QUIC is a new transport protocol that combines the value provided by protocols like TCP, TLS, and HTTP/2 with the goal to make the internet faster, more reliable, and more secure. QUIC operates on top of UDP and is the foundation for HTTP/3. It aims to streamline the protocol’s handshake process, reduce latency, parallelize multiple data streams, and enhance error detection and loss response. Additionally, QUIC is built-in with encryption capability to secure communication, including connection metadata. However, its adoption also poses substantial challenges for network management and cybersecurity. Since QUIC prevents inspecting protocol details, traditional firewalls can no longer track connections and may open unintended gaps, making it impossible to scan for malware or apply data loss prevention rules. Enterprise security providers suggest blocking QUIC traffic on the network and disabling it on managed devices through policies, while emerging concepts like Zero-trust can mitigate some of the identified risks.
Key topics discussed;
Number of pages: 8
Recommended for: Business manager / IT professionals
Published: 28. April 2023