Ivanti Blog: Posts by

NEW! Set Windows 10 Default Apps with Ivanti Environment Manager

Thu, 21 Mar 2019 21:23:05 Z

Ivanti is always looking to help IT simplify the administration of Windows 10 environments and with thanks to our talented development team over in 's-Hertogenbosch in the Netherlands, we’re delighted to announce a number of new tools to ease Windows 10 administration when utilizing Ivanti User Workspace Manager:

Set Default Browser
Set Default Mail Client
Set Default PDF Viewer

Each of these utilities can be called from an Environment Manager configuration and triggered to apply at logon, to ensure users have the correct default applications in place for their session.

Each zipped tool file contains a PDF file with usage instructions, an .exe file and an Environment Manager .xml Policy template file for importing:

These tools are easily implemented by copying the relevant .exe file to a fully accessible share for all users, and then importing the Environment Manager .xml Policy Template into either a new or existing configuration, on the User | Logon | Desktop Created trigger.

In this example, the Set Default Mail Client policy template is imported.

Once imported, a relevant node is created beneath the User | Logon | Desktop Created trigger which contains a custom action and a number of dependent Execute actions.

The custom action is used to trigger a 5 second pause to ensure the set x as default y Execute action is always applied after UWP application provisioning into the user’s session is complete.

From then, it is possible to enable your chosen default mail client from the list of actions provided.

Each Execute action points to the relevant tool copied earlier, in this example, SetMailClient.exe and contains a parameter to point to the chosen default application:

The -s parameter allows the relevant default app to be specified, in this instance Google Chrome.

Note: If the app name contains a space, then quotes must be used, e.g. -s “Microsoft Outlook”

All that is left to do is save and deploy the configuration to your endpoints.

Further Information

Additional default application options can be added to the configuration manually by adding further Execute Actions and specifying the -s parameter followed by the name of the application.

Running any of the tools without a parameter from the command line lists the available browsers, mail clients or PDF viewers, dependent on the tool used, within the user’s session, e.g.Running any of the tools with the -i parameter will list the default browser, mail client or PDF viewer, dependent on the tool used, currently set within the user session:

These tools are now available to download from the Ivanti Marketplace.

NEW! File Director 2018.3 – Windows Client Cache Management

Tue, 04 Dec 2018 23:12:16 Z

Ivanti File Director has been steadily growing its customer base in the last few years, solving problems related to sync and roaming of local files on Windows and other devices, and doing it securely over HTTPS with zero user disruption or change in user behavior.

As this solution has matured we wanted to provide new options to manage the time for which a user’s synced files remain on an endpoint. This solves problems for devices with limited storage capacity, as well as making the client more suitable for virtual and non-persistent desktops (where caching adds little benefit).

In File Director 2018.3 it is now possible to remove cached files on the endpoint, based on the last access time of files. Exclusions can be configured to ensure that certain files types, .PDF files for example, remain in the local endpoint cache, irrespective of their last access time, whilst other file types are removed after a period of inactivity.

How it works

This new feature is disabled by default and is configured via an engineering key. A configurable grace period value can be specified, in seconds, with a default period of 5 minutes. Any files within the local endpoint cache whose last access time is less than the current time minus the grace period, will be considered for deletion from the cache.

A file, or files, may be excluded from the cache clean-up by adding its file extension to a set of existing exclusions in the registry. A default exclusion is automatically set for .PST files, the Personal Storage Table format, used by Microsoft Outlook personal messages, calendar events and other mail items.

Once a file has been considered for deletion, File Director checks that all of the criteria have been satisfied:

The File Director client is online
The file is in-sync, i.e. no uploads are pending or in progress for the file
The file exists both locally, on the endpoint, and remotely, in the designated file store (so as to avoid data loss)

If the above criteria are satisfied, the file, or files, will be marked for deletion from the endpoint cache. If any of the criteria is not met, File Director re-tries once the file is in-sync or when the File Director client becomes online.

