We often hear our clients ask for suggestions on how they can improve their customers’ experience when using their applications within networks that have strict security configurations (think about government agencies, as an example). In these environments, the required network configurations that would allow WebRTC connections to be established may just not be feasible to implement in the interest of reducing vulnerabilities in the network. This makes it challenging for end users to make calls using WebRTC within the network, sometimes preventing them from making a connection altogether. This is a big problem for our clients, and of course, for us, as well.
One option to overcome this is by whitelisting the domains that are being used by our clients’ applications. However, there are instances where doing this is just not practical. Imagine having to go through all the security processes and approvals to have the domains exempted from being blocked by the network, etc., and repeating this process for each of their customers.
Instead of accepting this as the status quo, our team got busy, partnered with our selected clients, and together designed a feature that would help our clients’ applications overcome these limitations brought on by restrictive network configurations.
WebRTC primarily uses UDP for network communication and normally requires a high range of port numbers to be made available. This becomes a problem with organizations that enforce tight network policies as exposing all these ports could increase their security vulnerabilities. The WebRTC approach to work around this issue is the TURNS protocol, which transmits all media over a single TCP port (usually 443). However, in highly restrictive networks, media over TURNS may still be blocked.
To address this challenge, LiveSwitch has developed a feature that facilitates the streaming of media over WebSocket connections, a method generally permitted even in the most restrictive networks. This feature assists in minimizing the attack vectors that our customers must defend against within their ultra-secured networks, without necessitating the intricate whitelisting process.
WebRTC remains to be the preferred path for real-time communication, and this capability is designed not to be a replacement, but rather just a fallback plan to allow end users to establish connections despite operating within restricted networks.
The full technical documentation for this feature is available here.
As of this writing, only LiveSwitch offers this feature we refer to as “Media-over-WebSockets.”
This is a result of our team’s commitment to continuous innovation and focusing our energy on building solutions that address our customers’ needs. In addition to listening to our customers, we took it a step further and collaborated with our clients as true partners, which led to a solution that not only makes our products better but those of our customers as well. We are truly only as successful as our customers.
We invite our customers (and future customers) to try out this feature and provide early feedback! To access this feature, please reach out to our team.
If you are not on LiveSwitch yet, feel free to try our product through this link!