IT for IT corner: Slow page load starts and slow video starts
Slow Page Loads and Video Buffering? It May Be Your Firewall Settings
This article is intended for our customers where Verus is IT for IT. If you have noticed slow page load start times or video play start times, a combination of firewall security and browser settings could be the culprit. Verus configures firewalls to block two technologies – QUIC protocol and DNS over TLS/HTTPS – that can cause these problems due to recent browser changes. However, we block them for good reason.
If you are a customer where Verus handles all of your IT and think you might be affected by things like delays when loading YouTube videos or random pages starting to load slowly, please open a ticket with firstname.lastname@example.org referring to this article and we can help you evaluate/test.
QUIC Protocol – Speedy But Insecure
QUIC is a protocol that uses UDP to speed up web transfers. The downside is it allows web traffic to bypass your web filtering tools like WebBlocker. To prevent this security issue, Verus blocks QUIC using application control rules and packet filters on UDP port 443.
Blocking QUIC has been effective for years to prevent the bypass of WebBlocker. However, recent web browser updates have become less compatible with our QUIC blocks, sometimes leading to slow page loads. As such, we are now recommending QUIC be disabled at the browser level.
Disabling QUIC can be fairly simple on the leading browsers. For Edge and Chrome, just copy-n-paste either edge://flags/#enable-quic” or chrome://flags/#enable-quic into the URL bar to view the settings directly and disable them.
set to disabled
set to disabled
If you still have issues, disable this as well:
DNS over TLS/HTTPS – Privacy Concerns
DNS over TLS/HTTPS secures DNS lookups using SSL/TLS encryption. This prevents DNS spoofing attacks. However, it also bypasses DNS filtering tools like DNSWatch.
To keep clients secure, Verus firewalls block these technologies. The downside is it can cause delays in DNS lookups as the browser fails over to standard unencrypted DNS.
You can speed up DNS by disabling Secure DNS in your browser’s privacy settings.
QUIC and DNS over TLS/HTTPS may seem helpful on the surface – faster speeds and more privacy. However, they bypass critical security filters that protect your network. As a result, Verus firewalls block these technologies by default. This keeps clients secure, but can inadvertently cause slow page and video loads. The good news is you can optimize this from your end. Start by disabling QUIC and Secure DNS in staff web browsers. For Chrome and Edge, simply paste the URLs listed above into your address bar to toggle these settings off. If issues persist across multiple machines, Group Policy can control these settings network-wide. Test on a small group before a wide rollout.
Balancing security and performance can be tricky. If you continue noticing slow speeds after these changes, please open a ticket. Reference this article and our team would be happy to evaluate your firewall configuration. We aim to maximize both without compromise.