Zoom in Citrix VDI (Part 2) HDX Offloading, Architecture and Zoom.us Security + Privacy

Introduction
In my first blog post http://axendatacentre.com/blog/2020/04/22/zoom-hdx-offloading-for-citrix-virtual-desktops-part-1/ I explored how frictionless it was to setup and deploy Zoom in a Citrix Virtual Desktop, this post builds upon my initial post looking at a wider device spectrum, fallback scenarios and further testing using iGel thin clients.

Overview of Optimised vs. Un-Optimised Zoom Meetings in Citrix VDI (DaaS)
The below image represents both an (un)optimised Zoom meeting running within a Citrix virtual desktop. If an employee access’s his/her Citrix virtual desktop from an endpoint e.g BYO that doesn’t have the β€œZoom Media Plugin” installed like it was on there e.g CORP device then the once “Optimised” HDX offloaded A/V traffic for there Zoom Meeting is effectively now “Un-Optimised” and the A/V processing that was shifted onto the employee’s endpoint will now be processed within the Citrix virtual desktop in the resource location (data centre) causing a degraded experience, macro uplift in computing and networking resources to process the A/V for the Zoom meeting and the A/V traffic sent and received from the employees endpoint which is then sent out via the Zoom client within the Citrix virtual desktop.

UPDATED Zoom Pre-requisites & System Requirements
Follow my original guidance at – http://axendatacentre.com/blog/2020/04/22/zoom-hdx-offloading-for-citrix-virtual-desktops-part-1/. My initial test focused on testing the viability of using Zoom meetings in a Citrix virtual desktop when HDX Offloading was enabled to “Optimise” Zoom meetings and improve the employee experience by shift the A/V processing to the employee’s endpoint, the initial results where hugely promising with minimal effort.

I found some time to continue with further tests but I hit a wall the β€œZoom Client for VDI” was displaying a “Grey blank screen” during the meeting and when checking the video settings within the “Zoom Client for VDI” app in system tray, you get the same result a “Grey blank screen” even though Citrix Workspace app is doing its job of automatically connecting “Microphones and Webcams” as I tested a GoToMeeing without any issues so I knew there where no policies conflicts or issues. I googled the problem briefly and found nothing useful, I then decide to revisit Zoom’s on-line documentation and found this important notification published within the last 6 days of this blog post stating that Zoom now requires both the β€œZoom Media Plugin” + β€œZoom Client for VDI” to match exactly from version 2.1.5 documented at – https://support.zoom.us/hc/en-us/articles/360031768011-New-Updates-for-Virtual-Desktop-Infrastructure-VDI- as, anything prior to the pending date 30/05/2020 you can configure the MinPluginVersion via registry settings – https://support.zoom.us/hc/en-us/articles/360032343371 to be able to use older versions for backwards compatibility – https://support.zoom.us/hc/en-us/articles/360041602711.

Zoom Meeting Test & Citrix Lab Overview
1.CVAD 1912 LTSR running in my personal AWS EC2 in N.Virgina, USA delivering a Citrix virtual desktop to me in London, England. The virtual desktop is running Windows Server 2019 its a “t2.medium” instance type running the 1912 LTSR Virtual Delivery Agent (VDA), also installed was the β€œZoom Client for VDI” product version 4.6.15322 used during my orginal testing – https://twitter.com/lyndonjonmartin/status/1253036938992529408?s=20. To resolve the “Grey blank screen” download and install the latest product version I was running 4.6.15630.
2. Personal iPhone 7S running Zoom app setup with my account to start/stop Zoom meetings.
3. Zoom doesn’t support HDX Offloading on MacBooks therefore I used my wife Windows 10 laptop in these tests, which is running Citrix Workspace app 1912, and I installed the Zoom Plugin for Citrix Receiver product version 4.6.15630. You’ll notice that the product versions between the Citrix virtual desktop running the “Zoom Client for VDI” – https://zoom.us/download/vdi/ZoomInstallerVDI.msi and the Zoom Plugin “Zoom Media Plugin” – https://zoom.us/download/vdi/ZoomCitrixHDXMediaPlugin.msi on the endpoint are an exact match.
4. Zoom have published a VDI Backward Compatibility Matrix which is available at – https://support.zoom.us/hc/en-us/articles/360041602711.