If the file is locked and cannot be deleted, File Director will retry at the next File Director client logon or when the client becomes online from an offline state. However, typically a file close is triggered following the file becoming unlocked which would also re-queue the file for deletion.

Any file removed from the endpoint cache using this functionality will be audited.

Process exclusions automatically exist for applications such as explorer.exe and searchprotoclhost.exe that continually open and close files, as File Director is only interested in file access from the user themselves.

Enabling Windows Client Cache Management

To enable or disable Windows Client Cache Management, the following engineering key must be utilized:

Key: HKLM\SOFTWARE\AppSense\DataNow\CacheCleanupEnabled
Type: REG_DWORD
Value: 1 (Enabled) or 0 (Disabled)

Configuring a Grace Period

The Grace Period defines how long File Director waits after a file close before it removes that file from the endpoint cache.

The default grace period is set to 300 seconds.

Setting the grace period to < 10 seconds will result in the value being automatically re-set to a minimum of 10 seconds. This is because some applications will still be in the process of initializing when File Director attempts to delete a file they are opening, which could result in Access Denied messages.

To set the grace period:

Key: HKLM\SOFTWARE\AppSense\DataNow\CacheCleanupGracePeriod
Type: REG_DWORD
Value: 300 (Default)

Excluding processes from Cache Clean-up

To add a process exclusion (to ignore file access from specific apps):

Key: HKLM\SOFTWARE\AppSense\DataNow\CacheCleanupBlackList
Type: REG_MULTI_SZ
Value: explorer.exe, mspeng.exe, svchost.exe, runtimebroker.exe, searchprotocolhost.exe (Default)

Excluding file types from Cache Clean-up

To add a file type exclusion:

Key: HKLM\SOFTWARE\AppSense\DataNow\CacheCleanupExcludedFileTypes
Type: REG_MULTI_SZ
Value: pst (Default)

NOTE: any process exclusion or file exclusion engineering key change will be picked up automatically. However, all other engineering key changes require a File Director client logoff / logon or service restart before they are applied.

Summary

The new client cache management options provide an effective, low-maintenance way of ensuring the client cache sizes do not grow out of control, and that unwanted and unnecessary file data does not waste space on user devices. It also saves space in non-persistent sessions and virtual desktops where there is limited benefit in caching files.

For more information on Ivanti File Director, please see this page or join in the discussion on the Ivanti Community here.

NEW! Environment Manager 2018.3: OneDrive Cache Roaming for Virtual Sessions

Mon, 05 Nov 2018 18:42:07 Z

Back in March 2018, we released version 10.1 FR4 of Ivanti Environment Manager which included a new Cache Roaming for Virtual Sessions feature, primarily aimed at solving issues with persisting Office 365 offline caches in non-persistent Virtual Desktop Infrastructure (VDI) and Remote Desktop Server Host (RDSH) sessions.

This enables Microsoft Outlook .OST files to be persisted through use of redirection to a mounted Virtual Hard Disk (VHD) container, allowing mail folders to roam across different sessions, whilst also solving performance issues associated with the loading of large mail files at user logon.

The advantage of this approach is that it can also be used for other application caches that need persisting such as Microsoft OneNote of Skype for Business 2016/365 Global Address List.

However, a supported use case that was missing from the original implementation was the ability to persist Microsoft OneDrive caches.

OneDrive depends on a local cache being present for syncing cloud hosted files to the local endpoint. In non-persistent environments, this cache is lost at logoff and would need to be re-synced at each logon, which may cause performance issues, resulting in a poor user experience.

With the release of Environment Manager 2018.3, OneDrive Cache Roaming is now possible for non-persistent environments!

How is this achieved?

A VHD container is attached to a user’s virtual desktop or session allowing necessary folders within the user profile to be redirected to the container. Third party applications require zero reconfiguration and no changes are made to the user profile, making is seamless to the user.

OneDrive Cache Roaming for Virtual Sessions is configured through two Environment Manager Policy Actions:

Manage VHD – Mount an existing VHD or create and mount a new VHD.
Cache Roaming – Redirect an application cache to the VHD

Each action is configured, and can be used, independently but most commonly, they will be used together.

