Hi, I am looking at ways to try to keep our mobile users with laptops updated with latest system patches and AV etc. I am having some issues trying to catch them online so I was wondering if there is any way we can use our deployment tools or script on client to determine if junos pulse client vpn connection is active and if yes, kick off the check-in for updates ? Thanks
Did you try to create a "Junos Pulse Connections" with auto logon of the machine? In this case the machine will try to connect the VPN as soon as it has connectivity.
A couple of thoughts come to mind...
develop a reporting script and configure the VPN role to launch at session startup
find a way to flag systems based on IP address, assuming your VPN IP pool is unique.
If you are looking for a trigger to launch your client update deployment tools/scripts while the VPN is active there are a few options:
1. Enhance your client side script to detect for a valid IP on the Pulse VPN virtual adapter (a valid IP is a good indicator that the Pulse VPN tunnel is setup)
2. Enhance your client side script to ping an internal resource that would only be reachable when tunnel is active. Use the success of ping as a trigger for your script
3. Use the VPN Tunnel role level option "Session start script". This option can trigger a script that is located on the client machine
Additionally if you would like to explore enforcing that a machine is updated with patches you should consider using Host Checker Predefined policies. There are pre-defined policies for most AV products and starting with release 8.1R1 there are predefined policies for a few patch management products.