I have struggled through a working day to manage to get iPhones blocked using a particular policy, using the guid/device id ( thanks to dev viewer ) - which work
But, i can't prevent the dependancies running, ie : Itunes.exe, ituneshelper.exe, or mDNSResponder.exe. I have followed ;
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007092616264848
but the above proccesses are still being allowed to run despite being in specified rule set to 'block ''
i have enabled the rule for all directory access ie :
c:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\iTunes\iTunesHelper.exe
c:\Program Files\iPod\biniPodService.exe
Yet.. they are continue to run.