Zoom VDI Optimisation Management
I think its important to recognise, when rolling out the Citrix + Zoom “Optimisation” capability you need to include both the “Zoom Client for VDI” + “Zoom Media Plugin” as part of your internal and external software deployment strategy. It is also worth noting the differences between Zoom meetings within “Citrix” VDI and on other platforms, Zoom has put together a comparison feature matrix at – https://support.zoom.us/hc/en-us/articles/360031441671-VDI-Client-Features-Comparison?zcid=1231#h_fceae51c-f385-4a20-bd54-c7c50f186c15. You should also be mindful of the native features by platform which is available at – https://support.zoom.us/hc/en-us/articles/360027397692.

Internal Strategy
Manage the “Zoom Client for VDI” using a Citrix App Layering “App Layer” – https://docs.citrix.com/en-us/citrix-app-layering/4/layer/create-app-layer.html in conjunction or separately with your existing preferred Citrix provisioning technology e.g Machine Creation Services (MSC) or Provisioning Services (PVS).

External Strategy
Management of the “Zoom Media Plugin” is better controlled for security + avoid breaking the employee experience on supported endpointshttps://support.zoom.us/hc/en-us/articles/360031096531-Getting-Started-with-VDI by enrolling the endpoints into Citrix Endpoint Management (CEM). For Windows endpoints use the *.MSI installer with the “Windows Agent” – https://docs.citrix.com/en-us/citrix-endpoint-management/policies/windows-agent-policy.html to deploy a script to update the “Zoom Media Plugin” and for iOS and Android you could send a push notification to employees to update to the latest Zoom app available in the public app store so that you have app versioning + device spectrum consistently re feature + security parity across the organisation.

LTSR vs. CR vs. Citrix Cloud Strategy for HDX Offloading of Zoom?
Zoom is not embedded into the Citrix stack like Teams is, therefore you can choose to deploy your own Zoom + Citrix HDX Offloading inline with your preferred CVAD release strategy BUT you must align to Zoom’s leading practises for “Citrix” VDI and Citrix’s for release strategy type. The reason this is possible it because you need to manually or automate the installation of the “Zoom Media Plugin” + Zoom Client for VDI” software both client and server/workstation sides outside of the Citrix stack, remembering that the Teams HDX offloading components are part of the VDA (server/workstation) and the CWa (client) – http://axendatacentre.com/blog/2019/08/06/hdx-offloading-for-microsoft-teams-within-a-citrix-virtual-desktop/.

Zoom 90 Day Security Plan Facts & Personal Opinions
Zoom recently published an updated communications on there 90 Day Security & Privacy Plan for June available to read at – https://blog.zoom.us/wordpress/2020/06/03/90-day-security-plan-progress-report-june-3/*. Since the beginning of this journey I will continue to update the security & privacy portion of this blog post below. Zoom is so committed to this its CEO Eric Yaun and “leader” holds LiVE sessions entitled “Ask Eric Anything“. If you wish to register to join these sessions LiVE register at – https://zoom.us/webinar/register/WN_9jdr63uuRuSRBX-yEJ2zVQ?id=3IWjZb4JTJm0II3A4lkBOg&zcid=1231 and if you want to ask a question email answers@zoom.us as per the blog post*. If you have doubts, you heard a “Chinese Whisper” surrounding Zooms security or privacy then you should watch the below, and be sure to submit that question to Zoom’s leader and his leadership team to reply on “Ask Eric Anything“.

I’ve yet to see a leader openly committed to and inclusive of customer, business, community and peer feedback to drive CHANGE and INNOVATION. Upon reflection I’m actually not surprised he’s an “Entrepreneur Leader” and therefore both change and innovation are built into his DNA likewise to learn from failure fast and then act to achieve continued success. These two values for me is missed while driving (Digital) Transformation in any organisation from paper to paperless vs. manual to co-hybrid automation.

