MS-Office 365 traffic is classified as Skype-Auth by the Server Steelhead

Categories: SteelHead CX (Appliance), SteelHead CX (Cloud Steelhead), SteelHead (Appliance), SteelHead CX (Virtual Steelhead), SteelHead EX (Appliance)
Solution Number: S26026

Issue

 This problem is visible from the Server Steelhead WebGUI: Reports --> Networking --> Current Connections, in the application column, where the traffic appears as “Skype-Auth”. 

The same traffic is correctly identified as “MS-Office-365” on the client Steelhead.
 
This HTTPS traffic is optimized with success and with no error in the logs. 
 

Solution

The problem source is due to a QoS mis-classification and so far the problem was reported only for appliance running Rios 8.6.1.x in the internla bug 218962.

Bug 218962 - O365 Connections being classified as SKYPE_AUTH 

This traffic classification issue involved the third party vendor (http://www.proceranetworks.com/index.php) which developed DPI library responsible of the problem. 
 
The Riverbed Engineering team has raised the problem to the third party vendor who is still working on a fix. 
 
Once the third party vendor has a fix available, the Riverbed developer team will be able to integrate the fix on the RiOS code however It will take a while until it would be available in a RIOS official release (probably months away as from now February 2015). 
 

Environment

 Riverbed case 622663

 
Model Number: CX770M
Version:  rbt_sh 8.6.1a
 
Model Number: CX1555H
Version:  rbt_sh 8.6.1a
 
Client Windows 7
O365 Server
NOTICE: Riverbed® product names have changed. Please refer to the Product List for a complete list of product names.
Last Modified: 2016-03-21
Can't find an answer? Create a case