fivelayers.net

Real-time executive to employee communications has become more critical during COVID-19. Whether its for hosting regular employee check-ins, deliver quarterly business update, communicate return-to-office strategy and most importantly listen to the voice of the employees has become extremely critical for a global corporations.

Having helped enterprise customers over many years on designing, building and operationalizing webcasting solutions, In this article I would like to address some design options and best practices based on different scenarios. Secondly, I would also like to use this article as a way to start discussion on understanding your pain points in scaling your webcast Infrastructure to your remote workforce.

Webcasting Solution Overview

From the point of video content creation until the viewer consumption, the live stream pass through different intermediate stages. Figure 1 below shows all these intermediate stages, functions performed at each stage and relevant technology components necessary to execute the function. These components can be hosted on-prem or in the cloud depending on the extent to which you want to control your media workflows. For instance, the transcode/record function can be executed by an on-prem Cisco Meeting Server or by WebEx hosted in the cloud. Similarly the distribute function can be performed by an on-prem content delivery system like VBrick or from the cloud like Akamai.

Scaling your Webcasts to Remote Workforce

When most of the global workforce is remote, delivering live streams at this scale is a challenging task. Before COVID-19, employees who worked from home probably made VPN connection to their corporate office to view the webcast at a smaller scale (probably 15% of the workforce). With the current situation , with more than 90% workforce remote, this would load up the VPN concentrators and could jeopardize the quality of experience.

If your webcast infrastructure is on-prem and leverages enterprise CDN for delivery, look for ways to use cloud to deliver that stream to your employees via the Internet. For example, if you have currently deployed Cisco TCS, you can deploy Wowza stream server and send the stream up to the cloud and leverage public CDN services like Akamai to deliver the streams. This means that from the end user standpoint, their VPN should support split tunneling where they connect to their video portal for authentication via VPN and then connect to the Internet at the same time for the live stream. Of course this could be a temporary solution until your workforce starts to move back to office workspace.

If you are strongly considering a full cloud option for your webcasting needs, Cisco WebEx now supports Integration with VBrick. If you are already a WebEx customer, this integration can be enabled very quickly as the solution is fully hosted in cloud.

Final option is hybrid method where you get to control portions of your media workflow. In this model, conferencing and transcoding services are hosted on-prem, video management is on cloud and distribution is both on-prem (VBrick…) and cloud (Akamai…). This method gives you the flexibility for delivering streams to your audience irrespective of where they are connected.

Security

Securing all aspects of your media workflow is extremely important and more critical if your solution involves cloud or hybrid design leveraging some services from public cloud. I have listed some of the key security considerations around this:

1. Content access security: Provides authenticated access to live and on-demand content (LDAP, SSO…)
2. Streaming security: Encrypting live and on-demand content when in motion (HTTPS, TLS…)
3. Application security: Access to user/admin interface via HTTPS.
4. Data security : Encrypting video content when at rest (AES…)
5. CDN security: How the CDN services authorizes the end user request before relaying the VoD or live stream
6. Cloud security: Enterprise level security policies of the cloud provider (AWS, Azure..)

Summary

In this article we discussed the media workflow across different stages, functions and components, then covered 3 design options around on-prem, cloud and hybrid scenarios and ways to go about scaling the webcast to the remote workforce. Finally we concluded with key security considerations for evaluating cloud providers.