I would like to prevent devices from downloading iOS 7 while using networks we control. We have MDM capability and firewalls, but I'm not sure what the the minimal ports and destinations that should be entered into a firewall to prevent downloading iOS 7 over the air via WiFi network.
What can be done to prevent iOS 7 downloads to save bandwidth and save storage space on our devices?
Bonus points for describing any issues / other things that this block might affect such as App Store updates or downloads. Extra bonus points if this could be accomplished by a profile or other means than network control. I'm more focused on not having devices download the update than how that happens.
Best Answer
Apple uses the following hostnames for distributing OTA updates:
Blocking access to these hostnames should prevent iOS from downloading the updates, resulting in one of the following errors, based on whether the device has knowledge of the update or not before the access is blocked:
Unable to Check for Update: An error occurred while checking for a software update.
iOS devices use the following XML file to find the relevant update and download file:
Blocking access just to this file should be sufficient providing that the devices have no knowledge of the update prior to your blocking.