrige afsnit. Support for additional proxy features relevant to Webex services is discussed below:

Proxyfunktioner

Understøttelse af proxygodkendelse

Proxies can be used as access control devices, blocking access to external resources until the user/device provides valid access permission credentials to the proxy. Several authentication methods are supported by Proxies, such as Basic Authentication, Digest Authentication (Windows-based) NTLM, Kerberos, and Negotiate (Kerberos with NTLM fallback).

For the “No Authentication” case in the table below, the device can be configured with a Proxy address but does not support authentication. When Proxy Authentication is being used, valid credentials must be configured and stored in the OS of Webex App or Cisco Video Device.

For Cisco Video devices and the Webex App, Proxy addresses can be configured manually via the platform OS, or device UI, or automatically discovered using mechanisms such as:

Web Proxy Auto Discovery (WPAD) og/eller Proxy Auto Config (PAC)-filer:

Produkt	Godkendelsestype	Proxykonfiguration
Webex til Mac	Ingen godk., grundlæggende, NTLM (1)	Manuel, WPAD, PAC
Webex til Windows	Ingen godk., grundlæggende, NTLM (2), Negotiate	Manuel, WPAD, PAC, GPO
Webex til iOS	Ingen godk., grundlæggende, Digest, NTLM	Manuel, WPAD, PAC
Webex til Android	Ingen godk., grundlæggende, Digest, NTLM	Manuel, PAC
Webex-webapp	Ingen godk., grundlæggende, Digest, NTLM, Negotiate	Understøttet via OS
Cisco Video devices	Ingen godk., grundlæggende, Digest	WPAD, PAC eller manuel
Webex Video Mesh Node	Ingen godk., grundlæggende, Digest, NTLM	Manuel
Hybrid-datasikkerhedstjeneste-node	Ingen godk., grundlæggende, Digest	Manuel
Værtsadministreringsforbindelse til hybrid-tjenester	Ingen godk., grundlæggende	Manuel konfiguration Expressway C: Applikationer > Hybrid-tjenester > Forbindelseproxy
Hybrid-tjenester: Directory-forbindelse	Ingen godk., grundlæggende, NTLM	Understøttet via Windows OS
Hybrid-tjenester Expressway C: Kalenderforbindelse	Ingen godk., grundlæggende, NTLM	Manuel konfiguration Expressway C: Applications > Hybrid Services > Connector Proxy : Username Password Expressway C: Applikationer > Hybrid-tjenester > Kalenderforbindelse > Microsoft Exchange > Grundlæggende og/eller NTLM
Hybrid-tjenester Expressway C: Opkaldsforbindelse	Ingen godk., grundlæggende	Manuel konfiguration Expressway C: Applikationer > Hybrid-tjenester > Forbindelseproxy

(1): Mac NTLM Auth - Machine need not be logged onto the domain, user prompted for a password
(2): Windows NTLM Auth - Supported only if a machine is logged onto the domain

Guidance on Proxy settings for Windows OS
Microsoft Windows supports two network libraries for HTTP traffic (WinINet and WinHTTP) that allow Proxy configuration. WinInet er kun designet til enkelte brugere og desktop-klientapplikationer. WinHTTP er primært udviklet til serverbaserede
applikationer med flere brugere. WinINet er et supersæt af WinHTTP. Når du vælger mellem disse to, skal du bruge WinINet til dine proxy-konfigurationsindstillinger. For more info, see https://docs.microsoft.com/en-us/windows/win32/wininet/wininet-vs-winhttp

Proxy-inspektion og certifikatfastgørelse

The Webex app and Cisco Video devices validate the certificates of the servers they establish TLS sessions with. Certificate checks such as, the certificate issuer and digital signature, rely upon verifying the chain of certificates up to the root certificate. To perform these validation checks, the app or device uses a set of trusted root CA certificates installed in the operating system trust store.

If you have deployed a TLS-inspecting Proxy to intercept, decrypt, and inspect Webex traffic, ensure that the certificate the Proxy presents (in lieu of the Webex service certificate) has been signed by a certificate authority whose root certificate is installed in the trust store of your Webex App or Webex device. For Webex-appen skal det CA-certifikatet, der bruges til at underskrive certifikatet og benyttes af proxyen, installeres i enhedens operativsystem. For Cisco Video devices, open a service request with TAC to install this CA certificate into the RoomOS software.

