I am hoping that someone can confirm my strategy, before me implementing the change to block iCloud Private Relay (iPR).
Apple states, "Some enterprise or school networks might be required to audit all network traffic by policy, and your network can block access to Private Relay in these cases. The user will be alerted that they need to either disable Private Relay for your network or choose another network."
Given that we use Jamf, my Apple admin states we will need to block any use of iPR.
What I read however in the link provided is that:
Cisco Meraki devices allow for filtering of websites by URL, providing both a way to block and whitelist a specific URL or an entire domain. However, when filtering by URL it is important to note that while you can whitelist a child address and block the parent address it is not currently possible to whitelist a parent address and block a child address.
This is a bit confusing to me as I need to black two specific child domains,
mask.icloud.com
mask-h2.icloud.com
I, unfortunately, am not at home where I could test this on my private network before implementing it, so I just want to make sure I am on the right track. I am looking to blacklist the two child domains but not have to whitelist the parent.
** I would want the parent and other child domains to still be accessible.
Am I just overthinking this? Is it as easy as simply blocking the two child domains?
Thank you for the help,
Eric