WebDAV SSL Communication
Table of Contents
Overview
The user can open files from the file server(s) with:
- Local installed Office editors
- Office Online Server (OOS)
WebDAV SSL communication explained
In Workspace, users can open files locally from the file server. The user contacts/communicates directly with the file storage source. An edited and saved file will be updated directly in the file server.
In Workspace, users can open their Office files from their file server through the Office Online Server. This can be hosted by us or you can host it yourself.
The files will automatically be saved on the file server. The user does not communicate directly with the file storage source, but with the Office Online Server (OOS). The webserver handles the traffic/communication to the Office Online and file server.
Opening files from the file server
Supported
Examples of supported files are:
- DOCX
- XLSX
- PPTX
- PNG/JPG
Supported files such as DOCX files are linked to a WebDAV URL which will be sent to the Office online editors and opened online (Workspace can then view or edit the file from their browser) or can be openend locally.
Notice that for PNG/JPG files we have build our own Workspace 365 preview and will always open via the browser.
Non-supported
Examples of non-supported files are:
- DWG
- PSD
- Etc.
So what about non-supported files? The file URI scheme is used to retrieve files from within one's own computer. Files will be downloaded and can be opened locally.
Notice that for PDF files we did not build are own preview. However, once the file is downloaded, you can choose to open this file type automatically from your browser and open it locally.
WebDAV security
The way we invoke supported and non-supported files differentiate from each other. So what what does this mean for security?
In the article 'Secure your WebDAV SSL file server in IIS' we explain how to secure traffic between the file server and Workspace. Conditional Access policies in Azure, Intune and Firewalls are other ways to secure your company's data. When a file is opened via O365 or OOS and is shown in Workspace, company data stays within this secure IP range.
However, it becomes a different story when someone is working from home and wants to download and open files locally on their device. In this scenario, data will be send through the internet to an unknown IP address outside the scope of your company's managed network, an IP address that is not included in the IIS IP whitelist.
Therefore, we recommend to use O365 or OOS to open files with the online editors and remain within the secure connection via IIS.