Avaya Experience Platform™ Public Cloud uses the following transport protocols:

• HTTPS and WSS

• WebRTC, including ICE, STUN, and TURN protocols over DTLS-SRTP

Use TLS traffic for HTTPS and WSS. TLS inspection must support or have an exception for Avaya Spaces hosts.

The following table displays the media host IP addresses for User Datagram Protocol (UDP) in a Classless Inter-Domain Routing (CIDR) format:

Media transport guidelines

UDP is the preferred media transport protocol because it results in the best user experience and lowest latency. Tunneling media over TCP or TLS is available for highly restrictive configurations but consult with Avaya before planning.

To ensure that UDP media traverses your network firewall securely, configure an address-restricted dynamic cone NAT or a port-restricted dynamic cone NAT for the specified UDP port range. Avoid using a symmetric NAT because it can result in sub-optimal tunneling of audio or video and connection failures.

Since media is sensitive to latency, connect to the internet through the shortest path possible to reduce round trip times and improve the quality of service. Avaya recommends split tunneling VPNs and allowing signaling traffic to route directly without proxy interference.

You can use the media CIDRs above for UDP to program software-defined network infrastructure for recognizing media traffic and routing to the internet. Avaya recommends this configuration for large enterprises with multiple sites and a centralized network data center architecture. These addresses are dedicated to media globally and are never used for other purposes.