You may want to allow access to certain Youtube Channels while blocking the rest. You can use a custom URL to allow based on the video URL ID. However this will mean adding each video ID when a new content is released - which could be very time consuming. (also some channels have hundreds of videos, do you really want to add each one manually?)
A better way is to allow the specific channel, as normally each channel is dedicated to a certain type of content. (ie learning about how cloud technologies work ect).
This guide will show you how simple it is to set up.
NOTE - SSL Inspection needs to be enabled for this to work and you will need to be licensed for Cloud App Controls.
1 - Youtube Channel ID:
You will need to find the Youtube Channel ID.
I used the following URL. https://commentpicker.com/youtube-channel-id.php
Paste the channel URL, or a video from that channel to get the ID. In my case I pasted one from a channel I like (called Tolarian Community College) .
This then gave me the following results.
Copy the Channel ID, in this case its “UC7-hR5EfgpM6oHfiGDkxfMA”.
Another way to get the ID is to go onto the video and view source code and search for “channelId”.
2- Youtube Tenant:
On ZIA go to Administration > Tenant Profiles
Then add a new profile for Youtube and select “Youtube Channel ID” as a parameter, then add the Channel IDs.
3- Cloud Application Policy:
Now create a Cloud App policy. We will need x2, one to allow youtube for specific channels and one to block the rest (ie a default block all rule).
Go to Policy > URL & Cloud App Control > Cloud App Control Policy
Add an Allow rule to youtube and select the youtube tenant profile created.
Now add a block rule for Youtube. This will catch anything the first rule doesn’t.
Following is a summary of the configuration
Once enabled, users will only be able to view videos from the specific channel.
Following is a screenshot of what happens when I watch a video from an authorised channel. (it’s pure Magic!!)
The following is what you see when you go to a channel that is NOT authorised.