New Block QUIC setting not showing

Question

I saw the popup the other day announcing the new feature in Threat Protection to block QUIC to make sure that everything goes through Web Control and Threat Control correctly. 
 I clicked the "Read more" link which took me to Threat Protection Policy - Sophos Central Admin , indicating it should appear just before the HTTPS Decryption toggle in the Threat Protection policy settings. 
 However when I go to find that setting, it's not there. Is there something I need to do to activate that?

Qoosh · Accepted Answer

Hi Slappy , 
 I was able to find the support case you opened and used the developer tools as Sophos User930 suggested above to enable this policy option. This does not require an additional license. 
 Update: The UI option to Block QUIC browser connections should not be displayed currently. An issue was found where the setting is enabled by default, where this should be disabled by default. 
 The rollout of this feature has been put on hold until the policy enablement issue is resolved. Re-enabling the UI using flags and turning this feature on will not affect your endpoints. 
 Some customers may see a pop-up message advising that this option is available. This pop-up message was not rolled back in time to align with this change.

Sophos User930 · Answer

All I can suggest is you try running: sc.setFlag('cesg.windows.computer.quic.enabled') It might work, i.e. enable it for the endpoint policy. For the server policies if it works: sc.setFlag('cesg.windows.server.quic.enabled') otherwise, you may have to open a ticket with Support. I don't know if you need to logout and back in or just re-open the policy. That is all I have I'm afraid. Hope it works. I see the policy comes down to the DWORD quic_protocol_blocking_enabled under: HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Management\Policy\NetworkPerimeter\[latestrevision]\ 1 being enabled, 0 being disabled in policy.

New Block QUIC setting not showing

Top Replies