We would like to have our system check remote hosts to make sure that the BES client is working when they login to the network remotely.
Initially I’d like to just check for a standard stable registry setting and if they pass allow them through. Ideally I’d like BigFix to push a file to the workstation and then have our system check for that file when they login through the firewall.
So what are some stable reg settings I can check for and how do I push a file out to clients when they aren’t connected to my internal network (I do have an external relay)?
The ComputerID is set (non-zero) at “HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\GlobalOptions”
There is a log file in the last couple days at “C:\Program Files\BigFix Enterprise\BES Client__BESData__Global\logs”
If you have an external relay, then you can push files the same way as if they were on your network…
Here is an idea:
Set a basic BigFix policy to write out a reg key with the current time every 24 hours… Then you can check that reg key has been updated in the last 24 hours (indicating that BigFix was functional or you had someone determined to fool you).