Showing results for 
Search instead for 
Did you mean: 

How to block iPhone and allow to charge

I had this issue before and now I know how to configure. Here's the solution:

On ePO 5.9.x or 5.10:

1. Go to Policy Catalog > Data Loss Prevetion 11 > Default Windows Cliente Configuration > Plug and Play

You can see the iPhone Protection Mode. Select Block but allow charge


2. Go to DLP Policy Manager

2.1 Actions > New Rule Set

2.2 Put a name and description

2.3 Open the rule and click Device Control

2.4 Actions >Plug and Play Device Rule

Condition tab

End-user: is any user (ALL)

and Plug and Play is one of (OR): All apple devices (default)

Exceptions tab:

Enable Excluded Users: End-User belongs to one of end-user groups(OR): put the group from AD allowed to access iPhone storage.

Reaction tab:

Action: Block

User Notification: Put anything that you want to show information

Report Incident: mark the checkbox

Computer disconnected from the corporate network: React the same way as connected system

Computer connected to corporate network using VPN: React the same way as connected system

2.5 Save

2.6 Remember to Change State of the Rule to Enable

2.7 Go back to DLP Policy Manager > Policy Assignment

2.8 Actions > Apply Selected Policies


This will block iPhones for ALL users except people from the group you select, but anyone will be able to charge iPhone on the USB.


Labels (1)
1 Reply
Level 9
Report Inappropriate Content
Message 2 of 2

Re: How to block iPhone and allow to charge



I'm going to test this out in my enviroenement on a select few and see wat happens.  🙂

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator