Features added in previous versions

Managing administrator access via OIDC

Authentication overview

You can send a banner message that is displayed at the top of the screen to all conference participants. It is supported in Virtual Meeting Rooms and Virtual Auditoriums, and in all layouts.

A new "1+1" conference layout is available. It displays one large main speaker with one overlaying participant.

When configuring a custom layout you can now specify within the layout's JSON file:

• Where to position the watermark.
• Whether to use a dark or light mode for the indicator display area at the top-center of the layout.

Pexip's Cloud Video Interop (CVI) integration with Microsoft Teams has been enhanced:

• The Teams-like layout has improved framing logic.
• An alarm is now raised in Pexip Infinity if the CVI app certificate is due to expire, or has expired.

Pexip now recommends the use of a blue-green deployment model for Teams Connectors to make upgrades easier and minimize downtime.

There are several improvements to participant policy:

• There is a new display count configuration option which allows the display count (the number of screens possessed by the endpoint) to be overridden. This could be used, for example, to override multiscreen participant display.
• You can now override the call tag that is assigned to a participant.
• You can specify a spotlight priority value to a participant.

Ducking reduces the volume of certain participants when another participant is speaking. If a participant is set to prominent, the audio of all non-prominent participants will be ducked when the prominent participant is speaking.

Ducking is for use as part of the Human Interpreter feature in Pexip Secure Meetings for Justice deployments only, and can be controlled from participant policy, or the client REST API with the new functions receive_from_audio_mix and send_to_audio_mixes.

Pexip Secure Meetings for Justice

Participant configuration responses

Pexip client REST API

Writing local policy scripts

This setting controls whether Guests see other Guests during a Virtual Auditorium.
Previous setting options were Yes or No to Guests seeing other Guests when the last Host left the conference. These have now been replaced with the following options:

• If no hosts are present (default): Guests see other guests only if no other Hosts are present.
• Always: Guests are always shown to other Guests (if there is space in the layout after Hosts).
• Never: Guests never see other Guests.

Note that this setting still does not effect the behavior at the start of a meeting — Guests always still see the "Waiting for the host" screen.

Changes to local/external policy:

The data type of the Virtual Meeting Room / Virtual Auditorium service type response field guests_can_see_guests has changed from a boolean to a string.

• true is now no_hosts. This is the default. Guests see other Guests only if no other Hosts are present.
• false is now never. Guests never see other Guests.
• always is a new option. Guests are always shown to other Guests, if there is space in the layout after Hosts.

If you are currently providing a value for guests_can_see_guests then you need to revise your policy response to use the new data type / values.

The behavior of Pexip's classic layouts has been updated. All of the classic layouts now have a similar look and feel to the Adaptive Composition layout:

• All in-conference indicators, such as participant counts, audio participants, recording indicators and locked status are now shown at the top-center of the layout. This replaces the previous "slide out" indicators. The only exceptions to this are the "in-lobby" notifications in Teams CVI calls which still employ the slide-out mechanism.
• Active speaker text overlays are now supported in all layouts.
• Any classification indicators now appear below any in-conference indicators for all layouts.

Note that the classic layouts still do not apply any face detection or framing technologies.

When deployed in O365 environments, VMR Scheduling for Exchange now supports authentication using an app registration with relevant application permissions to allow use of EWS Impersonation, rather than a service account that is granted the Application Impersonation role.

This is because the Application Impersonation role assignment to service accounts is being deprecated by Microsoft. From May 2024, Microsoft prevented new Application Impersonation role assignments. From February 2025, this role will be removed completely (for more information, see Microsoft's announcement). For Office 365, all new VMR Scheduling for Exchange deployments must use the alternative option using application permissions, and all existing deployments must be updated to enable this option as soon as possible.

Custom layouts has the following improvements:

• You can define presentation modes for defining the layout when a presentation is in progress and the client is receiving the presentation as part of the layout mix.
• You can specify the background color for the custom layout.

• The base theme includes a new custom 1+9 layout which has one large main speaker and up to 9 other participants, and includes support for receiving the presentation stream as part of the layout mix.

  

• Connect Webapp3 users can now select any of the custom layouts that are available to the current conference when changing the layout via the Meeting layout tab.
• Custom layouts is now a fully supported feature (it was a technology preview feature in previous releases).

Breakout rooms have been enhanced with the following additional features:

Request assistance

Guests in breakout rooms can now request assistance from the Host. When someone asks for help then all Hosts who are not already in that room see a message and can join the room requesting assistance.

Guests can directly rejoin the main room

A new optional configuration setting when opening breakout rooms can give Guests using the web app the ability to return to the main room from the breakout room via a Return to main room button.

Note that this does not prevent guests leaving a breakout room by disconnecting and then redialing the same conference and rejoining the main room.

Bypass locked conference state

There is a new bypass_lock configuration option in participant policy which allows a participant to bypass the locked state of a conference and enter the conference as if it was not locked.

Virtual Auditoriums support

Breakout rooms can now be enabled for Virtual Auditoriums. Previously only VMRs could be enabled for breakout rooms. You can also use the new Guests can see other guests configuration option to control the behavior when no Hosts are present in the Virtual Auditorium.

