Microsoft eCDN FAQ

Last updated on: June 4, 2023

General

What is Microsoft eCDN?

Microsoft eCDN (Enterprise Content Delivery Network) optimizes network performance for video streaming within an enterprise network. Using WebRTC-based technology, with no additional installation required, Microsoft eCDN allows each viewer to strengthen the network for more viewers. Microsoft eCDN scales automatically with video demand for events delivered by Microsoft Teams Live Events.

Microsoft eCDN is built and managed on Microsoft's secure and compliant Cloud (Microsoft 365 compliant), reduces the cost of ownership by providing an end-to-end streaming solution, and provides compatibility with third-party video streaming services.

What pain points does Microsoft eCDN solve?

  • Surge in live event usage creates network congestion, which results in:

    • Poor video quality, audio-only, live event failure in many cases

    • Viewers drop off; employees missing key messages

    • Disruption/failure in business-critical applications

  • Lack of granular analytics making determining live event performance and troubleshooting technical issues challenging

  • Existing network optimization solution requires hardware and agent installation => complex to set up and expensive

What is the difference between a CDN and an eCDN?

A CDN and an eCDN are both systems that help to improve the delivery of content over the internet, but they have some key differences.

A CDN, or Content Delivery Network, is a system that helps websites load faster by storing copies of the website in different places around the world. This way, when someone visits the website, they can get the data from the server that is closest to them, which makes the website load faster. CDNs are used to deliver all kinds of content, including text, images, and videos.

An eCDN, or Enterprise Content Delivery Network, is a special type of CDN that is located within a private network, typically a company's or school's, which can help organizations be less susceptible to peak demand issues and reduces failures in other abnormal conditions. While an eCDN can also deliver a wide range of content, it's especially suited to solve the video delivery last mile issue, which is very problematic for corporate networks. The last mile issue refers to the challenge of delivering content to end users over the final leg of the network connection, which can become congested and slow. Most eCDNs work by storing copies of the video on servers within the organization's network, so that when someone watches the video, they can get it from a server that is closer to them, which makes the video playback smoother and with less buffering.

So, the main difference between a CDN and an eCDN is the type of network they serve, and the fact that an eCDN is especially well-suited to support video delivery within an organization's network. Additionally, while a CDN can be used by anyone with a website, an eCDN is typically only used by larger organizations that have many employees who need to regularly watch live video events such as All Hands events.

How does Microsoft eCDN work?

Microsoft eCDN is based on peer-to-peer (P2P) streaming technologies, removing the need to install and manage additional local server infrastructure. P2P streaming is when the viewers of a video stream share small, secure chunks of the stream with one another.

Normally, each viewer pulls the video from the original source, which can overload a company's internet connection if everyone is watching at the same time.

With P2P, viewers source the video stream not only from the original source but also from other viewers within the same local network, alleviating most of the bandwidth load from the physical internet connection.

Who can participate in Microsoft eCDN's peering solution?

Event attendees authenticated with your tenant. At this time, anonymous or guest attendees from another tenant don't register with the service and thus they can't participate in peering.

What platforms does Microsoft eCDN support?

Microsoft eCDN supports Town Hall, Teams Live Events and Viva Engage. It also supports third party platforms such as MediaPlatform.

Why do companies need eCDN?

Large corporate webcasts such as all-hands meetings require a massive amount of bandwidth. Other scenarios for eCDN benefits could be company town halls, division training, live streaming events, and OnDemand video viewing.

Each event poses a real threat to the office network and can result in network saturation (causing office-wide connectivity to fail), poor video quality, loss of productivity, and user frustration.

Microsoft eCDN is designed to enhance network reliability, reduces network saturation, and delivers secure, high-quality, large-scale live video streaming with optimized network performance directly in Teams Live Events.

How do I configure Microsoft eCDN?

Microsoft eCDN works out of the box, no configuration needed. Turn on tenant-wide in the Teams Admin Center (TAC). Microsoft eCDN is WebRTC-based, so no need to download anything. It runs on the cloud and is managed by Microsoft.

What else does Microsoft eCDN provide?

Microsoft eCDN provides granular analytics during and after the event to troubleshoot and improve the viewer experience. Microsoft eCDN also provides a nondisruptive silent tester (conducting a dry-run), which can help troubleshoot any issues that can arise before an event starts.

What are the differences between Microsoft eCDN and other eCDN providers?

While all eCDN provides network optimization for video streaming, Microsoft eCDN is a WebRTC-based solution meaning it's a no-install technology for faster integration. Most other eCDN providers are agent-based solutions that are installed and deployed by IT.

