Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 4 subscribers
  • Views 2091 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Keyword block on youtube.com should work but doesn't ?

Escape75

I'm trying to block a particular keyword for certain devices on youtube.com website but it's not working ...

For example, perform a regular expression block on domain youtube.com that would block "key word" searches:
https://www.youtube.com/results?search_query=key+word

First step force traffic through TCP instead of UDP as first rule:


Second step, don't bypass content scanning for streaming sites:


Finally add a regex filter for youtube domain:


But it's not working ... it works for other domains just fine, but not youtube.

Operation mode is transparent, and URL filtering only for HTTPS which should be enough ...

Tested via Policy Helpdesk and sure enough the devices that I need show that it will be blocked but it's not.

Seems like HTTPS is not filtered, even with URL Filtering only which doesn't make any sense to me ?




This thread was automatically locked due to age.
Parents
  • 0

    Correct.

    When the traffic is HTTPS, UTM does not see the full URL, only the FQDN portion.   The rest is in the encrypted portion of the packet.  UTM cannot filter what it cannot see.

    To solve the problem, you need to activate decrypt-and-scan (https inspection).    Doing so will introduce other challenges, but it will allow UTM to enforce the filter that you want to activate.

Reply
  • 0

    Correct.

    When the traffic is HTTPS, UTM does not see the full URL, only the FQDN portion.   The rest is in the encrypted portion of the packet.  UTM cannot filter what it cannot see.

    To solve the problem, you need to activate decrypt-and-scan (https inspection).    Doing so will introduce other challenges, but it will allow UTM to enforce the filter that you want to activate.

Children
No Data
Unfiltered HTML