The actions are available from the Pre-Desktop and Desktop Created triggers at user logon and any mounted VHD is automatically detached at logoff.

From within the Manage VHD action, an IT admin needs to specify the location of an existing VHD file or choose to automatically create it if it doesn’t already exist.

In addition, a VHD Root Folder needs to be specified which is the root directory of where the VHD will be mounted. This folder will contain the VHD contents, such as the OneDrive Cache or Outlook PST files.

If creating a new VHD, the type of VHD also needs specifying:

Fixed – The size of the virtual hard disk is determined on creation and will always be the size set in the Max Size field.
- Note: This option offers better performance than expandable VHDs, however it can negatively impact logon times.
Expandable – The size of the VHD is variable and will grow to the maximum size as data is added.
- Note: Even though each user is provided with 1TB of free OneDrive for Business storage with Office 365, it isn’t necessary to set the Max Size of the VHD to 1TB as it is unlikely this full allocation of disk space will ever be used. However, the Max Size can be configured on a contextual basis, using Policy Conditions, to meet individual user needs.

Next, the Cache Roaming Action needs to be configured:

Select the OneDrive Cache template, which automatically adds OneDrive as the application.

A Tenant Name for your OneDrive implementation then needs specifying.

Finally, a Redirect Location needs configuring, which in this case, points to the VHD root folder created with the VHD Action earlier.

Conditions can be applied to both the VHD and Cache Roaming actions for context-aware control of OneDrive Cache Roaming for virtual sessions.

What happens on the endpoint?

When a user next logs on, a VHD will be created – if one doesn’t already exist – or mounted, and the user’s OneDrive cache will be redirected to a OneDrive subfolder in the root directory of the VHD.

When the user logs off from their sessions, the VHD will automatically be detached and then re-mounted at next logon.

This is all totally transparent to the end user, with their OneDrive Cache roaming effortlessly between non-persistent sessions.

This helps to ensure the success of OneDrive for Business implementations in non-persistent VDI or RDSH environments.

Concurrent User Access for Office 365 VHD Containers

In addition to the One Drive Cache Roaming for virtual sessions feature, Environment Manager 2018.3 also now supports concurrent user access for Office 365 VHD containers.

This enables a user within a non-persistent Windows environment to have multiple sessions running at the same time, for example to access Outlook from multiple virtual sessions.

The Cache Roaming capabilities within Environment Manager 2018.3 allow users to access their cache when working across multiple non-persistent sessions, further enhancing the Office 365 user experience.

For further details, please check out our Cache Roaming for Virtual Desktops Datasheet.

Ivanti Automation Integration With Ivanti Environment Manager

Wed, 10 Oct 2018 11:42:21 Z

How Ivanti Environment Manager Can Trigger an Ivanti Automation Task to Make a Change in AD Using an Automation Connector

INTRODUCTION

For former RES customers, it has always been possible from within Ivanti Workspace Control (formerly RES ONE Workspace), to launch Ivanti Automation tasks based on specific triggers occurring, for example, adding a user to a specific AD Group:

These automation tasks can be used to remove unnecessary burden on the IT department by automating common tasks that users require – thus saving IT time and money.

Below we discuss how Ivanti Environment Manager (formerly AppSense Environment Manager) can also be used to trigger Ivanti Automation Tasks.

With Ivanti Automation, it is possible to use Automation Connectors to configure automation tasks to achieve different outcomes. These automation tasks can now be triggered using the forthcoming version of Ivanti Environment Manager’s new Automation Action which communicates with an existing Automation Dispatcher to initiate configured tasks on-demand, as required.

USE CASE

We will use the same example as above – to add a user to an AD Group when a specific trigger occurs – this will be when a user launches WordPad.exe. This change in AD Group Membership could perhaps then be utilized to provide access to a certain file share or printer for a user.

In this example, a WordPad Users group exists in Active Directory (AD) but currently contains no users:

CONFIGURING IVANTI AUTOMATION

The Ivanti Automation Console is used to create an Automation Module that manages a specific Active Directory Group.