Agent-based eCDN solutions require the installation of additional software products with deployment of an agent across all end-user devices, which requires security and approval from Infosec and is typically a time-consuming process. Microsoft eCDN is integrated directly within Microsoft Teams and can be activated tenant-wide with a few clicks. There's no need to install any agent or hardware.

In addition to the advanced analytics tools it provides, Microsoft eCDN allows silent test runs of the network without the need for extra software.

What cloud service is used?

Microsoft eCDN is hosted on Microsoft Azure.

What is the difference between Microsoft eCDN and Azure CDN?

Microsoft eCDN works within the Local Area Network (LAN) of a given company, alleviating the network stress on a company's internet connection when many employees access video assets at the same time; whereas Azure CDN is a content delivery network that provides its services over the open internet.

Is Microsoft eCDN compatible with other streaming services?

Microsoft eCDN is compatible with HLS-based (HTTP Live Streaming) services such as our third party partner, MediaPlatform.

What are the technical requirements to enable Microsoft eCDN?

Microsoft eCDN is integrated into Microsoft Teams and has no additional requirements. It's also compatible with most modern browsers.

How do customers benefit from eCDN while watching a live stream on the corporate network?

Via WebRTC, there's a signaling process between the peers, which results in a connection. After a connection is made, the system and the peers distribute the bandwidth based on many factors such as: available bandwidth, position in the stream, buffer health, and many others.

These benefits can also be extended to offsite viewers who have difficulties sourcing the content from distance media servers, such as those in geographically challenging locations in Southeast Asia, South America, and mountainous regions.

If I previously purchased a third party eCDN solution, and now want to use Microsoft eCDN, how will I know which solution is running?

You can view which eCDN solution is configured in your Teams Admin Center (TAC) under Live Event Settings and SDN provider.

How does Microsoft eCDN work with town halls?

Microsoft eCDN enables secure, high-quality live video streaming in town halls so that attendees have a seamless experience when viewing events. Town halls with basic functionality for Microsoft 365 and Office 365 offerings supports both third-party eCDN providers and first-party Microsoft eCDN. Town halls with advanced functionality for Teams Premium support only Microsoft eCDN, which is included as a part of Teams Premium.

How do I enable Microsoft eCDN for my town halls?

Town halls created by an organizer with a Teams Premium license will load Microsoft eCDN. No additional configuration is necessary. Town halls created by an organizer who does not have a Teams Premium license will load the eCDN solution configured in the tenant’s Teams Admin Center. For more, see how to enable Microsoft eCDN.

What’s the difference between first-party and third-party eCDN support with town halls?

Microsoft eCDN (first-party eCDN) works with both advanced town hall functionality in Teams Premium and basic town hall functionality in Microsoft 365 and Office 365 offerings. Third-party eCDN works with basic town hall functionality in Microsoft 365 and Office 365 offerings, and requires a policy in the Teams Admin Center to work with limited advanced town hall functionality.

What’s the difference between Microsoft eCDN for Town Hall and Teams Live Event?

Access to the Microsoft eCDN analytics dashboard and its usability remains the same for both Town Hall and Teams Live Event. Premium town halls are prefixed with “PE:” whereas base town halls and Teams live events are prefixed with “TLE:”.


Pricing and Licensing

Below is a general pricing guide. For the most up-to-date and detailed pricing information, contact your technical specialist, account executive, or customer success account manager.

How much does Microsoft eCDN cost?

There are two purchasing options:

  1. Microsoft eCDN is sold as a per user license at $0.50 per user per month with an annual agreement. Refer to your technical specialist or customer success account manager for details.

  2. Microsoft eCDN is included in Teams Premium. For more information on the offering, see Get Started with Microsoft Teams Premium.

For details on how to purchase Microsoft eCDN, see this article.

What license do I need to have to access the eCDN solution?

You can purchase the add-on eCDN SKU or get the solution as part of Teams Premium. Contact your customer success account manager for details.

How is the Microsoft eCDN standalone SKU different from Microsoft eCDN as part of Teams Premium?

Microsoft eCDN's functionality remains the same whether you purchase the standalone solution or get the solution as part of Teams Premium.

Should all users in a tenant be licensed for the eCDN solution? Or should only the IT admins be licensed?

You'd purchase enough licenses to cover users whom you intend to benefit. For most customers, it's typically the entire tenant. The solution is enabled tenant-wide by default. While we don't enforce restrictions, meaning we don't automatically disable eCDN for you or throttle your performance, we monitor usage. If we detect overuse, your account management team will inform you and ask you to ensure you've purchased an adequate number of licenses.