The table below shows the Webex app and Webex device support for TLS inspection by Proxy servers:

Produkt	Understøtter brugerdefinerede nøglecentre til TLS-inspektion
Webex-app (Windows, Mac, iOS, Android og web)	Yes*
Cisco Video Devices	Ja
Cisco Webex-videomesh	Ja
Hybrid-datasikkerhedstjeneste	Ja
Hybrid-tjenester – mappe-, kalender- og administrationsforbindelser	Nej

"* Bemærk – Webex-appen understøtter ikke proxyserver-dekryptering og inspektion af TLS-sessioner for Webex Meetings medietjenester. If you wish to inspect traffic sent to services in the webex.com domain, you must create a TLS inspection exemption for traffic sent to *mcs*.webex.com, *cb*.webex.com and *mcc*.webex.com.
Note - The Webex app does not support SNI extension for TLS based media connections. Tilslutning af Webex lyd- og videotjenester mislykkes, hvis en proxyserver kræver, at SNI er tilstede.

802.1x – portbaseret netværksadgangskontrol

Produkt	Understøtter 802.1X	Bemærkninger
Webex-app (Windows, Mac, iOS, Android og web)	Ja	Understøttet via OS
Cisco Video Devices	Ja	EAP-FAST EAP-MD5 EAP-PEAP EAP-TLS EAP-TTLS Konfigurer 802.1X via GUI eller Touch 10 Overfør certifikater via HTTP-brugerfladen
Video Mesh Node	Nej	Brug MAC-adressebypass
Hybrid-datasikkerhedstjeneste	Nej	Brug MAC-adressebypass
Hybrid-tjenester – mappe-, kalender- og administrationsforbindelser	Nej	Brug MAC-adressebypass

Netværkskrav til SIP-baserede Webex-tjenesteydelser

The Webex cloud supports inbound and outbound calls using SIP as the call control protocol for Webex Meetings and for direct (1:1) calls from/to cloud registered Webex apps and Cisco Video devices.

SIP calls for Webex Meetings
Webex Meetings allows participants with SIP apps and devices to join a meeting by either:

Opkald til SIP-URI'en til mødet (f.eks. meetingnumber@webex.com) eller
Webex-cloud-opkald til deltagerens specificerede SIP-URI (f.eks. my-device@customer.com)

Calls between SIP apps/devices and cloud registered the Webex app/Cisco Video devices
The Webex cloud allows users of SIP apps and devices to:

Be called by cloud registered Webex apps and Cisco Video devices
Call cloud registered Webex apps and Cisco Video devices

I begge af ovennævnte tilfælde skal SIP-apps og -enheder oprette en session til/fra Webex-cloud. The SIP app or device will be registered to a SIP based call control application (such as Unified CM), which typically has a SIP Trunk connection to Expressway C and E that allows inbound and outbound calls (over the internet) to the Webex Cloud.

SIP-apps og -enheder kan være:

Cisco Video device using SIP to register to Unified CM
Cisco IP-telefoner, der bruger SIP til at tilmelde til Unified CM eller Webex Calling-tjenesten
En tredjeparts-SIP-app eller -enhed, der bruger en tredjeparts-SIP-opkaldskontrolapplikation

Note * If a router or SIP firewall is SIP Aware, meaning it has SIP Application Layer Gateway (ALG) or something similar enabled, we recommend that you turn off this functionality to maintain the correct operation of service. Se oplysninger om, hvordan du deaktiverer SIP ALG på specifikke enheder, i den relevante producents dokumentation

Følgende tabel beskriver de porte og protokoller, der er nødvendige for adgang til Webex-SIP-tjenester:

Porte og protokoller til Webex-SIP-tjenester
Kildeport	Destinationsport	Protokol	Beskrivelse
Expressway Ephemeral ports	Webex cloud 5060-5070	SIP over TCP/TLS/MTLS	SIP-signaler fra Expressway E til Webex-cloud Transport-protokoller: TCP/TLS/MTLS
Webex Cloud Ephemeral ports	Expressway 5060 - 5070	SIP over TCP/TLS/MTLS	SIP-signaler fra Webex-cloud til Expressway E Transport-protokoller: TCP/TLS/MTLS
Expressway 36000 - 59999	Webex cloud 49152 -59999	RTP/SRTP over UDP	Ikke-krypterede/krypterede medier fra Expressway E til Webex-cloud Medie-transportprotokol: UDP
Webex cloud 49152 - 59999	Expressway 36000 - 59999	RTP/SRTP over UDP	Ikke-krypterede/krypterede medier fra Webex-cloud til Expressway E Medie-transportprotokol: UDP

