Google Chrome v117 turned on TLS Encrypted ClientHello by default (on 27 Sep?) This will impact the effectiveness and accuracy of outbound traffic filtering* - for those who've implemented it (regardless of vendor.) We've written a short blog post on disabling it with PowerShell, Windows Registry and Google Chrome UI for those who may need to roll this out ASAP and regain visibility. (Disclosure: we are a vendor of an outbound filtering solution and this has impacted our customers already.)<p>*for many websites, the domain name visibility during an HTTPS handshake will no longer be available to firewalls/proxies (unless they were terminating.)
DiscrimiNAT Firewall seems like a useful product: <a href="https://chasersystems.com/" rel="nofollow noreferrer">https://chasersystems.com/</a><p>Reminds me somewhat of Zscaler.