Vimeo's domain-based privacy settings restrict the ability to embed a video to a specific set of domain names. It worked perfectly for quite a few months until we ran into a very strict security setup. Someone using Ironport as identified by the HTTP_VIA header was unable to watch the private Vimeo video embedded within our web site.
The HTTP_VIA header was: 1.1 sphsprox.seph.local:80 (Cisco-IronPort-WSA/7.5.0-833)
The use of the proxy appears to confuse the context of the video, which triggers a false negative regarding the validity of the embed. I rarely feel the need to worry about such setups since they implicitly decided to sacrifice access to some content. However, I did provide an alternate download link (not embedded) so that the content is still accessible. Of course, such a low-level workaround is only possible because of the specific type of video content we were providing.