SIP-forbindelsen mellem Expressway E og Webex-cloud understøtter ikke-krypteret signal ved hjælp af TCP og krypteret signal ved hjælp af TLS eller MTLS. Encrypted SIP signaling is preferred as the certificates exchanged between the Webex cloud and Expressway E can be validated before proceeding with the connection.

Expressway bruges normalt til at aktivere SIP-opkald til Webex Cloud og B2B SIP-opkald til andre organisationer. Konfigurer din firewall til at tillade:

Al udgående SIP-signaltrafik fra Expressway E-noder
Al indgående SIP-signaltrafik til dine Expressway E-noder

Hvis du vil begrænse indgående og udgående SIP-signaler og relateret medietrafik til og fra Webex-cloud. Configure your firewall to allow SIP signaling and medial traffic to access the IP subnets for Webex media services (refer to the section "IP subnets for Webex media services") and the following AWS regions: us-east-1, us-east-2, eu-central-1, us-gov-west-2, us-west-2. The IP address ranges for these AWS regions can be found here: https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html

* This webpage is not instantaneously updated, as AWS makes regular changes to the IP address ranges in their subnets. To dynamically track AWS IP address range changes, Amazon recommends subscribing to the following notification service: https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html#subscribe-notifications

Medier til SIP-baserede Webex-tjenesteydelser bruger de samme IP-destinationsundernet til Webex-medier (angivet her)

Netværkskrav til Webex Edge-lyd

Protocol	Portnummer(numre)	Retning	Adgangstype	Kommentarer
TCP	5061, 5062	Inbound	SIP Signalling	Indgående SIP-signalering til Webex Edge-lyd
TCP	5061, 5065	Outbound	SIP Signalling	Udgående SIP-signalering til Webex Edge-lyd
TCP/UDP	Ephemeral Ports 8000 - 59999	Inbound	Media Ports	På en virksomheds firewall skal nåleøjer åbnes for indgående trafik til Expressway med et portområde fra 8000-59999

En oversigt over andre Webex-hybrid-tjenester og -dokumenter

Cisco Webex-videomesh

Cisco Webex-videomesh er en lokal medietjeneste på dit netværk. I stedet for at alle medier sendes til Webex Cloud, kan de forblive på dit netværk for at reducere internetforbindelsens båndbreddeforbrug og øge mediekvaliteten. Se yderligere oplysninger i Cisco Webex Video Mesh-udrulningsvejledningen.

Hybrid-kalendertjenester

Hybrid-kalendertjenesten forbinder Microsoft Exchange, Office 365 eller Google Calendar med Webex, hvilket gør det lettere at planlægge og deltage i møder, især når de er mobile.

For details, see: Deployment Guide for Webex Hybrid Calendar Service

Hybridadresselistetjeneste

Cisco Directory Connector er en lokal applikation til identitetssynkronisering i Webex-cloud. Det tilbyder en enkel administratorproces, der automatisk og sikkert forlænger virksomhedsmappekontakter til skyen og holder dem synkroniseret for nøjagtigheden og overensstemmelsen.

For details, see: Deployment Guide for Cisco Directory Connector

Foretrukket arkitektur til Webex-hybrid-tjenester

Den foretrukne arkitektur til Cisco Webex-hybrid-tjenester beskriver den samlede hybridarkitektur, dens komponenter og den generelle bedste praksis for design. Se: Preferred Architecture for Webex Hybrid Services

Webex Calling – netværkskrav

If you are also deploying Webex Calling with Webex Meetings and Messaging services, the network requirements for the Webex Calling service can be found here: https://help.webex.com/b2exve/Port-Reference-Information-for-Cisco-Webex-Calling

Webex Events - Network Requirements

If you are also deploying Webex Events with Webex Meetings and Messaging services, the network requirements for the Webex Events service can be found here: https://help.socio.events/en/articles/4796797-what-domains-emails-should-be-allowlisted-by-my-attendees-network-admins

