We are implementing Vulnerability Manager for our corporate LAN, which contains ~30 servers and ~15 workstation virtual machines, all of which are on the same local infrastructure and joined to our local active directory on premises (which syncs to our hybrid Azure/Entra AD). We have had no issue deploying the agent to any of our local machines.

We also have approximately 15 remote users whose laptops need the agent installed on then. These laptops are all MS Entra joined to our Azure AD and not our local AD; thse laptop users work from home in various states in the US (our corporate LAN is in our office in Chicago), and do not have an "office".  

Can you advise on the best method to deliver the agent and updates to these remote users who are not actually working in a remote "office", but simply out of there homes?  I assume it will be a specific way of defining a distribution server etc, but would like to understand the best way to achieve this. Our ISP at our corporate office is approximately ~250mbps outbound bandwidth, and because the work from home device count is fairly low, we should be able to handle delivering updates and managing the agent through WAN, but mainly would like the recommendation on the optimal way to configure, as majority of your documentation is for setting up a "remote office". Please advise or direct me to the correct KB article or document that I should be referencing for our scenario. Thanks in advance.

Sriram