My mind was just blown looking into curious traffic coming from my Android phone. I'm seeing my UTM blocking port 443 UDP traffic. That's odd, I wasn't aware there was such a thing. Looking into it, the developers over at Google have been working on a high-speed web protocol that works on udp. They are calling in QUIC.
What does this mean for network administrators? The need to create rules addressing applications that use QUIC.
What about Sophos? Perhaps the need to add support for QUIC in all of it's HTTP proxy and filtering sub-systems.
09:07:19 | Default DROP | UDP |
|
→ |
|
|
A challenge supporting this protocol is that standard proxies won't work. UDP is a shoot-and-forget-it protocol so there is no connection. The challenge here is that returning packets don't have a connection to traverse, they just have an ip address of the internet router. Without port-forwarding rules, the packet won't reach the correct destination and this is no solution either as such rules only support one device per network. This looks to be a horrible idea, but Google has rolled it out anyway. I'm seeing it on the TuneIn streaming App for Android. It's not clear if the challenges can be adequately managed.
More info here: ma.ttias.be/.../
This thread was automatically locked due to age.