Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 7 subscribers
  • Views 6198 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Zoom meetings - IPS UDP Flood detection

LHerzog

Hello,

recently we are seeing huge ammounts of UDP flood detections and drops during zoom meetings since 28.09.2020.

Port is udp 8801.

I created exceptions for all the 100+ networks of zoom.

Still seeing some drops here for IPs not listed in the zoom document. This is only during meetings and so is to be legitimate traffic.

Has anyone seen a recent update from zoom for more network ranges or these IP Ranges in particular?

3.126.162.175
54.154.117.235
193.122.43.71
99.80.203.135

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    I think you'll find this will be hard to keep up with; all of these meeting services are seeing a global strain due to the pandemic and as best I can tell their documentation can't keep up with the changes they are making to handle the load.  For any of my managed customers that have 3rd party DDoS protection, I have just been disabling Flood detection; it interferes with these types of services as you've seen.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0

    I think you'll find this will be hard to keep up with; all of these meeting services are seeing a global strain due to the pandemic and as best I can tell their documentation can't keep up with the changes they are making to handle the load.  For any of my managed customers that have 3rd party DDoS protection, I have just been disabling Flood detection; it interferes with these types of services as you've seen.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Unfiltered HTML