Security & Privacy
Zoom is continuing to take security and privacy seriously and they continue to communicate that publicly on the company blog, they have as of releasing this blog post published the following blog articles – https://blog.zoom.us/wordpress/2020/05/04/navigating-a-new-chapter-for-zoom/, https://blog.zoom.us/wordpress/2020/05/05/use-zoom-to-securely-host-virtual-board-meeting/ and https://blog.zoom.us/wordpress/2020/05/05/zoom-disable-pmi-security-updates-for-basic-accounts-may-9/. The collective sum of these post indicates that Zoom is giving IT more security controls for Zoom meetings in an enterprises. The following list is just a high level summary of what can be found in the above blog pots on https://blog.zoom.us/.

-Zoom Encryption whitepaper published April 2020 – https://zoom.us/docs/doc/Zoom%20Encryption%20Whitepaper.pdf discussing the use of TLS 1.2, AES, AES-256 and SRTP or Secure Real-time Transport Protocol for Zoom to Zoom communication. The whitepaper looks at clients, browsers and 3rd party devices/services.
-Zoom client connection progress whitepaper published April 2020 – https://zoom.us/docs/doc/Zoom_Client_Connection%20Process_Whitepaper.pdf
-Leading practices when using a Zoom Personal Meeting IDs (PMI)
-Zoom 5.0 supports AES 256-bit GCM encryption*
-Scheduled security changes to come to FREE Zoom accounts
-Zoom watermarks in two flavours
-Industry certifications e.g SOC2 Type II, Privacy Shield Certified, GDPR e.t.c – https://zoom.us/docs/ent/privacy-and-security.html
-Lock meetings and require authentication –
https://support.zoom.us/hc/en-us/articles/360041848151-In-meeting-security-options?mobile_site=true

Final Thoughts
Zoom continue to step up on security and privacy frontier, and the second round of tests continue to demonstrate a real WOW moment for me in how frictionless the experience has been as a IT Professional and as an consumer of Zoom meetings personally within my lab. I will time permitting continue with my full tests in the future expanding the device spectrum being inclusive of employee experience optimisation strategies.

The views expressed here are my own and do not necessarily reflect the views of Citrix.

115 thoughts on “Zoom in Citrix VDI (Part 2) HDX Offloading, Architecture and Zoom.us Security + Privacy