This is achieved by providing details of the relevant domain, including the WordPad Users group for which we want to manage membership:

From the Members tab, we specify the user we wish to add to the AD Group when the automation task is instigated:

That’s it from an Automation perspective!

CONFIGURING IVANTI ENVIRONMENT MANAGER

We will now utilize Ivanti Environment Manager to trigger the task via an Automation Agent installed on a Windows 10 desktop.

In this instance we will use a Process Started trigger - other triggers are available including, but not limited to, Computer Startup/Shutdown, User Logon/Logoff, Session Connect/Disconnect or Session Lock/Unlock - to configure when the Automation Task applies.

This is achieved by first specifying where the Automation Dispatcher resides and under which context we want to run the automation task:

Next, a Process Started node is created and Wordpad.exe is specified as the starting application:

Once added, an Automation Action needs to be configured beneath the User Process Name Condition:

From here, we can select the automation action Manage Wordpad Users Group created earlier in Ivanti Automation:

Once selected, this will appear beneath the User Process Name Condition on the Process Started Trigger:

The Environment Manager Configuration can now be saved and deployed to the Windows 10 endpoint.

TESTING THE CONFIGURATION

A user logs on to the Windows 10 desktop and launches WordPad.exe.

WordPad.exe runs and the Automation Task configured is executed immediately.

On the Administrative endpoint, within Active Directory Users and Computers, User1 will now be visible within theWordPad Users AD Group:

To see a short video of this in action, please follow this link.

From RES ONE Workspace to Ivanti Environment Manager: Just-In-Time App-V 5.x Apps

Wed, 11 Jul 2018 21:13:37 Z

When Ivanti acquired the two market-leading user workspace management vendors in AppSense and RES, it was always going to be difficult to develop and maintain two similar solutions that each offer unique and innovative ways of solving IT desktop configuration challenges. AppSense Environment Manager and RES ONE Workspace have, for many years, both been extremely successful in solving customer’s desktop challenges and so Ivanti had to find a common ground in terms of how to support both sets of customers, as one, moving forward.

Ivanti has been looking at ways of ensuring the most compelling and widely-used features available within the former RES ONE Workspace solution, can also be achieved using Ivanti Environment Manager, whilst offering existing, or new, Environment Manager customers the same powerful features set across the board.

Just-in-time App-V 5.x application package delivery is just one of these features. This enables App-V 5.x application delivery to be initiated by the user themselves, by clicking on an application shortcut delivered to the user’s workspace via Ivanti Environment Manager.

Working in conjunction with consultants from T4Change in the Netherlands, and utilizing a combination of native Environment Manager functionality and custom PowerShell scripts, Ivanti has now been able to replicate the just-in-time App-V 5.x delivery capabilities available in RES ONE Workspace within Ivanti Environment Manager. This v1 implementation is the first step towards a more native Environment Manager solution to this use case.

Configuring just-in-time App-V 5.x apps with Ivanti Environment Manager

Let’s assume the user would like to make use of Foxit Reader, delivered via App-V 5.x.

STEP 1: We need to perform a check to see if the App-V instance of Foxit Reader already exists for the user. This will allow us to determine whether we need to deliver the App-V instance at all, else, the delivery process can be started.

This is achieved with the help of an Environment Manager If Else Group Condition configured within the Pre-Desktop Logon Trigger, that runs a short PowerShell script to check for the existence of the app when the user logs on:

STEP 2: Next, by utilizing an Environment Manager Custom Action on the Computer Startup Node that makes use of another PowerShell Script, a dummy executable named ‘RefreshNow.exe’ can be generated on-the-fly when the computer is started up.

STEP 3: The path to where the Foxit Reader App-V content share resides can be set with an Environment Manager Set Environment Variable Action on the Pre-Session Logon Trigger, so that the value is set and in place before the user is fully logged on to their session.

STEP 4: A second variable, $App, which is the name of the application you want to publish - in this case Foxit Reader - is set using a PowerShell Custom Condition within the If Else Group Flow Control condition.

