We have successfully blocked VPN's on our mobile iOS devices by checking for restricted apps and then locking down the device. It obviously does not see a VPN if a user manually sets one up? Is there any criteria I could use to find if they manually setup a vpn (not with an app)? I may try to do this more at network level if I have to.
@WhippsT @thejenbot We have found that the restriction you are speaking of does not allow users to configure manual VPNs, but it still allows apps to function. I saw this criterion a few months back and I am searching based on this. Seems to be working great!
I don't remember the topic I found these in, but whoever listed them - it has worked wonders.
Please consider upvoting this feature request: https://www.jamf.com/jamf-nation/feature-requests/2880/show-current-vpn-status
Reporting on applications with the word "vpn, betternet" etc. only reports that the VPN app was installed, but doesn't report on whether a VPN is actually configured. Users can manually configure the VPN via settings, VPN - without an application - and these VPN users are now invisible to your report. It's quite a major loophole for our student safeguarding.
I've already tried blocking manual creation of VPNs via a configuration profile - it stops creation of new, but if they were already in place, it leaves them alone! Given the report was only looking at app installs, not VPNs configured, the report was essentially useless - we were targeting some students who didn't have a VPN but did have an app, and missing some students who did have a VPN but no app!