How to disable QUIC protocol in Google Chrome
Bitdefender GravityZone provides full visibility into organizations' overall security posture, global security threats, and control over its security services that protect virtual or physical desktops, servers and mobile devices. All Bitdefender's Enterprise Security solutions are managed within the GravityZone through a single console, Control Center, that provides control, reporting, and alerting services for various roles within the organization.
QUIC is the name for an experimental protocol and it stands for Quick UDP Internet Connection. The protocol supports a set multiplexed connections over UDP, and was designed to provide security protection equivalent to TLS/SSL, along with reduced connection and transport latency.
Some websites are not being filtered because they use the QUIC protocol. QUIC is not a standard SSL protocol and it is not filtered by MITM (certificate is not signed by MITM). To check if a website is using the QUIC protocol in Google Chrome, install the "spdy http2 indicator" extension.
Disabling QUIC protocol
The QUIC protocol can be disabled by using one of these procedures:
- Disable QUIC in Google Chrome:
- In the URL type "chrome://flags".
- Search for "Experimental QUIC protocol" and disable it.
- Use an Endpoint Security firewall rule.
To create a Firewall Application Rule blocking Chrome:
- Open the policy currently running on the affected machines.
- Add a Application Firewall Rule for chrome.exe.
- Configure the Application Firewall Rule as follows:
- Add a rule name and an application path for chrome.exe.
- Under Settings, select the Any check box next to Local Address.
- Select the Any check box next to Remote Address and add port 443 next to Port or port range.
- Select UDP for Protocol, Both for Direction, and Any for IP.
- Under Network, select the Home/Office and Public check boxes. For Permission, select Deny.
- Click the Save button.
- Apply the modified policy on the endpoints.
Should the above steps not resolve the issue, contact the Bitdefender Support Team.