STEP 5: After these variables have been set, a shortcut to the newly configured ‘RefreshNow.exe’ dummy executable, which was created at Startup, is placed on the user’s desktop, using a Create Shortcut Action, which makes use of a parameter pointing to Foxit Reader.

STEP 6: When the ‘Refreshnow.exe’ dummy application is launched at Startup, a User Process Name Condition is invoked from the Process Started Trigger which contains the Foxit Reader application variable set earlier, in its parameter field:

STEP 7: Another Environment Manager Custom Action, configured with PowerShell, is then invoked, which adds the App-V package, with the correct path, to the actual App-V 5.x .appv file:

STEP 8: Once the .appv file has been updated, a package publishing operation is instigated, using another Environment Manager Custom Action employing PowerShell:

STEP 9: Finally, a Foxit Reader App-V application shortcut is created for the user with an Environment Manager Shortcut Action, making use of the variables configured earlier.

Once these few simple steps have been configured, the icon for the Foxit Reader App-V application shortcut will be present on their desktop at next logon.

For access to a full example configuration, along with more detailed instructions on how to set this up for other App-V delivered applications, please download the App-V Publishing Guide available from the Ivanti Marketplace.

Please try out this first version and do feedback any issues or enhancement requests you may have via our User Voice Portal.

Using Office 365? Ivanti File Director Saves You Money by Migrating Files to the Cloud

Fri, 25 May 2018 20:16:09 Z

Unlock 1TB of OneDrive for Business storage for every user!

Does your organization make use of Office 365? Are you aware that each of your users is entitled to 1TB of free OneDrive for Business cloud storage? Eliminate the cost of on-premises storage by effortlessly migrating user files to the cloud, freeing up server resources and reducing infrastructure management.

Ivanti File Director

Ivanti File Director employs In-Location Sync capabilities and a OneDrive Connector to effortlessly migrate user files from local devices and on-premises storage to OneDrive for Business cloud storage. There’s no need for user retraining as all file sync and migration actions are imperceptible to the user.

This allows centralization of your data in the cloud and eradicates costly and time-consuming management of data sprawl.

And by migrating user files away from on-premises datacenters, File Director enables organizations to make huge savings in storage costs.

Acting as a broker to your OneDrive for Business storage, File Director enables IT to have complete visibility of how OneDrive storage is being used. In addition, user files are made available immediately to any device or platform, or by syncing data either in real time, in the background or on-demand to make desktop migration projects easy.

Want to know more? Check out our two free whitepapers:

The 3 Biggest Obstacles to Windows 10 Migration

Fri, 27 Apr 2018 20:45:10 Z

Windows 10 presents an updated and unfamiliar interface that has the potential to confuse and frustrate users.

In fact..

Recent industry research from Dimensional Research reveals that almost..

1/3 of Windows 10 end-user early adopters were confused by the interface.

New features in Windows 10 like the Edge browser, Cortana, and Windows Store can increase confusion, security issues, and user resistance, which can delay or derail a migration project.

Not to mention the 3 biggest obstacles to a Windows 10 migration for enterprise users:

Roaming Profiles
Folder Redirection
Offline Files

So why make the change?

Migrating to Windows 10

One of the biggest drivers of Windows 10 adoption is hardware replacement. It is increasingly difficult to order new PC hardware that is supported in Windows 7 or 8.1, forcing IT departments without a Windows 10 strategy to stockpile old equipment, or to accept new devices onto the network with unmanaged versions of Windows.

Furthermore, Windows 10 introduces a new release cadence, with two releases a year that need to be centrally managed and deployed by IT to limit user confusion and potential application-compatibility issues.

Finally, continual architectural changes in the Windows platform are forcing IT departments to review their current practices for managing users and their workspaces, and consider what they will need to rework to address those challenges with Windows 10 endpoints.

1. Roaming Profiles

What is a Roaming Profile?

Roaming Profiles have been a Windows feature for many years, with the goal of ensuring personal settings are available to users when they log on to different endpoints within an organization. However, they have always been fraught with challenges.

