CSE SonicWall Deployment - NinjaOne
Purpose
This solution is designed to detect endpoints without SonicWall Cloud Secure Edge and deploy the client automatically across Windows devices.
Associated Content
Compound Conditions
| Content | Type | Function |
|---|---|---|
| CSE SonicWall Deployment - Servers | Compound Condition | Used to target supported Windows Server devices for automated CSE installation. |
| CSE SonicWall Deployment - Workstations | Compound Condition | Used to target supported Windows Workstation devices for automated CSE installation. |
Automation
| Content | Type | Function |
|---|---|---|
| SonicWALL CSE App Deployment - Windows | Script | Installs the CSE SonicWall agent on Windows devices. |
Custom Field
| Content | Type | Function |
|---|---|---|
| cPVAL CSE Deployment | Custom Field | Controls deployment logic during automation and compound condition evaluation. |
| cPVAL CSE Deployment Key | Custom Field | Stores the CSE Deployment key used during authorization and deployment. |
| cPVAL CSE InviteCode | Custom Field | Stores the CSE Invite Code for the installation. |
Implementation
Step 1: Create the following Custom Fields
Step 2: Import Automation Scripts
Import the following automation scripts:
Step 3: Configure the following Compound Conditions
Create the following compound conditions targeting the appropriate device policies:
FAQ
Q: What devices are supported by this solution?
A: This solution supports Windows Server and Windows Workstation devices that meet the requirements defined in the associated compound conditions.
Q: What is the purpose of the cPVAL CSE Deployment custom field?
A: This custom field controls whether a device is eligible for automatic SonicWall CSE deployment and is evaluated by the compound conditions.
Q: What information is required before deployment?
A: The following custom fields OR variables must be configured:
Custom Fields
- cPVAL CSE Deployment
- cPVAL CSE Deployment Key
- cPVAL CSE InviteCode`
Variables
- InviteCode
- Deploymentkey
Q: How does the solution determine whether SonicWall CSE should be installed?
A: The compound conditions identify devices where the SonicWall CSE client is not installed and where deployment has been enabled through the custom field configuration.
Q: Can different Deployment Keys and Invite Codes be used for different organizations or locations?
A: Yes. The custom fields can be configured at the Organization, Location, or Device level, allowing unique deployment settings for different environments.
Q: Will the solution reinstall SonicWall CSE if it is already installed?
A: No. The deployment logic targets only devices where the SonicWall CSE client is not detected.
Q: How can automatic deployment be disabled?
A: Automatic deployment can be disabled by updating the cPVAL CSE Deployment custom field or removing the device from the applicable deployment scope.
Q: Can this be manually triggered for a single device?
A: Yes. The SonicWall CSE deployment script can be executed on-demand from the device's Automation menu within NinjaOne.
Q: What happens if the installation fails?
A: Review the script execution output in NinjaOne and verify that the Deployment Key and Invite Code are configured correctly before rerunning the deployment.
Q: Does the installation require a user to be logged in?
A: No. The SonicWall CSE desktop app supports zero-touch deployment, so the app can be installed and staged silently without a user being logged in.
A user login is only required later to launch the app in the user context and complete user association if needed.
If no user details are provided during deployment, the device is registered in a “STAGED USER” state until a user signs in.
Changelog
2026-06-08
- Initial version of the document