Do licenses have to be assigned to users?

Microsoft eCDN works out of the box without the need to assign licenses to individual users.

Note

While assigning licenses is not required, customers must ensure that they have purchased an adequate number of licenses to accommodate their intended usage.

What trials are available for eCDN?

There's a three-month trial available to customers in the Microsoft 365 admin center for the standalone eCDN SKU.

  1. Access the Microsoft 365 Admin Center.
  2. Billing > Purchase services > search eCDN
  3. Once you locate the SKU, select "Start free trial."
  4. Select "Try now."
  5. A 90-day trial will be applied to the tenant.

Note

Clicking the (i) icon next to "Start free trial" shows this message: "This trial includes 25 licenses for 3 months." You can disregard this message as the trial will be enabled for the entire tenant.

Does a standalone Microsoft eCDN license work with the advanced functionality in town halls in Teams Premium?

Yes, the standalone Microsoft eCDN license does work with the advanced functionality in town halls in Teams Premium, however, Microsoft eCDN is already bundled in with Teams Premium, so you don't need to purchase the standalone eCDN license.

If I purchase Teams Premium for a portion of my tenant, and want the entire tenant to have Microsoft eCDN, how do I proceed?

You can supplement your Teams Premium licenses with standalone Microsoft eCDN licenses. For example, say you’ve purchased 20,000 Teams Premium licenses for your 25,000-user tenant, you’d purchase an additional 5,000 Microsoft eCDN licenses. For additional licensing-related questions, please contact your technical specialist or customer success account manager.

Does the Microsoft eCDN standalone license work with Town Hall?

Yes, Microsoft eCDN standalone license works with both basic functionality and advanced functionality town halls.

Do all users in my tenant need a license for eCDN?

We recommend that all users in a tenant be licensed to benefit from eCDN and to ensure the optimal experience.


Technical Questions

What are the deliverables in terms of resolution and bitrates with Microsoft eCDN? How does one verify the efficacy of the solution?

The resolution/bitrate at which a stream can be broadcast depends on connectivity. Microsoft eCDN handles the delivery/distribution and helps offload a large portion of the internal bandwidth onto our mesh network. Many of our customers who previously experienced challenges with 240p are now live streaming at 720p. Certain site capabilities allow an estimation of the video quality potential. If the unused bandwidth capacity of a given site is known, as well as how many devices are going to participate in the video events -- it's an estimate what would be the reachable bitrates.

The overall peer-to-peer (P2P) efficiency percentage is one of the main indicators of Microsoft eCDN's effectiveness. It indicates how much internal bandwidth is offloaded onto our P2P mesh network.

For example, a 2-Mbps stream with 1,000 concurrent viewers would effectively require a 2-Gbps connection to accommodate that stream. If Microsoft eCDN provided, for example, a 90% P2P efficiency, only 10% of the internal bandwidth, that is, 200 Mbps, would be required.

If employees at a large company campus location are watching a video, how is the peering done within the campus network?

WebRTC is the technology driving P2P offload. There's a signaling process between the peers (just like in a WebRTC call) which results in a connection. After a connection is made, our system and the peers themselves decide who and what is being sent to whom and where, based on many factors such as: available bandwidth, position in the stream, buffer health and many others. The network changes constantly and adapts quickly to the changes. Microsoft eCDN has the advantage that it can always fall back to the http source in case there's a need.

How do user devices discover each other?

All peers are connected to Microsoft eCDN's network and coordinator (tracker). Microsoft eCDN builds a map of the network and understands which peers are located next to each other (from a network perspective) and decides how to build the peering network.

How do we prevent peering across the campus?

The system automatically detects when peers aren't on the same site and won't connect nonadjacent peers to one another. Microsoft eCDN can also incorporate a customer's own subnet mapping to enforce peering based on local IP. Subnet mapping will also enrich the analytics to show site-based analytics of peering and performance.

Learn more in our subnet mapping doc

What is the performance impact of the WebRTC P2P mechanism on a wireless network?

The impact is negligible. Customers can customize further with their subnet mapping by allowing Wi-Fi users to only consume content and not distribute to avoid congesting the upload link (leech mode).

What are the best tips for handling VPN users?

  1. Configure split-tunneling for work-from-home users.
  2. It's best to disable peering over VPN, meaning users on VPN will neither peer with each other nor will they peer with users in the office. You can easily disable P2P for VPN subnets by setting the "config" to "p2p-off" in your subnet mapping CSV. Refer to the Subnet Mapping UI overview documentation for details.