Host chat message visibility

Hosts can no longer see all chat messages from all breakout rooms at all times. They must now join the breakout room to see chat messages belonging to that room.

Note that breakout rooms are still a technology preview feature and can be enabled via Platform > Global settings > Tech preview features > Enable Breakout Rooms.

Breakout rooms

Configuring Virtual Auditoriums

Participant configuration responses

Pexip client REST API

Writing local policy scripts

The indicator bar at the top of the Adaptive Composition layout now shows the number of participants with a raised hand.

The indicator bar also alternates every 5 seconds to show a message containing the name of the first participant in the list of participants with a raised hand.

Any WebRTC device with a portrait aspect ratio (such as 9:16) can now receive a layout specifically designed for a portrait display in all layouts (previously this was limited to the Adaptive Composition layout).

This is still a technology preview feature and can be enabled via Platform > Global settings > Tech preview features > Enable portrait layouts.

Pexip's Cloud Video Interop (CVI) integration with Microsoft Teams has been enhanced:

• Scheduled scaling termination rebalancing: previously, an instance that was selected for termination was only stopped when all calls on that instance had drained. Now, to increase efficiency and to reduce compute costs, if another instance becomes empty in the meantime then that other instance is terminated instead.
• You can use local or external policy to enable the "Fit to frame" option within Teams for a VTC participant.

• Changes to the installation process and upgrade scripts are:

  • The default VM size for the Teams Connector has changed from Standard_F4s to Standard_D4s_v5, which is a more modern instance type.

    The supported instance types are now Standard_D4s_v5 (Intel), Standard_D4as_v5 (AMD), and Standard_F4s (old), and is now specified through a new $PxAzureVmSize variable and associated parameter in the installation/redeployment scripts.

    When selecting your instance type you should consider your VM quota, availability in the region you’re deploying to and pricing. The price and availability of Standard_D4s_v5 is very similar to Standard_F4s.

    You should review your VM quota and ensure that any requested increase is approved before performing the upgrade.

  • Certificate-based authentication (CBA) is the now the default behavior to authenticate the Teams Connector CVI application towards MS Graph.
  • If you need more control over the Teams Connector VNET, you can now deploy and use your own customized VNET.
  • Private routing is now a fully supported feature.
  • PowerShell 5.x, Powershell 7.x or PowerShell ISE x64 using PowerShell 5.1.x are supported.
  • The documented installation and upgrade processes now require you to import specific required versions of Az Powershell and Microsoft.Graph Powershell modules.

  When upgrading to version 34 you can continue to use your existing Teams Connector API app that you have previously deployed.

When using local policy, the service_config variable (which holds any existing service configuration data) can now be used in scripts run as service configuration, participant and media policy. Previously it could only be used in service configuration policy scripts.

When using participant policy (local or external) you can now specify a reason for rejecting a call, which is then subsequently shown to any Connect app users.

You can now control whether Guests see other Guests when the last Host leaves the conference in a Virtual Auditorium via a new Guests can see other guests setting.

Note that this does not effect the behavior at the start of a meeting — Guests always still see the "Waiting for the host" screen.

Support for the Meeting Controls macro in Pexip VMRs

The Meeting Controls macro, which provides advanced conference controls on Cisco endpoints, is now available to use in Pexip VMRs.

Meeting Controls for Cisco endpoints

You can now allow administrator accounts connecting to the Pexip Infinity management API to authenticate using OAuth instead of, or in addition to, LDAP credentials. Doing so removes the need for every API request to first send an authentication request to the LDAP server.

This release contains the following administrative improvements:

• SSH keys can now be used for the admin account for authorized SSH access to your Management Node and Conferencing Nodes.
• X.509 certificates signed using ED25519/ED448 signature schemes can now be uploaded to the Management Node as TLS certificates.
• AWS EC2 instances now support IMDSv2.
• When configuring a Conferencing Node, the SIP TLS FQDN field has been renamed Configured FQDN. This is a label/name change only — the field still functions in the same manner as before.

Configuring SSH authorized keys

Managing TLS and trusted CA certificates

AWS security blog

You can now use local and external policy to override a participant's role, alias and display name before they join a conference. This allows you, for example, to anonymize a participant's name or modify their role based on other properties of the call or their associated Identity Provider. This new Participant policy option is configured in the same way as the existing local and external policy types and is executed after any service configuration policy and before any media location policy.

To support participant policy, you can now also define custom attributes for your selected Identity Providers (Users & Devices > Identity Providers > Advanced options). The attributes you assign are made available to any local or external participant policy, where a Connect app or other WebRTC participant uses that provider for authentication. These attributes can then be used in the participant policy decision-making process (for example whether to accept or reject a call, or assign a specific role).

Using external and local policy to control Pexip Infinity behavior

About participant authentication

You can design your own layouts and use them in the same way as the standard adaptive composition and classic layouts that are included by default.

Custom layouts are specified through JSON configuration files that are uploaded via themes. The theme can then be assigned as the default theme or applied to specific VMRs and gateway rules as required, to control where your custom layouts may be used.

