Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

TLS Encrypted Client Hello (ECH) - will break CFS without DPI-SSL

BWCBWC Cybersecurity Overlord ✭✭✭

Google (Chrome) and Mozilla (Firefox) are planning to implement the encryption of the Client Hello process.

If you're using DPI-SSL this should not have much impact, but if you solely rely on "HTTPS Content Filtering" in your CFS settings, you will be out lof luck sooner or later.

One step further away from scanning at the perimeter.

--Michael@BWC

Category: Mid Range Firewalls
Reply

Comments

Sign In or Register to comment.