Challenges of Roaming Profiles:

First, they are susceptible to bloat. As a user personalizes their desktop, changes to registry and file settings are saved to the network as part of the user’s roaming profile when they log off. The more changes the user makes, the larger these roaming profiles become.

When a user logs on, their roaming profile needs to be loaded across the network. A large roaming profile causes a logon delay as the profile is loaded across the network.

Migrating Roaming Profiles From Windows 7 To Windows 10

In Windows 7, a typical roaming profile would be 25-50MB in size. However, in Windows 10, a typical roaming profile is around 160MB – and that’s before the user has even started to personalize it! Over time, as the profile bloats, the user’s logon time lengthens, resulting in an impatient, unproductive user. Large roaming profiles are also prone to corruption when saving them across the network, causing data and productivity loss for the user and time loss for IT staff attempting to restore settings from backup.

Windows updates add further complexity and issues. Hybrid computing environments are common today, with users employing a variety of devices, platforms, and operating systems to get their work done.

For example:

Windows 7 introduced the v2 profile, where roaming profiles created in a Windows XP environment would no longer function as expected under Windows 7, causing issues for users who wanted to migrate their personal settings. This trend and similar anomalies have continued through each Windows release, with the original release of Windows 10 introducing a v6 profile.

Each feature update of Windows 10 could potentially a new profile version, as happened in the Anniversary addition. With two feature releases per year, supporting roaming profiles will be a complex and expensive endeavor.

2. Folder Redirection

What is Folder Redirection?

IT has employed Folder Redirection to ensure that users can access their files and folders, irrespective of which endpoint device they connect from. Folder Redirection works by redirecting common profile folders, such as Desktop, Documents, Favorites, etc., away from the user’s local endpoint in favor of storing files and folders in a central location on the network. It’s also a useful way of addressing elements of data sprawl where users typically store data locally on their endpoints.

Folder Redirection works well for endpoint devices that are located on-premises, safely within organizational firewalls.

Yet..

Challenges of Folder Redirection:

Folder Redirection can become an issue when on-premises locations containing user files are not accessible via endpoint devices for off-premises users. This can sometimes be resolved by use of a Virtual Private Network (VPN), where a user “tunnels” through the organizational firewall to gain access to specific resources. However, using a VPN adds complexity that can degrade the user experience, leading to user frustration and an increase in IT support tickets.

3. Offline Files

What is Windows Offline Files?

Windows’ Offline Files capability allows user files to be accessible locally when users work offline by attempting to sync user files and folders from the on-premises file share down to local endpoint devices. The Offline Files technology was introduced in Windows XP and hasn’t really changed in Windows 10.

Challenges of Offline Files:

Offline Files can cause sync issues so users are unable to access their data. For example, when a user’s file cache has been encrypted and the user changes their password, cached offline files become invalid. Additionally, when a user is employing a Distributed File System (DFS), Offline Files does not function well. When the user moves to an offline state, DFS shifts the entire tree path rather than the individual branch path, forcing far more data than necessary to be synced.

If connection speed is low, and a heavily loaded file server can practically stop serving files to users, it creates—you guessed it—more user frustration, less productivity, and more IT support tickets. Still more sync problems can occur when user permissions aren’t set correctly on the file server.

Having Migration Migraines?

Ivanti can help ease your pain!

Ease migration woes, improve the user experience, and ensure acceptance of Windows 10 migration projects with Ivanti solutions

Check out Migrating to Windows 10 With Ivanti: Migraine Managed to see how Ivanti’s solution specifically pinpoints roaming profiles, folder redirection, and offline files.

Want a fuller picture of just how effortless migration can be when challenges are overcome with Ivanti?

Windows 10 Migration With Ivanti: Migraine Managed

Mon, 23 Apr 2018 23:50:21 Z

In an independent, global survey of IT professionals conducted by Dimensional Research, it appears that although Windows 10 migration is limited, it is on the increase.

Over 1,800 IT professionals with responsibility for corporate desktops and laptops took part in the survey and were questioned on the status of Windows 10 adoption, their future plans, experiences, concerns, and more.

