Meetical for Confluence Server & DC - Firewall and Hybrid Cloud
We will explain the different offerings of Meetical for on-premise Environments, how the App works under the hood and discuss potential firewall issues and their solution.
Currently there are 3 offerings for customers using on-premise Atlassian Data Center:
- Hybrid Cloud for GSuite / Google Calendar
- Hybrid Cloud for Microsoft 365
- Full On-Premise Microsoft Exchange Confluence Integration (NEW since May 2022)
Based your and other customer's demand, we might also offer full on-premise for M365 and GSuite in the future. Please reach out and let us know.
For Confluence Cloud we support both GSuite and Microsoft 365 without any further firewall configuration. Exchange is not supported on Cloud.
This article is for the Hybrid Server/Cloud Solution we offer. Please see FAQ Pricing and reach out to support for the complete on-premise solution for Exchange. (coming soon to Marketplace)
Full On-Premise: Microsoft Exchange
We're offering a full on-premise solution for Enterprises. The Microsoft Exchange Integration for Confluence.
The Confluence Exchange Calendar Integration uses Exchange Web Service (EWS) and a service account you need to set up, in order to access the calendar folders of users who want to use the Outlook Add-in behind the firewall.
Unlike the Confluence Team Calendar Microsoft Exchange Integration from Atlassian, which uses CalDAV, our Confluence Data Center App uses EWS.
Please note, the Outlook Add-in XML will be generated for your Instance, and all resources needed will be served from Confluence. You do not need to install the Add-in from the Cloud AppSource Store from Microsoft. That version is dedicated to Microsoft 365.
The Outlook Add-in can be installed by an Office / Exchange Admin via the admin center, or with Powershell commands. The Add-in for Data Center + Exchange Server is served by Confluence and installed via Exchange (not via Microsoft AppSource Marketplace).
We recommend that you run a POC with us, since every corporate landscape is different, and there are literally hundreds of different Outlook versions, some still using IE11. Reach out to firstname.lastname@example.org
Here's how the Configuration Page looks like.
GSuite and M365 (hybrid Server/Cloud)
Meetical for Confluence Server in combination with Microsoft 365 and GSuite works with Confluence Server and Confluence Data Center (on-premise).
However, we currently only offer a full on-premise solution for Customers on Microsoft Exchange (with some differences in the initial feature set).
For Hybrid Cloud / On-Premise for GSuite and Office 365, our Meetical Cloud Service running at app.meetical.io (on port 443) needs to be able to communicate with your Confluence Server Instance. We aim for a near-zero configuration experience and handle calendar integration and synchronisation on your behalf.
We do not store any operative meeting data on our own servers and act only as data processor in that relation. We have high security standards, and are certified by Atlassian's Cloud Fortified badge. See our Security Guidelines for reference.
In order to use Meetical you need to
- Allow communication between your Confluence REST API and app.meetical.io (on port 443) by configuring your firewall accordingly.
- Reach out to support and we can discuss a full on-premise solutions
If your instance is reachable from the internet, you are usually fine. If you are behind the firewall, you need to configure a firewall rule and allow access to your Confluence from our Online Service, so we are able to use the Confluence REST API.
Errors you might see if your firewall is too restrictive
- If during setup you see the message 'Error connecting with Confluence: Server error. Please contact Support.', you might be behind a firewall but your changes are high you can configure a firewall rule in order to make Meetical work.
- If you do not even see the Meetical log in screen with an error 'app.meetical.io could not be found' you probably are behind a strict firewall.
In the following we will quickly explain our approach as well as discuss advantages and disadvantages
Using a hybrid Server/Cloud approach comes with a few advantages and disadvantages:
- On your side you will have nearly zero Configuration. Users Login with their Google or Microsoft Account, grant access to their Calendar and Confluence Account in few easy stets and you are ready to go!
- If you would run the Sync Services yourself, you would for example need to create an OAuth Client ID and go through a verification process with Google or Microsoft.
- Furthermore, we can deploy Improvements and Bugfixes continuously and fast without your need to always update the Confluence App. (However, some bigger updates will still require you to update the App)
- Moreover, your Confluence Instance Performance is not affected by change tracking and sync load, because we run all change tracking and sync services for you. We use the Confluence REST API to interact with your instance to process updates.
On the other side...
- ... using our Cloud Services also means you need to give us access to your calendar and confluence systems. To minimize security issues and privacy concerns we both apply modern cryptographic approaches as well as minimize the data we permanently store on our side. In fact, we never store any content like page titles, event dates, attendees etc. on our side. We store all relevant info on your Confluence server, even the ID mapping between events and pages. However, some information we keep in temporary caches and logging and monitoring services.
- To learn more about our serious approach to security and privacy, head over to our pages for Security, Terms and Conditions and our Privacy Statement.
If using our Cloud Services is still not an option for you, we can offer that you get in contact with us so we can evaluate running the Sync Service on your infrastructure and behind the firewall. Furthermore, if we see increasing interest from the community, we might offer a fully integrated Confluence App – as we do for Exchange Server – for M365 and GSuite as well.
Configuring Cloudflare Service Tokens / Firewall Headers
For Cloudflare we support Service Tokens.
You can provide us with your service tokens to authenticate against Cloudflare's Zero Trust policies. Cloudflare for teams will generate service tokens that consist of an ID and Secret. Meetical will use these values to reach an application protected by Access.
This offering comes with a small initial setup cost, without additional hosting costs. Please reach out.
Static IP Addresses
By default Meetical is using dynamic IP Addresses (from AWS ranges). However, we offer an additional package for customers who need to configure their firewall with a fixed IP address for our app.meetical.io service. This comes with additional hosting and one-time setup costs. Feel free to reach out to discuss options with us.
Thank you for your interest in Meetical and let me know any further questions here or via email@example.com.