Ivanti Blog: Posts by

The Key Benefits of Modernizing Your VPN and Bridging to a Zero Trust Model - Let Ivanti Show You

Tue, 26 Oct 2021 11:01:00 Z

I am excited to announce the launch of our latest network security offering known as Ivanti Neurons for Secure Access (nSA). This new cloud-based management solution will allow our existing L3 VPN customers using Connect Secure to take the next step in their journey toward a zero trust architecture. And this all can happen while still utilize existing Connect Secure VPNs that are already setup and configured. Ivanti firmly believes that a zero trust architecture is the path forward but realizes at the same time that VPN won’t be going away anytime soon. Some competitors in the market believe this but it just isn’t reality.

The biggest customer benefit of Ivanti Neurons for Secure Access in my mind is the time savings associated with streamlining management (see figure 1). Let’s drill down in two specific areas, gateway update management and analytics/visibility, to understand how customers will benefit from a Ivanti Neurons for Secure Access deployment.

Gateway Update Management

w/o Neurons for Secure Access

Administrator downloads update package and then uploads the package to each individual Connect Secure gateway, then selects to install. This is very time intensive, especially having to upload the update to each individual gateway. Usually around 30 minutes+, depending on how many gateways to update, connection speeds, update package size, etc.

w/Neurons for Secure Access

Administrator signs into nSA and navigates to the gateway to update. Administrator selects "Upgrade to version XYZ". Gateway is updated from Ivanti Neurons for Zero Trust Access (nZTA) with no further interaction from admin. Time savings can be minutes to hours, depending on how many gateways need to be updated, as the time involved here is literally less than a minute to upgrade.

Ivanti Internal Testing Comparison

30x reduction in time spent

Analytics and Visibility

w/o Neurons for Secure Access

Administrator would need to sign into each Connect Secure gateway individually to review user and data analytics. This can be very cumbersome and time consuming in large Connect Secure deployments as each gateway/cluster must be touched individually.

w/Neurons for Secure Access

Administrator signs into nSA and is able to review user and data analytics for entire deployment from a single pane of glass. For large deployments this can provide massive time savings for admins who only need to review one interface instead of each individual device.

Ivanti Internal Testing Comparison

2.5x reduction in time spent

Your mileage may vary but Ivanti believes administrators will see these productivity gains with Ivanti Neurons for Secure Access. My colleagues Nathan McLean and Scott Erickson have also written technical blog articles around Neurons for Secure Access and how Neurons for Secure Access is the easiest path to Neurons for Zero Trust Access.

For more information, check out our short demo below and our product page on Ivanti.com.

3Ps of Security: Protect, Prioritize and Patch

Thu, 07 Oct 2021 04:01:00 Z

Like a football or soccer team, security also has two lineups that must be continuously managed. One lineup involves protecting the digital assets and data of a business. The other: managing the security risk and vulnerability exposure of these environments and endpoints. The tension between these two lineups keep security and IT very busy.

There is a critical shortage of expert security professionals, which means no expanding the bench of talent, even if you can afford it. The day-to-day playbook for security boils down to the 3Ps: protect, prioritize, and patch. And do all three as best and fast as possible to keep ahead of adversaries and cyber threats.

If a security control fails, or is bypassed, there is an open gap to possible compromise. When a gap is detected, there is a rush to tackle the problem and to understand the root cause to block it from happening again.

However, the same urgency doesn’t exist in vulnerability management or patching. Ivanti’s recent survey Patch Management Challenges highlights this problem:

A daunting 61% of the IT and security professionals said that they receive requests from line of business owners to postpone maintenance windows once a quarter. Another 28% said that they get such requests once every month.

Cybersecurity Awareness Month presents a good opportunity to not only share what end users can do to protect themselves, but also to highlight challenges within the various disciplines of security.

One major challenge: prioritization. Gone are the days when professionals can predict the types and scale of attacks that the company many encounter. Also gone is the assumption that work environments are limited to a contained space where IT-controlled PC workstations are the center of productivity. There has been a monumental increase in acceleration of digital business as organizations pivot to respond to COVID-19 pandemic impacts. The playing field has dramatically changed as all businesses should consider they are working in a hostile environment. So how can businesses prioritize based on risk if they’re operating in an Everywhere Workplace with a constantly evolving threat landscape?

