Is QUIC protocol still a security concern?

Posts: 39  Freshman Member
First Comment Friend Collector Fifth Anniversary
edited April 2021 in Security

I've ridden that QUIC protocol developed by google, can be a security risk because is not recognized as web traffic by the firewall (usg 210) and then not filtered correctly.

https://www.fastvue.co/fastvue/blog/googles-quic-protocols-security-and-reporting-implications/

The issue is still current?

In order to prevent I currently use a security policy, which block/deny outgoing traffic from LAN to WAN, on port UDP 443

Thank you for your support

All Replies

  • Posts: 225  Master Member
    25 Answers First Comment Friend Collector Seventh Anniversary

    As I study for year still now.

    I cannot find firewall on the market that claim it can identify the web request via QUIC protocol.

    Look like the current work-around is using firewall rule to block UDP destination port 443 to force Chorme to go for standard HTTP protocol.

Welcome!

It looks like you're new here. If you want to get involved, click on this button!

Welcome!

It looks like you're new here. If you want to get involved, click on this button!