Search the Community
Showing results for tags 'flag'.
Found 1 result
-
"While touted as an alternative to TCP, QUIC poses several security concerns for network operators. Standard network security appliances cannot easily identify QUIC traffic, which makes this network protocol vulnerable to cyber criminal activity." "Why do Network Security Teams Not Like Google QUIC? Despite its perceived positives, QUIC could inadvertently have a negative impact on network security. That’s because security appliances like firewalls and network sensors typically are not able to access information they had previously relied on with legacy TCP sessions. This creates a ‘black hole’ that hackers can exploit. Here’s the main problem: Standard network security devices can’t determine the QUIC application protocol, viewing it like layer 4 UDP traffic. While browsers and supported web servers can differentiate between QUIC traffic and other traffic, standard network security like firewalls can’t. This means firewalls are less effective at detecting incoming threats, putting network security at risk. To complicate the challenge for cyber threat hunters, Google revises its protocol frequently, and threat detection tools must catch up with these ever-changing standards. There are other issues. QUIC, similar to TLS 1.3, applies its encryption at the transport layer and not in the higher layers. Hence, it encrypts all transport information, which can virtually eliminate the attack surface that TCP offers. Plus, it’s increasingly difficult to measure and analyze QUIC traffic using reporting tools because, again, firewalls and standard network sensors don’t recognize it. This is a plus for consumer privacy but causes significant challenges for those responsible for protecting our communications networks." source. https://netquestcorp.com/google-quic-and-network-security/