topic Re: Zoom, HTTPS inspection and performance in General Topics

Zoom, HTTPS inspection and performance

marcinw — Fri, 02 Oct 2020 14:33:37 GMT

Owing to Covid19 many users in my network have moved to VPN remote access, many of them use ZOOM for videoconferences, I am wondering from security point of view if it is ok I if exclude this traffic from HTTPS inspection to increase the performance of the firewall (checkpoint 5100) ? Second question will it increase the performance significantly, is it worth to do that ? Any opinions welcome

thanks

Re: Zoom, HTTPS inspection and performance

PhoneBoy — Fri, 02 Oct 2020 15:26:01 GMT

Most certainly it will improve performance, by how much depends on how much Zoom is used.
What would increase your performance even more is not "routing all traffic" through the VPN.

Re: Zoom, HTTPS inspection and performance

marcinw — Fri, 02 Oct 2020 15:41:36 GMT

We expect that Zoom will be using a lot. We have proxy server behind the Gateway that user use so they have to be routed through the gateway. At this moment on the VPN clients / Remote Access bookmark on the firewall it is marked "Allow VPN clients to route traffic through this gateway". How can I exclude only Zoom traffic from being routed through VPN gateway ?

Re: Zoom, HTTPS inspection and performance

PhoneBoy — Fri, 02 Oct 2020 16:16:23 GMT

You’d have to create an encryption domain that includes everything but Zoom IPs.
There are scripts that do this for Office 365 here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk167000
I imagine they could be adapted for Zoom also.

But like I said, I’m not a fan of “Route All Traffic” anyway.
There are better solutions that protect the endpoints even when they are not connected to VPN.
This is why we include Remote Access VPN as part of SandBlast Agent.