Connection scheduling device policy

Important:

Citrix recommends that you use Firebase Cloud Messaging to control connections from Android, Android Enterprise, and Chrome OS devices to Endpoint Management.

You create connection scheduling policies to control how and when user devices connect to Endpoint Management.

You can specify that users connect their devices manually or that devices connect within a defined time frame.

To add or configure this policy, go to Configure > Device Policies. For more information, see Device policies.

Android, Android Enterprise, and Chrome OS settings

  • Require devices to connect: Click the option you want to set for this schedule.

    Important:

    The Always option is not available to customers who began using Endpoint Management with version 10.18.19 or later. It is available to customers who started using Endpoint Management before version 10.18.19, but Citrix does not recommend turning it on.

    • Always: Keep the connection alive permanently. Endpoint Management on the user device attempts to reconnect to the Endpoint Management server after a network connection loss and monitors the connection by transmitting control packets at regular intervals. When you choose Always, also use for the device Tunnel Policy, the Define connection time-out setting to ensure the connection is not draining battery. By keeping the connection alive, you can push security commands like wipe or lock to the device on-demand. You must also select the Deployment Schedule option Deploy for always-on connections in each policy deployed to the device. The Always option is disabled by default.
    • Never: Connect manually. Users must initiate the connection from Endpoint Management on their devices. Citrix doesn’t recommend this option for production deployments because it prevents you from deploying security policies to devices, which means users never receive any new apps or policies. The Never option is enabled by default.
    • Every: Connect at the designated interval. When this option is in effect and you send a security policy such as a lock or a wipe, Endpoint Management processes the action on the device the next time the device connects. When you select this option, the Connect every N minutes field appears where you must enter the number of minutes after which the device must reconnect. The default, and minimum value, is 120.
    • Define schedule: Endpoint Management on the user device attempts to reconnect to the Endpoint Management server after a network connection loss. Endpoint Management and monitors the connection by transmitting control packets at regular intervals within the time frame you define. See Defining a connection time frame, next, for how to define a connection time frame.
      • Maintain permanent connection during these hours: Users’ devices must be connected for the defined time frame.
      • Require a connection within each of these ranges: Users’ devices must be connected at least once in any of the defined time frames.
      • Use local device time rather than UTC: Synchronize the defined time frames to local device time rather than Coordinated Universal Time (UTC).

Defining a connection time frame

When you enable the following options, a timeline appears where you can define the time frames you want. You can enable either or both options to require a permanent connection during specific hours or to require a connection within certain time frames. Each square in the timeline is 30 minutes, so if you want a connection between 8:00 AM and 9:00 AM every weekday, you click the two squares on the timeline between 8 AM and 9 AM every weekday.

For example, the two timelines in the following figure require:

  • A permanent connection between 8:00 AM and 9:00 AM every weekday
  • A permanent connection between 12:00 AM Saturday and 1:00 AM Sunday
  • At least one connection every weekday between 5:00 AM and 8:00 AM or between 10:00 AM and 11:00 PM

Image of Device Policies configuration screen

Connection scheduling device policy