Webex-tjenesteydelser til FedRAMP-kunder

For customers who require the list of IP address ranges and ports for Webex FedRAMP services
This information can be found here : https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/cloudCollaboration/WebexforGovernment/FedRAMP_Meetings_Ports_IP_Ranges_Quick_Reference.pdf

Dokumentets revisionshistorik – netværkskrav til Webex-tjenesteydelser

Revisionsdato	Nye og ændrede oplysninger
08/19/2024	Included images with Branding logos for the (*.webexconnect.com) Domains and URLs section
08/02/2024	Webex IPv6 Support section - Changed text to emphasize the MTU size for IPv4 and IPv6 traffic.
07/26/2024	Added new subdomain *dkr.ecr.us-east-1.amazonaws.com under Additional URLs for Webex Hybrid Services
07/26/2024	Guidance on recommended IP packet Maximum Transmissible Unit (MTU) size for IPv6 traffic to Webex Services
04/08/2024	Added a missing period before (webex.com and cisco.com) under the Cisco Webex Servers URLs subdomain
12/06/2023	Revised introduction with a focus on the Webex Suite of Services
12/06/2023	Revision of section: Transport protocols and encryption ciphers for cloud registered Webex apps and devices. Updated information on the TLS versions and Cipher Suites in use and preferred by Webex Suite Services Additional details and guidance on media transport protocols Cisco Video devices now support sending media over TLS through a Proxy server, aligning behavior with that of the Webex app. Addition of guidance on Proxy configuration (Webex strongly recommends that you do not alter or delete HTTP header values as they pass through your proxy/ firewall unless permitted…)
12/06/2023	Revision of IP subnets for Webex media services section Media services no longer reside in AWS, only in Webex Data Centres and Microsoft Azure Data Centres for VIMT. Additional text on media transport protocols and preferences
12/06/2023	Webex signaling traffic and Enterprise Proxy Configuration section Addition of guidance on Proxy configuration (Webex strongly recommends that you do not alter or delete HTTP header values as they pass through your proxy/ firewall unless permitted…)
12/06/2023	Cisco Webex Services URLs table: Rows 1 and 2 merged (.webex.com, .cisco.com, .wbx2.com etc) The text is to be revised to reflect that the Webex suite uses common services for meetings and messaging. .livestream.webex.com added for Webex Webcasts A section on Core Webex services being deprecated: Text simplified
10/09/2023	A link to VIMT doc has been included
8/29/2023	Removed port 444 TLS for Video Mesh Node (no longer used).
5/24/2023	Added Webex Events – Network Requirements
2/23/2023	New IP subnets for media added (144.196.0.0/16 and 163.129.0.0/16) These IP subnets will be activated 30 days or more after publication here.
2/9/2023	Genudgivet (rettet ikke-klikbare faner)
1/23/2023	Genudgivet med duplikerede undernet fjernet (66.114.169.0 og 66.163.32.0)
1/11/2023	Webex Web App og SDK – TLS tilføjet som en fallback-transportprotokol til krypteret lyd, video og indholdsdeling, hvis UDP og TCP ikke kan bruges
1/11/2023	Nye IP-undernet til medier tilføjet: 4.152.214.0/24, 4.158.208.0/24, 4.175.120.0/24 (Azure Data Centres for VIMT)
10/14/2022	Ny Slido-URL-adresse tilføjet: *.slido-assets-production.s3.eu-west-1.amazonaws.com
9/15/2022	New IP subnet for media added : 20.120.238.0/23 (Azure Data Centre for VIMT)
9/12/2022	URL-adresser til Webex-planlægningsprogram til Microsoft Outlook er tilføjet.
8/12/2022	Der blev tilføjet en bemærkning i afsnittet Portnummer og protokoller. RoomOS-enheder sender ikke medier, der transporteres via TLS, til en konfigureret proxyserver.
