Planning on enabling SSL decryption? Watch out for this…

SSL is a commonly used terminology when discussing HTTPS. It is a growing category of network traffic that delivers private and secure communication. Unfortunately, it can also be used inaptly to hide application usage, transfer data to unauthorised parties, and mask malicious activity.

SSL Decryption is the ability to view inside SSL traffic as it passes through a firewall.

Quick UDP Internet Connection (QUIC) is Google’s experimental, low-latency Internet transportation protocol over UDP.

Chrome browsers have the QUIC protocol enabled by default. When users try to access Google apps using the Chrome browser, a session to a Google server is established using QUIC instead of TLS/SSL. This means your firewall won’t be able to decrypt it using SSL decryption.

To overcome this, you need to create a security policy in the firewall to block the QUIC application. On some firewalls this is done by creating a security policy that specifically denies the quick application and, on some others, it’s a checkbox. Either way, once QUIC is blocked, Chrome will seamlessly revert back to good old SSL and your firewall will be able to decrypt it.