VPN: Auto-Update SSL VPN Client
It would be nice if the SSL VPN client would automatically update itself from the UTM when the client connects and a new version is available.
At the moment the upgrade process for SSL VPN Client is something annoying. The users have to donwload latest version from UserPortal, uninstall actual version, install the new version. No one of my users do this. In a large enterprises the upgrade of all clients by IT admins is a very long process. The best would be that VPN Clients could auto-check for updates and, if a new version is found, ask to the user if he wants to upgrade (without uninstall-installi)
Please, that would be great.
If you can do it for RED you surely can for VPN clients.
Rolf Müller commented
Ohhh yes!! deploying and updating the SSL-VPN Client is really a mess in a larger Environment.
I would suggest the following procedure.
There should be a place where admins can download a .msi installer in Webadmin. This can be used to publish the install via SCCM WSUS or whatever. There should be an Option so that the install will flag the config dir as writable by the user. So finaly the user can add his config from the userportal.
The update within the application is also a nice idea, but usualy has a Problem with users not beeing local admins.
After somes UTM patches, the SSL-VPN client must be reloaded / upgraded. In this case, the user must be informed that the (old) allready installed client need to be updated with a choice button like: "Update now". Thank you .
Yes , it will be very usefull, anyway better than a green traffic light who doesn´t work after a UTM Patch ( by approx. 300 coworkers !)
The sslvpn client update could come from the cloud. But it would ensure that the client is at the version it should be for the sophos utm version. Or just updated to the latetst.
Scott Klassen commented
It would be nice if it could work like the Cisco Anyconnect client. Will automatically update the client if a newer version is available on the "server" (Cisco ASA in the case of this example). This upgrade process provides notification to the user, but happens without user interaction. The user needs no administrative priviledges for this to happen, as the install is run by the Anyconnect service (as LocalSystem). This last part is very important for business usage. Users running as admin is sssoooo 2002.
Kyle Stewart commented
I think notifying them to update their client would be awesome.
Hi thorsten, can you provide a bit more information about what you are after here? Simply letting the end-user know they should update to the latest client offering of the ASG?