Of those surveyed, 93 percent of organizations have Windows 10 installed, but only 37 percent have it rolled out in production to a fraction of end users (only 10 percent have Windows 10 fully in production). Despite this slow start, 78 percent are looking to be fully migrated to Windows 10 by 2019.

However, many concerns still persist for organizations looking to migrate to Windows 10; in fact, 88 percent of those polled reported having significant concerns about moving to Windows 10. Application compatibility worries, the need for user training, and the manual effort required to migrate users and their workspaces are the top concerns. And the larger the organization is, the higher these concerns are.

Those organizations that have already begun their migration are still faced with user-related issues, including user confusion with the new interface and users resisting migration because they see no benefit to them in moving to Windows 10. Because of worries such as application compatibility, user confusion, and user resistance, 80 percent of the IT professionals surveyed are delaying their migration to Windows 10 while they attempt to address those concerns.

Effortless Migration With Ivanti

Are your users ready to leave their happy, familiar Windows 7 workspace behind? Are you? Windows 10 migration is daunting, but Ivanti technology significantly reduces migration complexity. Adopting the steps below will enable you to control the process, reduce surprises, eliminate Stealth or Shadow IT, and provide users with a familiar workspace—on top of a shiny, new, powerful operating system.

Step 1 – Baseline Your Existing Environment

To gain foresight and plan a future Windows 10 workspace that’s secure, compliant, and delivers a great user experience, we recommend analyzing existing user workspaces to identify potential performance bottlenecks, productivity limitations, and security vulnerabilities.

Ivanti Insight is a virtual appliance that can be installed on your existing desktop and server estate to collect and analyze data regarding user experience and endpoint security. An unobtrusive agent is deployed to endpoints either via Active Directory, third-party tools such as Microsoft System Center, or using our centralized deployment mechanism, Ivanti Management Center.

The Insight Agent collects data relating to the user workspace experience and uploads the data periodically to the Insight Appliance. Endpoints are analyzed to record metrics, including logon times, resource utilization, and application usage or privileges required to access resources. Details on how and where users are currently storing their files are recorded as a first step in preparing to migrate user files and folders—another necessary and problematic element in a Windows 10 migration scenario.

Insight provides a simple way to baseline existing environments before moving to Windows 10. Organizations can identify potential performance issues and security or compliance vulnerabilities, and use the data to ensure optimum user experience post migration to drive user acceptance of Windows 10.

Step 2 – Centralize Management of Users’ Personal Settings

Ivanti Environment Manager decouples users’ personal settings from the workspace and manages this data independent of the device.

This provides centralized management of user settings while enabling user settings to be applied dynamically to any workspace, regardless of the delivery method or operating system.

This offers a far more efficient and robust alternative to roaming profiles and eases Windows 10 migrations, break/fix, Citrix-related migrations, desktop transformation projects, even on-premises to cloud projects.

Environment Manager makes use of a three-tier architecture for optimum performance, built-in failover, disaster recovery, and business continuity, to ensure unlimited scalability across distributed, geographic locations.

Environment Manager virtualizes users’ changes to application and operating system settings. It then compresses and stores both locally, for offline access, as well as centrally—either on-premises or in the cloud. This ensures that personalized settings can be streamed, on-demand, to any user workspace or operating system, irrespective of how the desktop or applications are delivered.

For Windows 10 migration projects, Environment Manager captures settings that already exist in legacy local or roaming profiles and delivers this personalization instantly on-demand to new Windows 10 workspaces. Delivery can include all elements of the profile or just selected application or operating system content.

By applying user settings on-demand, IT can cater to increasingly mobile users, moving users effortlessly between platforms and operating systems with no negative impact to the user experience. In fact, personalization delivered by Environment Manager is proven to speed up user logons and eliminate profile-related support calls, improving the user experience.

Additionally, while a typical Windows 10 roaming profile is 160MB, Environment Manager-stored user personalization data saved in the SQL database is around 10MB per user, reducing storage costs and freeing up disk space for other uses.

