Technical Specifications

Evercast is a high-resolution, high-frame rate, video production and collaboration tool. Users participate in an interactive, low-latency conference virtual room, and media from a production station is transmitted in real time to the room for shared review.

Interactive sessions can be recorded, preserving the reactions and annotations of all participants. Notation and draw tools are recorded along with the session. Voice and video for each participant as well as the streams of gomedia being commented are all preserved, and can be individually reviewed for playback.

Evercast is a high-resolution, high-frame rate, video production and collaboration tool. Users participate in an interactive, low-latency conference virtual room, and media from a production station is transmitted in real time to the room for shared review.

Interactive sessions can be recorded, preserving the reactions and annotations of all participants. Notation and draw tools are recorded along with the session. Voice and video for each participant as well as the streams of gomedia being commented are all preserved, and can be individually reviewed for playback.

Specifications/Features

  • Invite System allows quick adding of users to your private room without a complicated sign-up.
  • Users can be invited to public (link sharing) and private (invite-only) rooms
  • Video conferencing supports up-to nine (9) participants or video streams
  • Draw tool allowing on-screen annotation with lines, shapes, text
  • Equipped with high-fidelity screen-sharing including stereo audio
  • Supports Chrome (preferred) and Safari (on iPad) web browsers
  • Supports HD streaming over 4Mbps connections
  • Supports multiple simultaneous screenshares
  • Unobtrusive, simple user interface
  • Rapid joining and quitting of rooms
  • Full-screen mode
  • S3 Per Org – Separate storage for recorded content within your own S3 account if needed
  • Supports streaming directly from a production machine
  • Supports streaming from air-gapped machines, breakout boxes and reference monitors
  • Sessions can be recorded securely, stored and encrypted on the server and cannot be downloaded
  • 2FA (2-factor authentication) can be required or optional for all logins, configured by administrator
  • No storage or cost limits on recordings
  • Up-time guarantees and SLAs available

Security/Technical Details

Evercast is an HTML5 WebRTC-based collaboration tool. Media is transmitted from the user’s browser and/or Evercast Broadcasting Software (EBS client to an Evercast video relay server (the SFU. The SFU either then relays the RTP traffic to the other participants in the room and then immediately discards that RTP traffic, or (if the room is set to be recorded by the room’s host the SFU writes the media traffic to a file which gets persisted in an encrypted (AES 256 SSE-C and private S3 bucket.

Compression and Bandwidth

  • In-browser screen share supports up to 2.5Mpbs broadcast
  • EBS Software supports 720p @ 30fps using 4Mbps
  • EBS Software supported configurations up to 1080p @ 60fps using 10Mpbs on sufficient hardware
  • Codecs Supported: VP9 (profile 0), VP8, H.264 (baseline) low-latency, supporting 8bit color, 4:2:0 subsampling
  • (limited by web browser)
  • Supports streaming from air-gapped machines, breakout boxes and reference monitors using external
  • broadcast hardware such as AJA.

Protocols

Video conferencing currently supports up-to 9 participants via WebRTC. Protocols employed include STUN, TURN, ICE, RTCP, TLS / SRTP / DTLS, and operating in the 20000-25000 port range for WebRTC signalling and media streams as well as standard HTTPS port 442.

Network Security

All data is encrypted in transit (TLS / DTLS / SRTP / HTTPS). To use Evercast requires access to standard HTTP/HTTPS and TCP on select ports (configurable). An example range would be TCP/8989 and UDP 8000-9000. Video can be tunneled through standard TCP though it performs best with UDP access. Access to the site is filtered through Cloudflare, which protects against SQLi, XSS injections, DoS, and known malicious IP addresses. Amazon AWS network offers additional protection and identification of several types of attack, including Distributed Denial-of-Service (DDoS), port scanning and packet sniffing.

Server Security

The network is cloud-based. Client content (both video content and metadata) is encrypted at rest (AES256). This includes both the database and S3 buckets. AES 256 encryption is applied using SSE-C, and additional configuration options are available for enterprises. These include having dedicated S3 buckets with their own SSE-C keys, and granting our system access via IAM roles. All code is reviewed and tested for security before being deployed, and independent security evaluators perform audits throughout the year. Account protection comes standard and additional security features are continually added as per roadmap. Extensive event and process logs are kept for auditing purposes and quality control. Server baselines are audited yearly and built from trusted images. Administrative privileges are restricted to the infrastructure team, on a need-to-know basis, using a secure password manager based on strong encryption. Unmanaged hardware access is prevented by the Amazon VPC technology, which allows access only to the resources created inside the account and to authenticated VPN clients. No other devices can physically access the network.

Application Security

Written primarily in full-stack JavaScript following OWASP guidelines, Evercast is secured via database-level access control policies, a Web Application Firewall, and other front-end and back-end protection mechanisms. We ensure that applications are developed securely via code-review and security checklists.

Additional security information is available upon request.