Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
944
Views
0
Helpful
3
Replies

Cisco IronPort - Youtube filtered except when logged on google

admincoco
Level 1
Level 1

‎09-10-2014 03:07 AM

Hello everybody

Have you heard about that ?

My Cisco Ironport filters youtube videos. I cant play any video.

But, if I log on google first, with a google account, I can access youtube and watch videos.

Labels:
0 Helpful
3 Replies 3

akilgore
Cisco Employee
Cisco Employee

‎09-10-2014 12:47 PM

The different outcomes are likely caused by connecting to Youtube using different protocols. When you browse to Youtube normally, you should see www.youtube.com as the address in your browser -- an http connection. However, signing into your Google account and then browsing to Youtube will result in https://www.youtube.com/--an https connection--because your Google account is also in use on Youtube. Content accessed on Youtube via http is being blocked, but content accessed via https is not.

 

0 Helpful

admincoco
Level 1
Level 1
In response to akilgore

‎09-11-2014 12:46 AM

Hi akilgore,

Thank you for your answer. That is a good explanation.

I have tried to look how to block youtube through https protocol.

 

I went on Youtube with https to get the categorie or IP of that website.

When I look on my Ironport > Webtracking menu, I can only see Google IP's which are classified as "Search Engines and Portals" (so it is allowed)

The Youtube IP adresses are not reflected on the Ironport so I cannot block them.

 

Do you have a tip to do that ? Or Google has done something to bypass Ironport proxies ?

Thank you

0 Helpful

Chris Illsley
Level 3
Level 3
In response to admincoco

‎09-12-2014 02:26 AM

Hi,

My guess is you are not using https inspection, if you were it would work as you wanted.

This does require work to set up though.

An external supplied proxy we use provided a workaround, although I haven't had time to see if it's possible to replicate on an IronPort, this was done to enforce safe search when someone was logged into Google:

The changes made today are as follows:

- Requests for www.google.com or www.google.co.uk are returned with nosslsearch.google.com by the WFS Gateway.

- Requests for encrypted.google.com are blocked.

The way this works is that when a user requests www.google.com or www.google.co.uk they are instead asking for nosslsearch.google.com - This way Google does not redirect the user to the encrypted HTTPS version of www.google.com or www.google.co.uk - Now that the webpage is not encrypted the Content Filter can now enforce the safe search options.

Thanks

Chris

0 Helpful
Customers Also Viewed These Support Documents