Connection scheduling device policy
You create connection scheduling policies to control how and when user devices connect to Endpoint Management. Note that you can configure this policy for devices enabled for Android Enterprise as well.
You can specify that users connect their devices manually, that devices stay connected permanently, or that devices connect within a defined time frame.
To add or configure this policy, go to Configure > Device Policies. For more information, see Device policies.
Android, Android Enterprise, and Chrome OS settings
Require devices to connect: Click the option you want to set for this schedule.
- Always: Keep the connection alive permanently. Endpoint Management on the user’s device attempts to reconnect to the Endpoint Management server after a network connection loss and will monitor the connection by transmitting control packets at regular intervals. Citrix recommends this option for optimized security. When you choose Always, also use for the device Tunnel Policy, the Define connection time-out setting to ensure the connection is not draining battery. By keeping the connection alive, you can push security commands like wipe or lock to the device on-demand. You must also select the Deployment Schedule option Deploy for always-on connections in each policy deployed to the device.
- Never: Connect manually. Users must initiate the connection from Endpoint Management on their devices. Citrix doesn’t recommend this option for production deployments because it prevents you from deploying security policies to devices, thus users will never receive any new apps or policies.
- Every: Connect at the designated interval. When this option is in effect and you send a security policy such as a lock or a wipe, Endpoint Management processes the action on the device the next time the device connects. When you select this option, the Connect every N minutes field appears where you must enter the number of minutes after which the device must reconnect. The default, and minimum value, is 120.
Define schedule: When enabled, Endpoint Management on the user’s device attempts to reconnect to the Endpoint Management server after a network connection loss and monitors the connection by transmitting control packets at regular intervals within the time frame you define. See Defining a connection time frame, next, for how to define a connection time frame.
- Maintain permanent connection during these hours: Users’ devices must be connected for the defined time frame.
- Require a connection within each of these ranges: Users’ devices must be connected at least once in any of the defined time frames.
- Use local device time rather than UTC: Synchronize the defined time frames to local device time rather than Coordinated Universal Time (UTC).
Defining a connection time frame
When you enable the following options, a timeline appears where you can define the time frames you want. You can enable either or both options to require a permanent connection during specific hours or to require a connection within certain time frames. Each square in the timeline is 30 minutes, so if you want a connection between 8:00 AM and 9:00 AM every weekday, you click the two squares on the timeline between 8 AM and 9 AM every weekday.
For example, the two timelines in the following figure require a permanent connection between 8:00 AM and 9:00 AM every weekday, a permanent connection between 12:00 AM Saturday and 1:00 AM Sunday, and at least one connection every weekday between 5:00 AM and 8:00 AM or between 10:00 AM and 11:00 PM.