What is mDNS and why does it need to be disabled in certain cases?

Prior to 2019, local IPs could be obtained from the browser. After 2019, there was a change to the WebRTC spec that prevented the browser from exposing local IPs and WebRTC started using mDNS (Multicast DNS) instead. To enable peering for browser users, customers must disable mDNS and expose local IPs to the Microsoft eCDN service. If viewers use the Microsoft Teams desktop app to view a live event, Microsoft eCDN can already obtain local IPs. For the web version of Teams and third-party video platforms, customers will most likely need to disable mDNS. Refer to the Disabling mDNS documentation for instructions.

Are there any real-time tools that enable a customer to monitor a video event in order to identify potential issues and make adjustments?

Yes, there are advanced monitoring and live analytics dashboards, which provide detailed insight into what is going on at every site and for every user. Peering data is collected real-time and there's only a minimal 1-5 minute delay for the data aggregation and processing pipeline.

What factors determine whether a client device fetches content from the source vs from a peer?

There are many factors, but the main one is the position on the stream and the "video buffer health."

What is the maximum number of "hops" that a client that is peering can be from the source?

It depends on how the network is configured and what is agreed to enable in the peering groups.

What happens if a client that is providing a feed to peer devices switches from the source to a peer device? Is there any type of coordination function that looks at the overall peering arrangement to prevent negative consequences for downstream peers?

The system adjusts automatically

What is the maximum number of peers that can be connected to a single client device?

30 peers, not including race cases.

What is the performance impact on the client device when other client devices peer to it?

The impact is negligible. The design team has been very cautious about the solution's footprint and has been sure to maintain a minimal CPU and memory footprint. Therefore, Microsoft eCDN's technology is able to be implemented on devices from the low-end to the high-end.

What is the behavior in case of failure? (Microsoft eCDN not reachable)

HTTP fallback if P2P is not possible/optimal.

What is the role of the HTTP server?

Each client on the network downloads a small number of video chunks from HTTP, and the rest from peers. If P2P is ineffective at any time, there's fallback to HTTP-only mode.

Is there any compression in p2p traffic?

No, the data is the media byte stream as is. Since it's already compressed there nothing further to do.


Protocols

What are the protocols used by Microsoft eCDN? (for example, What protocol is used for signaling?)

WebSocket is used to connect to the backend, ICE for signaling and SCTP for peer-to-peer communications.

Regarding connection to Microsoft eCDN servers, can all connections be done via an HTTP proxy? Our users can only connect to external web sites via HTTP proxy (and proxy authentication is set by default.)

  • HTTPS (TLS) is used for all of the communications, so a valid certificate needs to be provided by the proxy

  • The backend is connected using WebSocket, if the proxy supports WebSocket then it should be fine


Security

What security requirements are there?

No additional installation is required on user endpoints and devices, nor are any changes required to the physical network infrastructure, which reduces the time to deploy and the need for more security requirements.

What prevents an unauthorized user from accessing content from a device on the network that is acting as a peer? What if an employee is on a guest network and there are visitors also connected to it?

Only users that are authenticated by the video platform authentication mechanism are able to participate in the peering network.

Authentication on session start: what information is used by Microsoft eCDN to ensure that a viewer is authorized for a stream?

Domain or public IP. For more information, see our authentication/security page.

Microsoft eCDN can authenticate viewers directly, in addition to any authentication mechanisms that already exist on the content-provider side. The authentication mechanisms in place prevent unauthorized viewers from accessing content and any metadata that exists on the peer-to-peer network.

Microsoft eCDN isn't enabled for anonymous users. Anonymous users usually aren't inside a corporate network, so it isn't generally a problem.

How is the WebSocket traffic secured? Is it encrypted? What type of encryption?

It's TLS encryption 1.2 or 1.3 depending on the client.

Is Microsoft eCDN's HTTPS traffic using TLS1.1 or TLS1.2?

It's currently using 1.2 or 1.3, depending on client.

Is SSO supported?

Microsoft eCDN supports SSO via Microsoft Entra ID.

Is encryption in transit used within the internal system/components

Yes, all communication is TLS-encrypted.

How is Microsoft eCDN Data Warehouse used for end-user view and admin PII data: what technology is used, is it multi-client or single client, how is segregation of data done, how is encryption at rest done?

