We've just bought an Juniper SA4500. We had seen the NC client in use by other companies, and bought the Juniper appliance intending to use NC. But now we seem to have a choice of two different clients and no obvious criteria for choosing between them. Each seems to have some functions that the other does not have, but so far none of those differences is really compelling for us.
Anybody know if Juniper intends to replace NC with Junos Pulse, or if the Pulse client is aimed mostly at handheld devices?
Solved! Go to Solution.
What are your concerns about needing to duplicate roles? Is the duplication due to the need to have separate roles for Pulse or Network Connect?
You should not need to duplicate anything other than the VPN tunneling role and remove the VPN tunneling option from all other roles. This will allow the merge to happen and not require much duplication.
The bookmarks and other items can be assigned via resource profiles and users can be assigned those roles without an issue.
For example, we have
1) sysadmin users who are assigned interface X. There are Windows, Mac, Linux and mobile users in this group.
2) users who get specially assigned addresses from interface Y. There are Windows, Mac, Linux and mobile users in this group.
3) general users, who get addresses from interface Z. They are again on any imaginable platform.
4) Windows users who need the start-during-logon functionality.
All of the roles primarily use the VPN client to establish tunnels, not so much bookmarks or other functionality.
Obviously we don't need to accommodate NC users on category 4, but for every other category, my understanding is that I need to put an extra rule in the role matching logic that branches to role1-NC and role1-Pulse, role2-NC and role2-Pulse, role3-NC and role3-pulse depending on the platform the client is using, so we go from 4 roles to 7. This really becomes a bit annoying once we need to make changes, as they need to be replicated across all those roles, or when we need to add additional roles with separate VPN client interfaces.
Hey Carlo - 1st let me say I am just a little reseller - so I do not profess to speak for Juniper at all. Having said that I feel that Pulse is an absolute replacement for Network Connect.
It represents Juniper's universal client - running against all of Juniper's long term access solutions - UAC, SRX, SSL, WX. It is of course multi-platform with the release of the Apple IOS mobile, Android.... I think it is fair to say that it will make it's way to the OS/X platform sometime in 2011.
For a version 1 product is maps fairly well to Network Connect. There are some holes in tems of the current featue set vs NC (the Migration Guide has a good comparision chart) I would be confident that they will be addressed in future releases.
It also has pretty nice GUI from the user point of view. My customers find it quite cool and as they want to see the same user interface on their mobile device as on their PC I am getting a lot of push to get it up and running.
Short term, other than mobile devices I can't think of a single reason to migrate to it, other than it is bright and shiny. Long term I think it is the future user interface for all remote access - all platforms (alas excepting ScreenOS which is being left behind)...... Just my .02 cents.
As muttbarker said, they are similar at this time
Unfortunately, as you see, there is not much difference in the two clients.
Pulse has benefits if you are wanting to have users connect all the time (launch); it can help with having VPN on or not (based on location); and there are others, as you know, that are different between the two.
If this is not important for what you are looking at then Network Connect can be used without an issue.
It really comes down to which is going to be best for your users; there is no "right way" for the two L3 clients
Thanks mattspierce and zanyterp,
I will continue to have the user select the role upon login until I phase out NC or can get to a point where users know they can launch NC without going to the webpage everytime and clicking the start button. mattspierce I would use the restrictions as a way but the mix of users using Junos Pulse and NC is broad and covers all browsers for both clients.
is it possible on 7.4R6 when the user logs into the webpage/portal that he or she could choose which client they want to "Start" under the "Client Applications Sessions"?
Right now we have the Junos Pulse and than the Start button. We would like to have Network Connect and the start button as well.
Not within the context of a single role. Not near an SSL box so I can't test but I was trying to think what would happen if you setup two roles and used the merge feature. My gut says it won't work but it might be worth a try.
Nope you can't - at least within a single role. You might try setting up two roles, one with NC and one with Pulse. Do merge roles and see what happens. I think it won't work but it is worth a shot.