Cloud siem icon white

Automate your SOC with Cloud SIEM Get started

Get started
Back to blog results

April 13, 2020 By Himanshu Pal, Rishi Divate and Sri Karnam

Ensure a secure and reliable Zoom video conferencing service

We are excited to announce a new solution for our customers to monitor the performance, availability, and security of their Zoom video conferencing service. The Sumo Logic for Zoom app is available today in our app catalog.

This new app will be added to our ‘Work From Home’ solution which is available for free, with no obligation. Even if you’re not already a Sumo Logic customer, you can start monitoring your Zoom service along with your VPN, remote access, and other SaaS solutions, such as Office365, G-Suite, JIRA, Slack, Carbon Black, Cylance, and CrowdStrike by signing up for free and deploying it safely from your home for the next 90-days.

With the new Sumo Logic app for Zoom, you can get:

  • Comprehensive visibility into the usage of Zoom Video Communications
  • Monitoring of the performance and availability of Zoom through out-of-the-box analytics
  • Security visibility of your Zoom environment to prevent “zoombombing” by monitoring users, guests, administrator activity, webinars, recordings, and meeting activities

Zoom is the leader in modern enterprise video communications, with an easy, reliable cloud platform for video and audio conferencing, collaboration, chat, and webinars across mobile devices, desktops, telephones, and room systems. Zoom is used by over 81,000 customers worldwide.

Why monitor Zoom video communications?

In these times, when a majority of employees are working from home, enterprises are extensively using collaboration software such as Zoom to keep their employees productive and engaged. Our previous blog spoke about the top five challenges around reliability, security, performance, and usage monitoring with Zoom.

Although tools such as Zoom have their own analytics and reporting capabilities, we’ve seen customers asking us to aggregate, alert, and consistently report on logs and analytics across these remote access toolsets. Furthermore, customers are looking to correlate and investigate trends across related tools. For example, a drop in usage in one tool correlates to a potential increase in usage of another tool.

In the absence of out-of-the-box solutions, customers run into the following challenges while answering the above questions:

  • Swivel chair management across various tools given that each vendor has its own analytics and reports
  • Investment in time and effort to stand-up infrastructure to centrally manage and report on user activity from collaboration tools

How does it work?

Collecting real-time Zoom events and Installing the Zoom App

Sumo Logic collects meeting, webinar, recording, user, account and Zoom room events from your Zoom account through webhook event notifications.

This is done by configuring a “Zoom Webhook Only App” in your Zoom console to send all Zoom events to a Sumo Logic HTTP logs and metrics source. Once you have configured this collection, the Zoom app in the Sumo Logic UI can be installed to analyze this data with out-of-the-box dashboards.

Leveraging the Zoom App Solution

The Sumo Logic app for Zoom app has nine dashboards with key insights around administrator and user activity, authentication, availability, guest activity, meeting security, meeting usage, , and webinars. Here are a few examples of how the app dashboards can be used.

With the Zoom Overview dashboard users get an at-a-glance view of the state of their Zoom environment in terms of reliability, performance, user activity, and security by reporting on meetings, hosts, webinars, alerts, and guest activity.

Clicking on any of the top panels will allow you to drill down to the relevant dashboards with additional details. For example, clicking on the Meetings/Webinars Alerts dashboard will bring you to the Zoom Availability dashboard which shows insights into meeting, webinar, and Zoom room alerts in your environment. A meeting or a webinar alert event is triggered when a service issue is encountered during a meeting. For example, if there’s unstable audio or video a Zoom Room alert event is triggered if there’s an issue such as low battery or connection issues.

Additional operational dashboards include:

    • The Zoom Meeting Usage dashboard to understand how often meetings are being hosted and how long they last. This dashboard gives a great view for executives, providing visibility into how people are collaborating while working remotely.

    • The Zoom User Activity dashboard understands what your users are doing in those meetings such as user presence, recordings, file sharings, and usage..
    • The Zoom Guest Activity dashboard helps to track an unauthenticated user’s activities such as screen sharing, recording, and their overall participation across all meetings.
    • The Zoom Webinars dashboard helps to understand how online classes, webinars, tutorials, and other customer engagements are being conducted, and analyze participant registration vs. attendance.

The Zoom Authentication dashboard shows key statistics around logins and logouts as well as which devices and Zoom clients they are using. This is vital to quickly identify if employees are using older, more vulnerable Zoom clients.

The Zoom Meeting Security dashboard shows which personal meeting IDs are repeatedly used as well as meeting numbers repeatedly used. This helps you identify which meetings are most vulnerable to eavesdropping and can be victims of “zoombombing.”

The Critical Meeting Update Events dashboard that highlights when meetings were updated in a manner that is inconsistent with security best practices such as meetings without a password.

You can quickly detect and respond to these vulnerable settings by converting the searches that drive any of the dashboard panels to scheduled searches that create alerts in incident management platforms such ServiceNow, PagerDuty, Opsgenie, or Slack through Sumo Logic connections.

Finally, the Administrator Activity dashboard allows you to audit all the critical activities by administrators and ensure they are in line with expectations.

Summary

We are very excited to announce the Sumo Logic integration with Zoom so you can:

  • Collect and centralize your Zoom event data in Sumo Logic to ensure reliability and security of Zoom video conferences
  • Get started with out-of-the-box app dashboards to get insight into the availability, performance, and security of Zoom quickly
  • Prevent zoombombing
  • Ensure the reliability and availability of Zoom service
  • Monitor user and admin activities

Get Started Now!

The Sumo Logic platform with its new App for Zoom provides a complete availability, performance, use and security analytics monitoring solution.

To get started check out the Sumo Logic Zoom app help page. If you don’t yet have a Sumo Logic account, you can sign up for a free trial today and get started with our ‘Work From Solution’ that includes Zoom for a 90-day free trial.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Sumo Logic Continuous Intelligence Platform™

Build, run, and secure modern applications and cloud infrastructures.

Start free trial

Himanshu Pal, Rishi Divate and Sri Karnam

More posts by Himanshu Pal, Rishi Divate and Sri Karnam.

People who read this also enjoyed