cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1322
Views
10
Helpful
4
Replies

How does Umbrella Cloud Update for AnyConnect work exactly?

N3t W0rK3r
Level 3
Level 3

I'm looking at deploying an AC upgrade to our clients, and already have it set up on the ASA using webdeploy, but I'm concerned I wont hit clients that dont use VPN regularly, but who are on the enterprise network.

We use Umbrella and I was considering enabling the Cloud Update feature for AnyConnect from the Umbrella console, but I would like to understand the actual upgrade behavior better so that we can communicate this change to our users effectively.  If we turn this on, what will a client experience? What will they see?  Would it be similar to the dialogs that appear during a webdeploy upgrade of AC?

I understand that the upgrade wont take place while the user is connected to VPN, and that's fine, but what happens while they're on the corp network?  Is a reboot required?  Does the upgrade start seconds after I enable this in Umbrella?

Lots of questions, but I have not been able to find adequate documentation on this, and from what I can tell, there is no easy way to test this in a limited scope. Its all or nothing!!

Thanks in advance.

John

4 Replies 4

Hi @N3t W0rK3r 

The AnyConnect client will regularly communicate with Umbrella cloud to determine if there is an update. If enabled, then the client will download the upgrade, from memory there is a pop up, so you know the client is being upgraded, but a reboot is not required.

 

Yes, this is configured globally, so all or nothing. Some organisation rely on their internal management solutions, such as SCCM to push out upgrade packages, which would allow you to control the rollout.

 

HTH

Hey Rob, thanks very much for the reply.

Is a reboot not required even if the SBL module is a part of our AC configuration?

We will evaluate the use the SCCM for this purpose as well, thanks.

That's a good question, the Umbrella notes are unclear.

 

My previous anyconnect upgrades via Umbrella cloud did not have the SBL module installed and no reboot was required. I've just run a test, manually upgrading a client with SBL module already installed, this always seems to prompt for a reboot. I can only assume if Umbrella initiated the upgrade it would require a reboot.

 

Perhaps this is a question you could ask from Umbrella support to clarify. I no longer have an account so I cannot easily confirm this for you.

N3t W0rK3r
Level 3
Level 3

Thanks anyway... I'm pretty confident now that a reboot will be required, so as long as we mention that in the communications to staff, we should be good.

Cheers.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: