VPN agent must have functionality:
> Scan/read OS patch status, version.
> AV agent name, version.
> Windows FW & Defender status.
> Logon history tab, so that user will know who and when was previous logon done from their system, agent must also fetch from NGFW, is there any other user logged in from same account from a different machine. This also helps in identifying unauthorized logon attepts.
> Diagnostic tab on VPN agent similar to XG for TShoot.
> Dark Theme UI.
> If multiple ADs are configured and those ADs have diferent domains then VPN agent must get drop down like Cisco VPN to which AD user has to login. Should also have option to hide AD naming convention on VPN agent. For example - We don't want Wipro users seeing name of Infosys AD.
> Stronger Auth protocol support like TLS v1.3 for SSLVPN.
> Logging & Reporting - If logs are detailed TShoot becomes easier for us as well as Sophos support, contact support tab - user must know whom to contact & escalate from their organization in case of issues. Highlight if Split/Full tunnel is configured. Connected overall time, Start time and end time, Data in and out on each session.
> Tab to show from which IP VPN is connected, it belongs to which country (some organizations allow specific countries to connect, which means user must be connecting from and within those countries only)
> VPN interface must get DNS suffix and prefix if any pushed by DHCP Server, this made us lose in 1 customer place to PaloAlto. In short whatever DHCP can push to an VPN interface must be supported.
> SonicWall SMA supports self enrollment of users for VPN Access, something like that with security in place.