8/12/2022	IP-undernet til Webex-medie – AWS IP-undernet 18.230.160.0/25 er fjernet fra tabellen med IP-undernet. Disse medienoder bruger nu Cisco-ejede IP-adresser i undernet, der allerede er angivet i tabellen.
8/12/2022	En bemærkning er tilføjet for at fremhæve, at adgang til alle domæner og underdomæner er påkrævet for de angivne URL-adresser i afsnittet Domæner og URL-adresser til Webex-tjenesteydelser.
6//25/2022	Krav til Google- og Apple-meddelelsestjenester tilføjet
6/25/2022	Ny Webex-URL-adresse *.webexapis.com tilføjet på tabellen med domæner og URL-adresser
6/22/2022	Yderligere vejledning tilføjet for SIP-udrulninger med Cisco Unified CM
4/5/2022	Fjernelse af AWS IP-undernet for medietjenester – disse undernet er forældede
12/14/2021	Nye medie-UDP-portintervaller (50.000-53.000) er føjet til Video Mesh Node Port 9000 til medier via TCP er fjernet – brug af denne destinationsport til medier via TCP udfases i januar 2022 Port 33434 til medier via UDP og TCP fjernes – brug af destinationsporten for medier via UDP og TCP udfases i januar 2022
11/11/2021	Opdateret tabel over Webex-tjenesteydelsers portnumre og -protokoller samt Cisco Webex-tjenesteydelsers URL-adresser.
10/27/2021	Tilføjet *.walkme.com og s3.walkmeusercontent.com i tabellen med domæner.
10/26/2021	Tilføjet vejledning om proxyindstillinger til Windows
10/20/2021	Tilføjet CDN-URL-adresser til domænets tilladelsesliste i din firewall
10/19/2021	Webex-appen bruger AES-256-GCM eller AES-128-GCM til at kryptere indhold for alle Webex Meeting-typer.
10/18/2021	Tilføjede nye IP-undernet (20.57.87.0/24, 20.76.127.0/24 og 20.108.99.0/24), der bruges til at være vært for videointegration til Microsoft Teams-tjenester (også kaldet Microsoft Cloud Video Interop) og domænerne (.cloudfront.net, .akamaiedge.net, .akamai.net og *.fastly.net), som vi har tilføjet i indholdsleveringsnetværk, der anvendes af Webex-tjenesteydelser
10/11/2021	Opdaterede afsnittet Tillidsportal-link i Domæne og URL-adresse.
10/04/2021	Fjernede *.walkme.com og s3.walkmeusercontent.com fra domænetabel, da de ikke længere er nødvendige.
07/30/2021	Opdaterede afsnittet Note i Proxy-funktioner
07/13/2021	Opdaterede afsnittet Note i Proxy-funktioner
07/02/2021	Ændrede .s3.amazonaws.com til s3.amazonaws.com
06/30/2021	Opdaterede listen Yderligere URL-adresser til Webex-hybrid-tjenester.
06/25/2021	Tilføjede *.appdynamics.com-domænet på listen
06/21/2021	Tilføjede *.lencr.org-domænet på listen.
06/17/2021	Opdaterede porte og protokoller til tabellen med Webex SIP-tjenester
06/14/2021	Opdaterede porte og protokoller til tabellen med Webex SIP-tjenester
05/27/2021	Opdaterede tabellen i afsnittet Yderligere URL-adresser til Webex-hybrid-tjenester.
04/28/2021	Tilføjede domæner i Slido PPT-tilføjelsesprogrammet og for at gøre det muligt for Slido websider at oprette meningsmålinger/quizzer inden mødet
04/27/2021	Tilføjede 23.89.0.0/16 IP-område for Webex Edge-lyd
04/26/2021	Tilføjede 20.68.154.0/24*, da det er et Azure-undernet
04/21/2021	Opdaterede CSV-filen for Webex-tjenesteydelser under Yderligere URL-adresser for Webex-hybrid-tjenester
04/19/2021	Tilføjede 20.53.87.0/24*, da det er en Azure DC til VIMT/CVI
04/15/2021	Vi har tilføjet domænet *.vbrickrev.com i Webex Events-webcasts.
03/30/2021	Omfattende revision af dokumentlayout.
03/30/2021	Oplysninger om webbaseret Webex-app og Webex SDK-medieunderstøttelse tilføjet (ingen medier via TLS).
03/29/2021	Egenskaber for Webex Edge til enheder angivet med et link til dokumentationen.
03/15/2021	Tilføjede domænet *.identrust.com
02/19/2021	Tilføjede et afsnit for Webex-tjenesteydelser til FedRAMP-kunde
01/27/2021	.cisco.com-domæne tilføjet for cloud-forbundet UC-tjeneste og IP-undernet til onboarding for Webex Calling til videointegration for Microsoft Teams (også kaldet Microsoft Cloud Video Interop) angivet af
