Nomad Client Health Policy

Overview

Nomad is included as part of the 1E Client, and as part of that integration, we offer a Nomad client health compliance policy in Guaranteed State. This verifies common Nomad requirements such as ACP registration, disk availability, firewall exceptions, crash notifications and cache monitoring.

The Nomad client health policy replaces the client health tile in the Nomad dashboard plus additional remediation steps:

Keeps content distribution services up and running on Nomad clients, so that users are secure and productive
Ensures Alternative Content Provider (ACP) registration configuration is set
Maintains optimal disk availability and monitors cache size for storage capacity planning
Enforces Firewall exceptions.

This policy is intended for deployment to Windows devices only.

On this page:

Important considerations

Configuring and verifying

Before deploying the Nomad Health Policy you need to be familiar with its contents and comfortable that you want to apply it to the devices in your network.

By default, automated fixes in the Policies provided by 1E are not enabled, this means you will have to specifically enable the ones you want to use before they can take effect.

A new or updated Policy should first be verified by deploying it to a Management Group containing a small number of devices, reviewing the Guaranteed State reports, and confirming the checks and enabled fixes are working as expected. When you are comfortable with the results you can then deploy to larger Management Groups.

Please review the following specific considerations before verifying and deploying:

Rule

Considerations

Check rule: Ensure Nomad does not have its content indexed by ConfigMgr software inventory checks

Disable this check rule if the Nomad cache location has been changed from the default C:\ProgramData\1E\NomadBranch.

The corresponding fix rule is disabled by default.

Deploying

Target the Policy at separate Management Groups for Distribution Points and Nomad clients, containing only Windows devices.

If you have deployed your Nomad clients with different baseline settings then consider creating different Management Groups for them, so that it will be easier to identify the potental differences in compliance. Target all clients to begin with and then target different groups as required.

This policy is intended for deployment to Windows devices only, so in a cross-platform estate it is advisable to deploy this policy to a Management Group that is scoped to Windows devices. If you do target non-Windows devices then preconditions for the rules ensure those devices are unaffected and rules are reported as Not Applicable.