The three Ps of protect, prioritize, and patch aren’t meant to be siloed instructions that happen in subsequent order. In this new business environment, all three Ps must be continually active. According to our Patch Management Challenges survey, 53% of respondents say that organizing and prioritizing patches takes up most of their time. This would be equivalent to a player watching on the sidelines until halftime, while his role goes unfulfilled.

That means the team will have been playing without full bench strength and will have to come from behind to try to win. Ivanti’s goal is to get all security players the patch and vulnerability intelligence that gets them into action faster and with confidence. Patch intelligence means that when line of business owners request a delay or want to postpone maintenance to security, IT can clearly share the level of risk that they are exposing the business to by delaying action.

Ivanti’s Patch Intelligence release this month continues to provide the insights needed to accelerate remediation, as it now supports macOS endpoints. This couldn’t have come at a better time as more work-from-home systems are MacBooks. Quickly shifting organizations sought systems to support their remote workers, and many opted for macOS systems because they tended to have less malware and threats, while others had to resort to macOS because this was the only type of system they could procure at the time. However, its notable that the increase in the business use of these systems has also coincided with critical vulnerabilities appearing in the last few months.

Apple has patched a critical macOS vulnerability (CVE-2021-30657) that has been exploited by Shlayer malware for months. This was reported by the vendor with a severity of 5.5 looking at the vulnerability in isolation; however, this vulnerability has been weaponized with an available exploit. The Ivanti Patch Intelligence and Vulnerability Intelligence (formerly RiskSense VULN KB) solutions scores this vulnerability based on a wide perspective of threat intelligence and expert insights. In this case, this vulnerability scored a 10, the highest priority for remediation.

This is where having the right prioritization, akin to the coach giving the plays on the sidelines, helps everyone to move quickly against security risks. We know it’s not easy. Ivanti is in the business to make that easier.

The big takeaway: like on any great team, protect, prioritize and patch need to be in sync and operate in simultaneous alignment. None of them can win the game alone.

Ready to learn more? We’ve compiled resources to get you on top of the game.

Report: Patch Management Challenges
Infographic
Webinar: October Patch Tuesday
Webinar: 3 Secret Elements that Accelerate Risk-Based Patch Management

Cyber Attacks ‘Be Cyber Smart and Avoid Collateral Damage’

Fri, 01 Oct 2021 10:00:00 Z

Cybersecurity Awareness Month, now in its 18^th year, is an opportunity to highlight the continually escalating conflict that is, for the most part, hidden from the public – unless it becomes media-worthy. Every day, those who are responsible for security (IT staff, threat and security analysts to CISOs) face new challenges. Digital transformation has accelerated at hyperspeed because organizations are focused on adjusting to COVID-19 disruptions. And that’s not the only dynamic changing the threat landscape and driving a need for a different approach to security and risk management.

Those with malicious intentions have an easier time targeting and disrupting than ever before. Conflicts have moved from geographies into cyberspace. We’re seeing rampant activity from ransomware families and threat actors associated with APT groups attributed to nation-states – and even some for-hire.

As a baseline, all businesses should consider that they are working in a hostile environment. That means being concerned with their attack surface, risk exposure, and whether their security controls are effective. This is not necessarily because they are a specific target, but rather because they’re part of a broader ecosystem that adversaries are targeting. Finance, telecommunications, and healthcare have always been targets for the monetary value of their data. Now the ecosystem is broadening. Industries that previously felt immune are no longer protected. Today we’re seeing such wide-ranging industries as meat-processing plants, schools, and regional transportation services coming to a halt because of ransomware attacks. It feels different because it is different. And yet we still don’t know the whole story. The number of organizations experiencing breaches is not widely publicized (for PR, logistical, and a host of other reasons), and it can be assumed that breaches occur even more frequently than the estimated reports.

