2 of 2 people found this helpful
Please keep in mind Chrome is a google product and youtube belongs as well to goole. When using Chrome and accessing youtube the browser can choose QUIC protocol for. This won't be supported by MWG or Other devices in your Corporate Network so the browser will make a fall back to usual SSL tunnel. When you're using MCP you most likely redirect 80 and 443 to a Proxy (Cloud or on Premise). It is possible to establish another connection directly to youtube using different port which isn't redirected to a proxy and not been blocked by you're client firewall. You can create client TCP dump using wireshark to confirm this behavior and port that is used for. As you already identified before IE and Firefox most likely didn't have this implemented, QUIC is google developed protocol.
Hello Sergej and thank you very much for that answer. It does make sense! I'll have to try running wireshark on one of the client machines to confirm this. I'll also look for ways to accurately identify the QUIC protocol.
If this is the case, I may have to resort to either placing the MWG appliance logically between LAN and firewall so it scrutinizes all traffic OR go back to using WPAD, which has its own shortcomings.