Allowing specific youtube videos

Getting noticed

Allowing specific youtube videos

I have an MX400 and I am using content filtering and categories.  I block streaming media, and I have a policy setup up to allow youtube. youtube policy.JPG

 This policy is applied by LDAP group membership, and it works great.  Users that are members of the group can get to youtube, and all other stream media categories are still blocked.


I would like to be able to do something similar with specific youtube video urls.  The goal is to block youtube by category, but allow a specific URL match within youtube. 


This does not seem to be doable, and it has been discussed, but it's important enough to my company to warrant a new discussion thread.


Anybody else working around this issue?


Kind of a big deal

Are there many videos you want to whitelist?  Would it be possible to download them and host them somewhere else that you have more control of?  I also wonder if Cisco Umbrella or similar might help accomplish this.

Well, sure they can be downloaded.  That's not really what I am after with this discussion.  Yes, CWS, Umbrella, and anything that does https inspection would do this just fine.  I guess the reason I started a new discussion is because I can allow youtube just fine and dandy by policy (even though is still matches a blocked category).  I am wondering why I can't do the same for a specific video URL.  If https inspection isn't a requirement for my Allow youtube policy (see picture above) to work, why is it a hurdle when I try to get granular (specific video URLs)?

Kind of a big deal

@TEAM-ind Yes this should be achievable however what industry are you in, if your in education doing things this way you will be opening the flood gates for a huge amount of work. 


I would say you would be better off educating the users and if they fail to follow the rules they lose access to Youtube full stop.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.