1 / 43

Optimizing Your Network for Microsoft Teams: Top 5 Things to Know

Learn the essential strategies to optimize your network for Microsoft Teams, including addressing firewall and proxy issues, fixing VPN and delay problems, and implementing QoS and internal firewall settings.

maxa
Download Presentation

Optimizing Your Network for Microsoft Teams: Top 5 Things to Know

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Top five things you need to know to optimize your network for Microsoft Teams Johan Delimon Chief Solutions Architect, MVP Skype for Business &Teams The Collective, idelimon BVBA, GGEHOSTED, Ordina, Fujitsu THR3081

  2. Johan Delimon Johan Delimon idelimon BVBA / johan@delimon.be / @jdelimon / Skype for Business MVP / MCSM Communications / Skype4B Architect The Collective / idelimon BVBA / johan@delimon.be / @jdelimon / Skype4B - Teams MVP / MCSM Communications / Skype4B Architect

  3. Setting The Scene

  4. Pre Internet Age HQ Corporate Network

  5. Starting Internet Age Reasons for Firewall & Proxy • Security • Control • Compliance • … Internet Firewall Proxy HQ Corporate Network

  6. Trust in Early Internet Age Internet Firewall Proxy HQ Corporate Network

  7. Extending Internet to Corp Internet VPN Concentrator Firewall Proxy HQ Corporate Network

  8. Extending Internet to Corp Reasons for Firewall & Proxy • Security • Control • Compliance • … Internet VPN Concentrator Firewall Proxy HQ Corporate Network

  9. Cloud Era VPN Concentrator Firewall Proxy HQ Remote Site Corporate Network

  10. Cloud Era VPN Concentrator Firewall Proxy HQ Remote Site Corporate Network

  11. Cloud Era VPN Concentrator Firewall Proxy HQ Remote Site Corporate Network

  12. Cloud Era Internet Connection VPN Concentrator Firewall Proxy HQ Corporate Network

  13. Problems with this setup • Proxy Servers (HTTP Only TCP 80 & 443) • Firewalls only allow Proxy Servers to Internet • VPN used for Internet Access • Remote Offices use Central Internet Breakout • Office 365 is not a trusted destination

  14. Lets Remediate

  15. Proxy Servers Problem #1

  16. Fix Proxy Solutions • Remove Proxy all together • Get proper exceptions in place Firewalls may still block users from connecting VPN Concentrator Firewall Proxy HQ Remote Site Corporate Network

  17. Howto Fix Proxy • PROXY.PAC file to exclude all Office 365 URLs from Proxy • Configure Exceptions in browser (GPO) • Direct connection to Internet for Office 365 URLs • Firewall may still block connections • URLs change all the time Get Updates for URLs here Office 365 URLs and IP address ranges https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges Office 365 IP Address and URL Web service https://docs.microsoft.com/en-us/office365/enterprise/office-365-ip-web-service

  18. Skype and Teams URLs and IPs

  19. Skype4B & Teams URLs and IPs WebService

  20. Firewalls Problem #2

  21. Fix Firewalls Solution • Allow all Office 365 Ips • Allow all required Ports VPN Concentrator Firewall Proxy HQ Remote Site Corporate Network

  22. Howto Fix Firewalls • Allow all Office 365 IPs • Allow all required Ports • Express Route for corner case scenario’s Get Updates for IPs and Ports Office 365 URLs and IP address ranges https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges Office 365 IP Address and URL Web service https://docs.microsoft.com/en-us/office365/enterprise/office-365-ip-web-service

  23. Office 365 URLs and IP address ranges Microsoft Teams Ports

  24. VPN Problem #3

  25. Fix VPNs Solution • Require Split Tunnel VPN • Exclude all Office 365 IPs from VPN Tunnel VPN Concentrator Firewall Proxy HQ Remote Site Corporate Network

  26. Howto Fix VPNs • Requires Split Tunneling • Allow all Office 365 URLs • Allow all Office 365 IPs • Allow all required Ports Get Updates for URLs, IPs and Ports Office 365 URLs and IP address ranges https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges Office 365 IP Address and URL Web service https://docs.microsoft.com/en-us/office365/enterprise/office-365-ip-web-service

  27. Trust Office 365 Office 365 is now a trusted source and destination Extension of you Corporate Network now include Office 365 VPN Concentrator Firewall Proxy HQ Remote Site Corporate Network

  28. Roundtrip Delay / Internet Breakout Problem #4

  29. Delay Microsoft Global Network Transport Relays Internet Firewall Proxy HQ Remote Site Corporate Network

  30. Delay Microsoft Global Network Transport Relays Internet Firewall Proxy Firewall HQ Remote Site Corporate Network

  31. Howto Fix Delays • Local Breakout in every Location • Direct Peering with Microsoft (ISP) • Express Route for corner case scenario’s

  32. Skype for Business & Microsoft Teams Network Assessment Tool https://www.microsoft.com/en-us/download/details.aspx?id=53885

  33. Network Assessment Microsoft Global Network Transport Relays Internet Network EDGE Network EDGE Client Machine Client Machine Site Site

  34. Client & Customer Network Edge performance requirements to Microsoft network Edge

  35. QoS & Internal Firewalls Problem #5

  36. Fix QoS & Internal Firewalls Transport Relays Firewall Proxy Firewall HQ Remote Site Corporate Network

  37. Fix QoS & Internal Firewalls Transport Relays Firewall Proxy Firewall HQ Remote Site Corporate Network

  38. Fix Internal Firewalls & QoS • Understand Client Port Ranges in Use • Allow Client port Ranges in Firwall for P2P communication • Setup GPO’s for QoS for both Skype for Business • Client Port ranges cannot be changed (May Change in the Future)

  39. The Road to Happiness

  40. Please evaluate this sessionYour feedback is important to us! Please evaluate this session through MyEvaluations on the mobile appor website. Download the app:https://aka.ms/ignite.mobileApp Go to the website: https://myignite.techcommunity.microsoft.com/evaluations

More Related