If your users are already using the Juniper SSL VPN

If your users are already using the Juniper SSL VPN solution today, using just an Active Directory username and password, you need to decide the migration path: Force everyone to use Digipass from day 1So once you have configured everything it will be impossible for users to work remotely if they do NOT have their Digipass. This is probably very hard to do unless you have a small number of users, and you can hand over the Digipass to all of them at the same time. Allow a few days/weeks of "transition" periodYou allow users to work remotely using their username and password for a few more days. Once they login with their Digipass for the first time, they are forced on using it every time in the future. Most organisation will choose for this option, since it will guarantee a smooth transition without users complaining they cannot work!2.3.1. Convincing usersNote that some people may ask for a 3rdoption, where they can work remotely without their Digipass even after they have successfully used the Digipass. This is a normal reaction since people have been used to work without this device for some time. They see it as a "burden": now they have to make a habit of always having the Digipass in their pocket...Obviously the whole point of implementing Digipass authentication is to improve security, so make sure you explain the users "why" this is so important.Do NOT give in, even if your manager or the big boss tells you to make an exception. If some users have the privileged of working remotely without Digipass, the solution makes no sense! Don't forget that the high level executives are the ones with access to the most sensitive information.