This article is for:
- IT Groups and Administrators
- Next Generation Platform
When using Wdesk or Wdata, there is important technical information to ensure things run as they should. This guide outlines network settings to optimize Wdesk performance and experience. You can forward this information to your IT Department to ensure Whitelisting and SSL Inspection Bypass are established.
In this guide we will cover the following.
- Whitelisting and Network Policy
- SSL Inspection
- Latency Testing
If at any point you run into problems while walking through this guide, or suspect there is an issue, please contact firstname.lastname@example.org.
Step 1: Review Whitelisting and Network Policy
First, review Domain Name Whitelisting. This contains a table of necessary domains and emails to whitelist to ensure that Wdesk and its services are not being blocked.
For whitelisting domain details, see Whitelist Hosts and Emails.
Step 2: Bypass SSL Inspection
Bypassing SSL Inspection for Wdesk can enhance performance and user experience.
What is SSL Inspection?
SSL Inspection is used to unlock encrypted sessions, check the encrypted packets, identify and block threats. It can also be referred to as; SSL Decryption, SSL Interception, HTTPS Inspection, HTTPS Scanning, and is part of the CASB (Cloud Access Security Broker) solution.
More and more public websites are moving to HTTPS, which means communications and data sent between the web server and client (i.e. an end user browsing the internet) are encrypted.
Wdesk and SSL Inspection Service or Appliance
SSL Inspection services are known to cause performance issues with Wdesk web applications. In order to remedy this, the wdesk.com domain and all wdesk.com subdomains need to bypass the SSL inspection policy. If SSL Inspection is not bypassed for all wdesk.com subdomains, it is likely the end user will experience slowdowns or connections issues.
Workiva currently uses two deep subdomains, example calc.app.wdesk.com. If the SSL Inspection equipment is capable of wildcard entry for the domains, that is a recommended method.
Check for SSL Inspection.
Checking if SSL Inspection is running can be completed by checking the web certificate being used when logged into Wdesk.
- Go to https://app.wdesk.com.
- In the top URL bar, click on the padlock icon ( next to the URL bar in Chrome, in IE padlock is on the opposite side of the URL bar). Then click Certificate.
- A new Certificate window will display. Take a screenshot of the General tab.
- Next, click on the Details tab. Scroll down to the bottom and click on Thumbprint. This can be captured as a screen shot for future diagnosis
- Compare the Clients certificate to the one in the screenshot below. If the certificate does not match the one below, please notify your IT department.
In addition, you can verify that Wdesk subdomains have been set to bypass SSL Inspection. Click the the URL below or go to the canary report and check the certificate.
If the Wdesk logo shows up, the SSL Bypass for Wdesk and Wdesk Subdomains has been implemented correctly. If the logo doesn't show up, or there is an error, SSL Inspection is still blocking the connection, or Whitelisting has not been properly implemented for Wdesk. Contact Support for additional assistance.
Step 3: Test Latency
Note: Only for those using app.wdesk.com. If users are connecting to eu.wdesk.com, do not run this test.
You can now test the speed and latency to Amazon servers which are located in the United States. These tests should only take 2-3min to complete. Please run them one at a time, as running them simultaneously will flag errors.
Testing will ping servers that are geographically separated in different parts of the region. If the Latency is showing more that 250+ ms for servers tested, Wdesk performance will most likely be hindered.
Amazon Web Services Network Test
Click the link to access the CloudHarmony test for AWS. Capture a screenshot and record any errors if needed. Select your test based on your region.
Google Cloud Platform Network Test
Click the link to access the CloudHarmony test for GAE. Capture screenshot and record any errors if needed. Select your test based on your region.
- North America: GAE CloudHarmony Test
- Europe: GAE CloudHarmony Test
- Asia Pacific: GAE CloudHarmony Test
Local Internet Service Provider (ISP) Testing
It's also helpful to test the bandwidth coming from your local ISP. An easy test can be run by clicking on this link. Speedtest URL
If their results show speeds less than 25 Mbps download and 3 Mbps upload, there could potentially be performance issues. If you were able to walk through these tests and no issues arose, there shouldn't be any issues from a Networking standpoint when using Workiva's next generation Platform.
If you think there may be a potential issue, please contact email@example.com.