01/05/2021	Nyt dokument, der beskriver netværkskravene til Webex-appen Meetings og meddelelsestjenesterne
11/13/20	Fjernede undernettet https://155.190.254.0/23 fra IP-undernet for medietabel
10/7/2020	Fjernede *.cloudfront.net fra Yderligere URL-adresser for Webex Teams hybrid-tjenester
9/29/2020	Nyt IP-undernet (20.53.87.0/24) føjet til Webex Teams-medietjenester
9/29/2020	Webex-enheder omdøbt til Webex Room-enheder
9/29/2020	*.core-os.net URL removed from table : Yderligere URL-adresser til Webex Teams hybrid-tjenester
9/7/2020	Opdateret link til AWS-regioner
08/25/20	Forenkling af tabellen og teksten for Webex Teams-IP-undernet til medier
8/10/20	Yderligere oplysninger om, hvordan adgang til medienoder testes, og brug af Cisco-IP-undernet med Webex Edge Connect
7/31/20	Tilføjede nye IP-undernet til medietjenester i AWS og Azure-datacentre
7/31/20	Tilføjede nye UDP-destinationsmedieporte for SIP-opkald til Webex Teams-cloud
7/27/20	Tilføjede 170.72.0.0/16 (CIDR) eller 170.72.0.0-170.72.255.255 (nettoområde)
5/5/20	Tilføjede sparkpostmail.com i tabellen Tredjepartsdomæner
4/22/20	Tilføjede nyt IP-interval 150.253.128.0/17
03/13/20	New URL added for the walkme.com service TLS media transport for Room OS devices added New section added : Network Requirements for Hybrid Calling SIP Signalling Link added for the Webex Calling network requirements document
12/11/19	Mindre tekstændringer, opdatering af tabellen Webex Teams apps og enheder – portnumre og protokoller, opdatering og nyt format til tabellerne med Webex Teams URL-adresser. Fjernet NTLM-proxy-godkendelsesunderstøttelse til administreringsforbindelse- og opkaldsforbindelse-hybrid-tjenester
10/14/19	TLS-inspektionsunderstøttelse for lokaleenheder tilføjet
9/16/2019	Tilføjelse af TCP-understøttelseskrav for DNS-systemer, der bruger TCP som transportprotokol. Tilføjelse af URL-adressen *.walkme.com – denne tjeneste bruges til onboarding af og brugsanvisninger til nye brugere. Ændringer til de tjeneste-URL-adresser, der bruges af Webassistenten.
8/28/2019	*.sparkpostmail1.com URL tilføjet e-mailtjeneste til nyhedsbreve, tilmeldingsoplysninger og meddelelser
8/20/2019	Proxy-understøttelse tilføjet til Video Mesh Node og hybrid-datasikkerhedstjeneste
8/15/2019	Overview of Cisco and AWS data centre used for Webex Teams Service. .webexcontent.com URL added for file storage Note on deprecation of clouddrive.com for file storage .walkme.com URL added for metrics and testing
7/12/2019	URL-adresserne .activate.cisco.com og .webapps.cisco.com tilføjet URL-adresser for tale til tekst opdateret til .speech-googleapis.wbx2.com og .texttospeech-googleapis.wbx2.com URL-adressen .quay.io fjernet URL-adressen til hybrid-tjenesters containere opdateret til .amazonaws.com
6/27/2019	Tilføjet krav til tilladelsesliste for *.accompany.com til People Insights-funktion
4/25/2019	Tilføjede "Webex Teams-tjenester" for linje om TLS-versionsunderstøttelse. Tilføjede "Webex Teams" til mediestreams-linjen under Medietrafik. Tilføjede "geografisk" før region i Webex Teams IP-undernet til medieafsnit. Foretog andre mindre ændringer af ordlyden. Redigerede tabellen med Webex Teams-URL-adresser ved at opdatere URL-adressen til A/B-test og statistik og tilføje ny række til Google taletjenester. Fjernede 10.1 versionsoplysninger efter AsyncOS i "Yderligere URL-adresser til Webex Teams-hybrid-tjenester". Opdaterede tekst i afsnittet "Understøttelse af proxygodkendelse".
3/26/2019	Ændrede URL-adressen, der er linket her: "Få flere oplysninger i WSA Webex Teams-konfigurationsdokumentet" fra https://www.cisco.com/c/dam/en/us/products/collateral/security/web-security-appliance/guide-c07-739977.pdf til https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-5/user_guide/b_WSA_UserGuide_11_5_1.html Ændrede URL-adressen "api.giphy.com" til *.giphy.com