  1. Pingback: generic sildenafil uk

  2. Pingback: can you write my essay

  3. Pingback: buy college essays online

  4. Pingback: essay revision service

  5. Pingback: application essay help

  6. Pingback: reliable essay writing service

  7. Pingback: mba application essay writing service

  8. Pingback: please write my essay for me

  9. Pingback: help with college essay

  10. Pingback: essay writers service

  11. Pingback: help me with my essay

  12. Pingback: academic essay help

  13. Pingback: write my essay

  14. Pingback: best online essay editing service

  15. Pingback: admission essay writing services

  16. Pingback: online pharmacy xanax alprazolam

  17. Pingback: ultram pharmacy

  18. Pingback: best online pharmacy xanax no prescription

  19. Pingback: jewel osco pharmacy

  20. Pingback: Celexa

  21. Pingback: vidalista tadalafil

  22. Pingback: sildenafil over the counter nz

  23. Pingback: when is generic cialis available

  24. Pingback: best seller cialis

  25. Pingback: sanofi cialis otc

  26. Pingback: sildenafil pills for sale

  27. Pingback: cost of viagra prescription

  28. Pingback: real viagra online canadian pharmacy

  29. Pingback: best place to buy tadalafil online

  30. Pingback: viagra 50 mg tablet buy online

  31. Pingback: when does cialis go generic

  32. Pingback: cialis cost in nz

  33. Pingback: rohypnol online pharmacy

  34. Pingback: mutual of omaha rx pharmacy

  35. Pingback: cialis black 800 mg pill house

  36. Pingback: where can you buy real viagra online

  37. Pingback: liquid tadalafil iron dragon

  38. Pingback: sildenafil 20 mg brand name

  39. Pingback: how long before sex to take cialis

  40. Pingback: escrow pharmacy online

  41. Pingback: buy online sildenafil citrate

  42. Pingback: buy viagra online south africa

  43. Pingback: viagra pills price in usa

  44. Pingback: viagra online pharmacies

  45. Pingback: online order viagra in india

  46. Pingback: sales viagra

  47. Pingback: www tadalafil 20mg

  48. Pingback: cialis professional ingredients

  49. Pingback: low dose cialis

  50. Pingback: cialis reliable sites

  51. Pingback: bactrim mastoiditis

  52. Pingback: gabapentin g31

  53. Pingback: flagyl endikasyonlarθ„Ή

  54. Pingback: valcivir (valacyclovir)

  55. Pingback: tamoxifen thirst

  56. Pingback: how long has lyrica been on the market

  57. Pingback: search lisinopril

  58. Pingback: lasix kalium

  59. Pingback: glucophage toxicity

  60. Pingback: semaglutide dosing schedule

  61. Pingback: semaglutide 3mg reconstitution

  62. Pingback: is compounded semaglutide the same as ozempic

  63. Pingback: viibryd vs zoloft

  64. Pingback: flagyl utilisation

  65. Pingback: citalopram and escitalopram

  66. Pingback: cephalexin 500 mg espanol

  67. Pingback: gabapentin zolpidem

  68. Pingback: duloxetine walmart pharmacy

  69. Pingback: i took cymbalta while pregnant

  70. Pingback: fluconazole and fluoxetine

  71. Pingback: where can i get viagra tablets

  72. Pingback: best time to take lexapro to avoid insomnia

  73. Pingback: 1.5 g azithromycin gonorrhea

  74. Pingback: cephalexin treat bv

  75. Pingback: ciprofloxacin prophylaxis dose

  76. Pingback: bactrim d.s tablets

  77. Pingback: bactrim strep coverage

  78. Pingback: does amoxicillin go bad

  79. Pingback: side effect diltiazem

  80. Pingback: flexeril drug interaction

  81. Pingback: diclofenac sodium uses

  82. Pingback: can flomax raise blood pressure

  83. Pingback: citalopram 40mg

  84. Pingback: ezetimibe molecular weight

  85. Pingback: does ddavp need to be refrigerated

  86. Pingback: cozaar 50 mg tablet

  87. Pingback: what is depakote prescribed for

  88. Pingback: wellbutrin and effexor together

  89. Pingback: contraves zurich

  90. Pingback: cost of aripiprazole

  91. Pingback: nortriptyline vs amitriptyline

  92. Pingback: allopurinol metabolism

  93. Pingback: aspirin formula

  94. Pingback: is baclofen a muscle relaxer

  95. Pingback: what is celecoxib prescribed for

  96. Pingback: buspar vs klonopin

  97. Pingback: tramadol and celebrex

  98. Pingback: celexa drug

  99. Pingback: ashwagandha root powder benefits

  100. Pingback: does augmentin cause yeast infections

  101. Pingback: repaglinide long term side effects

  102. Pingback: actos discriminatorios

  103. Pingback: protonix for acid reflux

  104. Pingback: acarbose similar

  105. Pingback: robaxin for withdrawal

  106. Pingback: what is the most common side effect of abilify?

  107. Pingback: ultima semaglutide

  108. Pingback: snorting remeron

  109. Pingback: tizanidine maximum dosage

  110. Pingback: voltaren and high blood pressure

  111. Pingback: sitagliptin vs saxagliptin

  112. Pingback: generic ivermectin for humans

  113. Pingback: medikament tamsulosin basics

  114. Pingback: what happens if you drink alcohol while taking venlafaxine

  115. Pingback: spironolactone and ibuprofen

Comments are closed.