The data is stored in an Elastic search cluster. The architecture is a multi-tenant architecture and is based on the ELK architecture with extra hardening. Elasticsearch itself isn't exposed to the internet, and queries can be made only via the Kibana backend. Only authenticated users can query the Kibana backend and according to their organization their query is filtered to be able to query only their tenant data. Data at rest is encrypted using AES256.

Does SSL inspection need to be bypassed as well as proxies for connectivity to *.ecdn.teams.microsoft.com?

The Microsoft eCDN team has never tested what happens in that case, but it's projected that it will not behave well with WebSocket. As such, we recommend disabling SSL inspection for *.ecdn.teams.microsoft.com.

For how long is analytics data retained?

Analytics dashboard data expires 13 months (395 days) after creation.


Network Requirements

In the network requirements, opening 1025-65535 ports for UDP on the internal LAN for P2P connections, which is almost the entire range of ports. From Microsoft eCDN's perspective, what is the operational impact on the performance of the solution?

This port range is only for internal communication inside sites within a corporate network - this traffic shouldn't traverse any firewalls, hence usually it's not blocked by default. If it's blocked in a given network, and the admins don't wish to open so many ports, there's a way to limit the operational ports for WebRTC by using managed browsers. If indeed ports are blocked, this option can be discussed further by contacting your Microsoft Customer Success Account Manager.

Can I limit the port range?

Customers can limit the port range for both Microsoft Edge and Google Chrome browsers. The Teams client requires ports 1025-65535 to be allowed.


Testing

What would be a good minimum number of clients that we should use for testing in order to achieve a realistic view on the effectiveness of the Microsoft eCDN solution?

It's recommended for 5 as a minimum, but it's ideal to test with 20-30 devices to better model how it would work in actual events on a given network. Keep in mind that if there are only two users, the maximum peering efficiency/offload is 50%, with three users => 67%, 4 => up to 76%.

What is a silent test?

A silent test is a simulation of a live event allowing admins to:

  • assess the network: ensuring there's enough bandwidth for upcoming live events

  • test peering efficiency (the amount of bandwidth being offloaded to Microsoft eCDN's P2P mesh)

  • detect potential issues (site- or user-related) and troubleshoot prior to the event

  • compare simulations with and without P2P enabled

How do I conduct a silent test?

Detailed guidance on creating a silent test can be found in the Silent Testing Framework documentation.

Do I need to configure Microsoft eCDN for my tenant to perform silent test?

No. Silent tests can be performed in your organization independent of the tenant's eCDN configuration, as long as runners are instanced as directed. Of course, it's presumed that the tenant is entitled to Microsoft eCDN via license procurement, and that the silent test facilitator has an appropriate role.

How to stop the silent test?

Silent test can be stopped while running by clicking on the Cancel button (trash can).

Graphical user interface showing silent testing menu with the name of the test options to edit the test or cancel the test next to the name


Troubleshooting

What are typical reasons for the lack of analytics in my dashboard?

  • Microsoft eCDN hasn't yet been configured in Teams Admin Center (TAC), or the per-event override string hasn't been used => refer to the onboarding doc for instructions.

  • Microsoft eCDN was configured for the production tenant, and the event was conducted using a test tenant (or vice versa).

  • An external encoder was used which Microsoft eCDN does support.

  • Microsoft eCDN is correctly configured in TAC but the live event was conducted before Microsoft eCDN was properly activated. It takes anywhere between 4-24 hours for the change to propagate.

  • Firewall/network settings may be blocking websocket connections. Ensure *.ecdn.teams.microsoft.com is allowed. Conduct a quick test using our tester page https://aka.ms/ecdn/tester and look for any instances of a red X, which indicates a failed component in the Networking block. Send your Microsoft Customer Success Account Manager (CSAM) the report that you can download by clicking "Download Report."

For a detailed list of scenarios and corresponding troubleshooting guidelines, see our troubleshooting doc.


Support

Who do I contact when I need help?

You can contact your customer success account manager (CSAM), technical specialist, or cloud solution architect.

Additionally, the Microsoft eCDN product team hosts a customer office hour session every two weeks; usually on Wednesday at 11am EST/5pm CET. Contact your CSAM for the upcoming session and registration link.

Alternatively, you can create a support case.

Are there live event support services that we can request?

If you have a need for support services for your live events, contact your customer service account manager (CSAM) in advance. They have all the resources they need to help you succeed.

There's also the Live Event Assistance Program (LEAP) that can provide resources to help you. Your CSAM is able to assist you if you need to utilize this resource.

On-demand support services may be provided to you as part of your enterprise agreement or at a fee. Contact your CSAM for details.