IT for IT corner: Slow page load starts and slow video starts

Posted November 28, 2023

Slow Page Loads and Video Buffering? It May Be Your Firewall Settings

This article is intended for our customers where Verus is IT for IT. If you have noticed slow page load start times or video play start times, a combination of firewall security and browser settings could be the culprit. Verus configures firewalls to block two technologies – QUIC protocol and DNS over TLS/HTTPS – that can cause these problems due to recent browser changes. However, we block them for good reason.

If you are a customer where Verus handles all of your IT and think you might be affected by things like delays when loading YouTube videos or random pages starting to load slowly, please open a ticket with help@veruscorp.com referring to this article and we can help you evaluate/test.

QUIC Protocol – Speedy But Insecure

QUIC is a protocol that uses UDP to speed up web transfers. The downside is it allows web traffic to bypass your web filtering tools like WebBlocker. To prevent this security issue, Verus blocks QUIC using application control rules and packet filters on UDP port 443.

Blocking QUIC has been effective for years to prevent the bypass of WebBlocker. However, recent web browser updates have become less compatible with our QUIC blocks, sometimes leading to slow page loads. As such, we are now recommending QUIC be disabled at the browser level.

Disabling QUIC can be fairly simple on the leading browsers. For Edge and Chrome, just copy-n-paste either edge://flags/#enable-quic” or chrome://flags/#enable-quic into the URL bar to view the settings directly and disable them.

Edge:

edge://flags/#enable-quic”

set to disabled

Chrome:

chrome://flags/#enable-quic

set to disabled

If you still have issues, disable this as well:

DNS over TLS/HTTPS – Privacy Concerns

DNS over TLS/HTTPS secures DNS lookups using SSL/TLS encryption. This prevents DNS spoofing attacks. However, it also bypasses DNS filtering tools like DNSWatch.

To keep clients secure, Verus firewalls block these technologies. The downside is it can cause delays in DNS lookups as the browser fails over to standard unencrypted DNS.

You can speed up DNS by disabling Secure DNS in your browser’s privacy settings.

The Takeaway

QUIC and DNS over TLS/HTTPS may seem helpful on the surface – faster speeds and more privacy. However, they bypass critical security filters that protect your network. As a result, Verus firewalls block these technologies by default. This keeps clients secure, but can inadvertently cause slow page and video loads. The good news is you can optimize this from your end. Start by disabling QUIC and Secure DNS in staff web browsers. For Chrome and Edge, simply paste the URLs listed above into your address bar to toggle these settings off. If issues persist across multiple machines, Group Policy can control these settings network-wide. Test on a small group before a wide rollout.

Balancing security and performance can be tricky. If you continue noticing slow speeds after these changes, please open a ticket. Reference this article and our team would be happy to evaluate your firewall configuration. We aim to maximize both without compromise.

Eric Snyder

Eric Snyder is a Senior Network Engineer and the Technical Lead for WatchGuard products at Verus. With over 25 years of experience in IT and networking, Eric helps architect and support secure infrastructure solutions for Verus clients. Before joining Verus, Eric founded and operated an ISP startup with partners before pivoting to run his own IT consulting firm. In those ventures, he gained firsthand experience helping SMBs navigate IT infrastructure and security. Today at Verus, Eric works closely with WatchGuard on product development as a beta tester and feature advisor. His technical expertise helps inform Verus security configurations, support, and strategic guidance across client solutions. When he's not immersed in the latest network tech, you can find Eric indulging in two passions: his love for Basset Hounds and the yearly Minnesota State Fair. As a long-time Minnesota resident, he looks forward to this can't-miss event filled with live music, indulgent foods, and the best people-watching around.