Google is set to make QUIC the default protocol for web browsing to improve performance by using HTTP over UDP.
- HTTP2 over UDP will be faster
- Enterprise stateful firewalls set to become less useful (or even useless)
- Reminder that enterprise needs now live in the shadows of consumer/retail networking
Last year we announced QUIC, a UDP-based transport protocol for the modern Internet. Over the last quarter, we’ve been increasing the amount of traffic to Google services that is served over QUIC and analyzing QUIC performance at scale. Results so far are positive, with the data showing that QUIC provides a real performance improvement over TCP thanks to QUIC’s lower-latency connection establishment, improved congestion control, and better loss recovery.
A simple description of QUIC is HTTP over UDP instead of using TCP. Because there is no connection establishment phase, this removes between 100ms to 300ms of delay.
Where do we go from here? Today, roughly half of all requests from Chrome to Google servers are served over QUIC and we’re continuing to ramp up QUIC traffic, eventually making it the default transport from Google clients — both Chrome and mobile apps — to Google servers. We plan to formally propose QUIC to the IETF as an Internet standard but we have some housekeeping to do first, like changing the wire format and updating our reference implementation from SPDY-over-QUIC to HTTP2-over-QUIC. In the coming months, we also plan to work on lowering handshake overhead to allow better server-side scalability, improving forward error correction and congestion control, and adding support for multipath connections.
Enterprise in the Shadows of Consumer Markets
This has a substantial impact on Enterprise firewall design and security policy. If you block UDP, the HTTP/TCP will work in fallback but be MUCH slower making enterprise computing a second class citizen on the web.
Enterprise firewalls with stateful inspection become even less useful in enforcing security. UDP is stateless and you will be driven into application inspection with “Application Firewalls” to reassert your existing security posture.
Another reminder that Enterprise IT Comes Last In Technology Innovation