A new customlayouts license is required to upload your own custom layout files.

In addition, two new example custom layouts have been added to the base theme, as files custom_layout_one_main_twelve_around.json and custom_layout_two_mains_eight_around.json.

These custom layouts are available for use in all service types in the same way as the existing standard layouts:

• 1+12 (Large main speaker and up to 12 other participants)

  

• 2+8 (Two main speakers and up to 8 other participants)

  

(The numbers in the images indicate the order in which participants are displayed.)

Rules and requirements for customized themes

Any WebRTC device with a portrait aspect ratio (such as 9:16) can now receive a layout specifically designed for a portrait display when in a conference that is using an Adaptive Composition layout.

This is a technology preview feature and can be enabled via Platform > Global settings > Tech preview features > Enable AC Portrait.

Pexip's Cloud Video Interop (CVI) integration with Microsoft Teams has been enhanced:

• Users who have Microsoft Teams Room devices with Pro licensing can now make and receive 1:1 (also referred to as point-to-point) SIP/H.323 video calls with VTCs, and call into Pexip Infinity VMRs.
• You can now enable private routing between your Pexip Infinity platform and your Teams Connector deployment. This enables traffic to go over a private/internal network instead of the public internet. This is a technology preview feature.

• Changes to the installation process and upgrade scripts are:

  • There are some new variables in the variables script, and new parameters to create_vmss_deployment.ps1 in the installation and redeploy scripts to support Microsoft Teams Rooms SIP/H.323 calling, private routing and certificate-based authentication for the CVI app ID (see the upgrade steps for details).
  • We have documented a blue-green deployment/upgrade strategy to improve the upgrade process. This allows you to create separate environments where one environment (blue) is running the current application version and another environment (green) is running the new application version. Using a blue-green deployment strategy increases application availability and reduces deployment risk by simplifying the rollback process if a deployment fails.

  • From version 33 you can use certificate-based authentication (CBA) to authenticate the Teams Connector CVI application towards MS Graph. In version 33, CBA is optional and the previous password-based authentication method is still the default mechanism.

  Note that when upgrading to version 33 you can continue to use your existing Teams Connector API app that you have previously deployed.

• VTC endpoints now see a splash screen if a Teams client starts PowerPoint Live sharing, or uses any other non-supported content share sources, such as Excel or Whiteboard:

  

• Other administrative changes are:

  • The call capacity has been restored to approximately 15 calls per Teams Connector (it now uses an updated and improved Microsoft Teams SDK for interoperability).

  • Firewall changes to support calls between Microsoft Teams Rooms and VTC endpoints:

    • You need to open port 4277/TCP on your Conferencing Nodes to receive signaling from your Teams Connector instances.
    • Signaling is now sent from Microsoft Teams to port 10101/TCP on the Teams Connector's Azure load balancer.
  • The app password is now stored in the Azure Key Vault (instead of the Automation account).

  • Improvements in the Pexip Infinity Administrator interface (Status > Live View):

    • The private IP address of a Teams Connector instance is now shown when viewing its status in Live View.
    • Any overly long meeting names are now truncated when displayed in Live View.
  • The Teams-like layout and Microsoft's Large Gallery view are now fully supported features (they were technology preview features in previous releases).
  • The Teams Tenant ID is now provided in the call information (as teams_tenant_id) that is available to local and external policy.

Breakout rooms are now supported on VMRs. This lets you configure individual VMRs so that its participants can be moved into segregated breakout rooms.

This is a technology preview feature and can be enabled via Platform > Global settings > Tech preview features > Enable Breakout Rooms.

This release includes two new custom jinja filters:

• pex_url_decode: this can be used to decode previously URL-encoded links. For example, it can be used with OTJ custom rules to simplify the regular expressions required.
• pex_urldefense_decode: this can be used to decode strings that have been encoded by Proofpoint's URL Defense.

Custom Pexip filters

Denoising is a server-side feature that removes the background noise from somebody who is speaking. (In comparison, Softmute softens the gain from a noisy, but non-speaking participant.)

This is a technology preview feature and can be enabled via Platform > Global settings > Tech preview features > Enable Denoise and can then be individually enabled or disabled at the VMR level.

Tech preview features

You can now select, per system location, the syslog servers to be used by the Conferencing Nodes in that location.

On upgrade to v33, all existing syslog servers will be assigned to all existing locations. Any subsequently created locations must have their associated syslog servers assigned manually.

This release contains the following administrative improvements:

• A "Google Meet Gateway Token expiring" alarm is raised when the Google Meet gateway token is due to expire within the next 30 days.

• When configuring event sinks there is a new advanced tuning setting — Time between metrics updates — that specifies the time between event sink metrics updates.

• There is a new User Group configuration page in the Administrator interface at https://<manageraddress>/admin/platform/usergroup/ which is used in conjunction with version 3 of the VMR portal to map users to Pexip Infinity resources.

Controlling web app path branding and VMR management via user groups

Extra configuration and maintenance tasks for the VMR self-service portal

Pexip Smart Scale has been removed from Pexip Infinity.