Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

Workaround/Solution to outbound connections (PDQ > Clients)

Hi,

Due to various cirsumstances, we need to replace our traditional IPsec VPN in the next few weeks. I have investigated/demo'd some modern VPN or VPN "alternative" services, which are fantastic; fast, secure, scalable, with granular access, etc. 

However, a few of these VPN solutions are "inbound only", that is inbound traffic only from the client > server, such as file server, application server, etc. This is fine, except, it breaks PDQ Inventory from scanning machines, and breaks PDQ Deploy from pushing out packages.

I understand a new PDQ agent is coming, which would solve this, but no dates have been suggested as far as I'm aware. Alternatively, I could use other tools, such as InTune, to deploy apps, but I would really miss PDQ Inventory. I rely on it so much to check the status of my endpoints and tie-in with deployments.

Are there any workarounds? Assume clients will have full connectivity to the PDQ server, but only if they establish it. What about polling for deployments? Or using scheduled tasks?  (This may only be a stop-gap before the new agent is released). All endpoints are domain-joined, but the PDQ server would not be able to resolve the addresses of these endpoint. 

Failing that, is there an expected date for the new agent yet? I don't want to have to choose between a new (better than the rubbish we have now) VPN solution or PDQ apps.

1

Comments

0 comments