Adversaries are automating, and ransomware as a service is accelerating the speed at which one point of exposure, or a lapse in a security control, can bring down a business. You could consider this collateral damage of doing business in a hostile cyber environment, letting your guard down, or being unprepared for changes in the threat landscape. Or you could take action.

There is a Norwegian proverb that says, ‘There is no such thing as bad weather’ just bad clothing.’ Ivanti continues to provide the solutions that secure and protect business and the Everywhere Workplace. This includes addressing the rapidly evolving challenges of business in this hostile cyber landscape.

The need is constant – it certainly doesn’t wait for this month – but Cybersecurity Awareness Month is an opportunity for everyone to evaluate their situation and get up to speed on what they need to thrive in – not just survive – this new business landscape. We’re glad to have the chance to educate about the latest cybersecurity challenges and ways to overcome them.

Make sure to check out the Ivanti blog each week in October. Ivanti will be bringing out new materials designed to inform our prospects, customers and partners on the best ways to navigate the security space with the most value and protection available. From endpoint security to vulnerability management to network security and more, Ivanti has you covered. Here are just a few of the items we have planned:

Week of October 4^th

^{-New survey results}

^{-Infographics}

Week of October 11^th

^{-Examining phish and ransomware}

^-^{Patch Tuesday Webinar series}

Week of October 18^th

^{-Knowledge quizzes}

^{-Interviews with Ivanti senior security professionals}

Week of October 25^th

^{-Watch for something new!}

Ivanti secures the Everywhere Workplace. Learn how our world-class solutions blend hyperautomation and leading-edge protection for the simple, powerful answers your IT team is looking for.

Thanks for recognizing Cybersecurity Awareness Month with us!

What’s Important in 2021? – Bold Predictions in the Digital Workplace and Delivering Security with a Remote Workforce

Mon, 01 Feb 2021 22:10:43 Z

At Ivanti, our highest priority is our customer. With that in mind, I thought it would be a good idea to share some research that my team and I have found valuable as we have migrated through the COVID period. The two pieces of Gartner research, highlighted below and linked to on our landing page below, really hit home at Ivanti so we wanted to share them with all of you.

The first piece, “Predicts 2021: Digital Workplace Infrastructure and Operations¹”, centers around predictions for 2021 when it comes to one of Ivanti’s key focus areas. The makeup of digital workplace infrastructure and operations can make all the difference in the world in terms of delivering to the bottom-line. These types of research pieces are always helpful to make sure you don’t miss anything and you can see some of the broad strokes the year may have in store. Gartner does a great job with these pieces because they have a deep bench and strong expertise on the topic. An added bonus here, if you are a geek like me, is the ability to go back later in the year to see how many have happened and how many are yet to come.

Here are some specific thoughts on why we believe this piece is important:

Great statistics and recommendations on why and how users can deliver unified endpoint management (UEM), security, along with how to tie that in with automation. Sound familiar?
Cloud-hosted workplaces and cloud workplace infrastructure adoption are key and will be continuing to accelerate moving forward.
Further research on this topic is noted and linked inside the piece itself

The second piece, “Designing Security for Remote-Work-First Enterprises²”, centers around remote working and thinking about security in that context – a favorite topic in today’s day. We aren’t going back to the office any time soon unfortunately, but there are ways to maximize our efforts. Security with a majority of the workforce at home has now moved to the front of the line in terms of critical issues.

Here are some specific thoughts on why we believe this piece is important:

Security teams are being challenged in news ways and must adopt a new way of thinking in this area
Remote access infrastructure is noted as a critical service
Good descriptions of how different players interact in this area

Special thanks to my new team as they have really done their collective homework. We hope to continue to delight you the customer more here in 2021 and beyond.

You can find more great Ivanti content at ivanti.com.

More to come, always!

-Mike Adams

¹ Gartner, Predicts 2021: Digital Workplace Infrastructure and Operations, Stuart Downes, Dan Wilson, Nathan Hill, Michael Silver, Chris Silva

² Gartner, Designing Security for Remote-Work-First Enterprises, Jeremy D'Hoinne, De'Onn Griffin, Rob Smith, 30 June 2020