cancel
Showing results for 
Search instead for 
Did you mean: 

Blocking iOS Software Updates

hisham_matni
New Contributor III
Hello,

I m looking for a way to block software updates for all iOS devices connected through the Wi-Fi network..
Can this be done using application denial policy?
6 REPLIES 6

max_o_driscoll
Valued Contributor
Not in a simple tickbox way.

The iOS update packages must come from a range of webservers and if you could find those specific addresses and mask them into a deny policy and test...it might just work.
But almost certainly going to be unexpected gotchas such as other app updates being blocked.

Haven't tried it so cannot give definitive.

Ruckus will give you basic traffic throttling but not much more unless you can find some really creative way to achieve what you are asking.That's filter/firewall/traffic management stuff.

=============
Just googled ios update servers...

Software Update must communicate with Apple's update servers in order to download and install updates. Ask your network administrator to allow the following server addresses on your DNS and proxy servers.

  • swcdn.apple.com
  • swdownload.apple.com
  • swquery.apple.com
  • swscan.apple.com
=============

Hmm?
Maybe blocking swscan.apple.com might be enough.

Test, test and test, then expect the unexpected!

hisham_matni
New Contributor III
Thanks for the reply.
i tried adding those servers into an ACL and applied it on the WLAN.. but still iOS devices were able to check the update server.

i tried
- mesu.apple.com
- appldnld.apple.com

Also didnt work..

might be worth blocking something specific first to check the denial rules gets applied
www.bmw.com

then see if you can access that site from an ipad.
Sometimes things don't always do what you expect.

It is worth noting that some rules require sometime to be applied.. my access list looks like this and iOS devices are not able to communicate with update server

mesu.apple.com

appldnld.apple.com

swscan.apple.com

swquery.apple.com

swdownload.apple.com

swcdn.apple.com