2/21/2019	Opdaterede "Webex Calling" til "Webex Calling (tidligere Spark Calling)", som anmodet af John Costello, på grund af kommende lancering af produkt med samme navn – Webex Calling via BroadCloud.
2/6/2019	Opdaterede teksten "Hybrid-medienode" til "Webex Video Mesh Node"
1/11/2019	Opdaterede teksten "End to end-krypterede filer, der er overført til Webex Teams-rum og avatar-hukommelse" til "End to end-krypterede filer, der er uploadet til Webex Teams-rum, avatar-hukommelse, Webex Teams-brandinglogoer"
1/9/2019	Opdateret for at fjerne følgende linje: "*Hvis Webex-rumenheder skal opnå CA-certifikatet, der er nødvendigt for at validere kommunikation gennem din TLS-inspektionsproxy, bedes du kontakte din CSM eller åbne en sag med Cisco TAC."
5. december 2018	Opdaterede URL-adresser: Fjernede "https://" fra 4 poster i Webex Teams URL-tabellen: https://api.giphy.com -> api.giphy.com https://safebrowsing.googleapis.com -> safebrowsing.googleapis.com http://www.msftncsi.com/ncsi.txt -> msftncsi.com/ncsi.txt https://captive.apple.com/hotspot-detect.html -> captive.apple.com/hotspot-detect.html Opdaterede linket .CSV-fil til Webex Teams for at vise reviderede links vist ovenfor
30. november 2018	Nye URL-adresser: .ciscosparkcontent.com, .storage101.ord1.clouddrive.com, .storage101.dfw1.clouddrive.com, .storage101.iad3.clouddrive.com, https://api.giphy.com, https://safebrowsing.googleapis.com, http://www.msftncsi.com/ncsi.txt, https://captive.apple.com/hotspot-detect.html, .segment.com, .segment.io, .amplitude.com,.eum-appdynamics.com, .docker.io, .core-os.net, .s3.amazonaws.com, .identity.api.rackspacecloud.com
	Understøttelse af yderligere proxygodkendelsesmetoder til Windows, iOS og Android
	Webex Board indfører rumenhedens OS og funktioner; Proxyfunktioner delt af rumenheder: SX, DX, MX, Room Kit-serier og Webex Board
	Understøttelse af TLS-inspektion i iOS- og Android-apps
	Fjernelse af understøttelse af TLS-inspektion fjernet på rumenheder: SX, DX, MX, Room Kit-serier og Webex Board
	Webex Board indfører rumenhedens OS og funktioner; 802.1X-understøttelse
21. november 2018	Following Note added to IP Subnets for media section : The above IP range list for cloud media resources is not exhaustive, and there may be other IP ranges used by Webex Teams which are not included in the above list. Dog vil Webex Teams-appen og -enhederne være i stand til at fungere normalt uden at være i stand til at forbinde med de medie-IP-adresser, der ikke er angivet.
19. oktober 2018	Note added : Webex Teams use of third parties for diagnostic and troubleshooting data collection; and the collection of crash and usage metrics. De data, der kan sendes til disse tredjepartswebsteder, er beskrevet i Webex-dataarket om beskyttelse af personlige oplysninger. For details see : https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/cisco-webex-privacy-data-sheet.pdf
19. oktober 2018	Separat tabel til yderligere URL-adresser, der bruges af hybrid-tjenester: .cloudfront.net, .docker.com, .quay.io, .cloudconnector.cisco.com, *.clouddrive.com
7. august 2018	Note added to Ports and Protocols table : If you configure a local NTP and DNS server in the Video Mesh Node’s OVA, then ports 53 and 123 are not required to be opened through the firewall.
7. maj 2018	Omfattende dokumentrevision
24. april 2022	Opdateret for at ændre sætningernes rækkefølge i afsnittet for IP-undernet til Webex-medietjenester. The paragraph starting with "If you have configured your firewall .. " was moved below the paragraph starting with "Cisco does not support ..."