As many people can relate with, working with traditional VPN software agents can be a pain — not only from the constant authentication and clunky user experience but from a lack of visibility into what is going with your connection. While Zero Trust Network Access (ZTNA) removes much of the headache traditional VPN can cause (since ZTNA only routes relevant traffic through your company network instead of all traffic, for example), it’s not immune to flaws.
A common issue we hear from customers was how we managed and reported the current status of ZTNA within Jamf Trust, especially with captive portals — often used to present end users with a license agreement, login or payment that needs to be completed prior to being allowed to use the internet services. This is very common with airlines or other modes of transportation to allow customers to make purchases such as beverages or snacks or to allow additional information to passengers (such as journey details or maps).
Most modern operating systems (OS) provide standard support for the wireless internet service provider roaming (WISPr, pronounced "whisper") protocol that allows an OS to detect whether there is an internet connection, but this often leads to complicated configurations and confusing statuses on the device. In some cases a device will think it is connected to the internet when it is not.
These configurations are set up with good intentions to help improve the user experience by helping with navigation or reducing errors when connected to the in-flight network, but as you can imagine this essentially breaks a necessary ZTNA or VPN connection. This can leave the end user in an even worse state where they are unable to use the network whatsoever which means no movies, no internet and worst of all — no beverages or snacks.
Returning to what we mentioned at the start, this is exactly what was happening with Jamf Trust. End users often were frustrated and saw this as the fault of the app, so it was definitely a problem we needed to address. This is why we are very pleased to announce that this problem will now start to be a problem of the past.
Jamf Trust on macOS has recently launched better detection for this. In addition, it provides clearer end-user information within the app and via notifications when such a connection is unavailable. When a connection is unavailable, ZTNA will temporarily disable to ensure that internet traffic is not blocked; once the connection is restored the app will automatically reconnect to ZTNA and provide access to company resources — all without any user intervention. Ultimately with this resolution, no passenger should now need to worry about being able to watch those in-flight movies or purchase their favorite snacks.
This feature is now available for Jamf Trust on Android and macOS. It will be be available on iOS in mid-September. Windows is planned to be supported later this year.
Overall this provides an excellent example of our continuous pursuit in helping organizations succeed with Apple. Additionally, we are excited to help end users in knowing what is going on with their computer instead of having to guess why their computer isn’t connecting as expected.
Stay connected on the go with Jamf.
Have market trends, Apple updates and Jamf news delivered directly to your inbox.