Scanning QUIC

Comments

6 comments

  • Avatar
    Firewalla

    Decode QUIC? or capture the flow? If it is capturing the flow, we already doing that. 

    1
    Comment actions Permalink
  • Avatar
    Petrushka

    I mean doing the same security scan/analysis firewalla does on H2 (TCP) packets.  Does it also do this with H3 UDP packets? 

    0
    Comment actions Permalink
  • Avatar
    Petrushka

    ?

    -1
    Comment actions Permalink
  • Avatar
    Firewalla

    Firewalla will treat QUIC the same as rest of the protocol stack. Is there anything in particular you want to see with Quic? like it is QUIC flow? 

    1
    Comment actions Permalink
  • Avatar
    Petrushka

    I was just reading that many firewalls do not have the capability to scan QUIC traffic so the recommendation is to block UDP packets on ports 443 and 80 in the firewall.  It sounds like a Firewalla firewall appliances will scan this traffic like any other TCP traffic, is that correct?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    It depends on what they mean by "Scan QUIC", if it is MAN in the MIDDLE (decrypt and then encrypt), likely. If it is just look at TCP/UDP/IP headers, then it should be fairly easy, there is no difference between looking at HTTPS and QUIC ... 

    1
    Comment actions Permalink

Please sign in to leave a comment.