Delta changes to personalized settings are also saved in the SQL database, so if profile inconsistencies occur, personalization settings can be rolled back on a per-user, per-application basis to a known good point in time by the user or by IT, without affecting any other aspect of the user profile. This ensures the highest user productivity and eliminates profile-related support tickets.

Step 3 – Application Control and User Privileges

The threat of ransomware, unlicensed software, or non-productive applications being introduced to Windows 10 endpoints—either via the Windows Store or traditional means—can be eliminated using Ivanti Application Control.

Its unique Trusted Ownership model provides an easy-to-manage alternative to traditional whitelisting and blacklisting. This approach protects endpoints from zero-day threats and eradicates the problem of out-of-date reactive solutions such as antivirus software that needs to know about a threat before it can download and apply update definitions.

With Application Control, Trusted Ownership security is delivered out-of-the-box and works by examining the NTFS owner of an application. If an application or executable is introduced to the user workspace, Trusted Ownership considers that app or executable to be owned by the user that introduced it. ‘Trusted’ apps and executables are owned by a ‘Trusted Owner’, e.g. an administrator or software deployment system such as Microsoft System Center, and can be installed and run by the user. Apps and executables introduced or installed by ‘untrusted’ owners like standard users are instantly prevented from running. Additionally, applications or executable code attempted to be run or installed from network drives or removable media such as USB drives or CDs are also prevented automatically unless otherwise stated.

Traditional whitelisting and blacklisting technologies typically require ongoing maintenance when new service packs or upgrades are released, which can result in high IT support costs. In addition, these types of solutions are often bypassed by renaming an unknown or black-listed application to that of an application on the whitelist. Trusted Ownership alleviates the IT burden associated with application control solutions that require ongoing maintenance of whitelists when an application or OS component requires patching.

White and blacklist configurations can still be used in conjunction with Trusted Ownership to control known applications that pass the NTFS owner check. Applications that users should not have access to, such as administrator-owned tools like cmd.exe or ftp.exe, can be denied automatically. Alternatively, using whitelists in conjunction with digital hash checking can guarantee only known, trusted applications can execute on an endpoint.

Application access in Windows 10 environments can be tailored with security and compliance in mind, using Environment Manager’s context-aware policies. Access is dependent on the user, where they’re logging on from, when, and how. These rules are based on Groups, Users, Devices, Processes, or custom rules to target specific scenarios when users should or shouldn’t be allowed access to specific applications.

Due to these flexible application-control techniques, Ivanti Application Control is recognized by Microsoft for enforcing device-based software licensing. By governing which users or devices have permission to run named applications, limits can be placed on the number of application instances, the devices or users that can run the application, when users run a program, and for how long. This helps to reduce software license costs when migrating to Windows 10.

To enable regulatory compliance, Application Control’s privilege management capabilities allow IT to easily remove end users’ full administrative rights and provide them with elevated privileges for just the apps or tasks that they need.

Summary

Extended support for Windows 7 ends in 2020, which is right around the corner in “IT years.” However, some IT departments see Windows 10 migration as a project, but not a priority.

This is unfortunate. Windows 10 is substantially different from Windows 7 from an IT-architecture and user-interface perspective. Additionally, Windows 10’s new release cadence is going to challenge IT—and users—to keep up.

Even If budget hasn’t been allocated yet to a Windows 10 migration project, IT can build a migration model for their organization now to determine the cost in time, dollars, and effort involved in the move. IT can use the results to engage with executive management (they are end users, too), and at minimum, start the conversation. A proactive approach allows IT to make thoughtful decisions rather than hasty ones driven by necessity.

As part of the process, consider Microsoft’s faster release cadence and how IT will accommodate it. The new cadence will push IT to run multiple Windows versions in parallel, imposing a continuous state of migration. Windows 10 migration is a tough challenge, but one that can be overcome by starting now.

Having Migration Migraines?

Ivanti can help ease your pain!

Ease migration woes, improve the user experience, and ensure acceptance of Windows 10 migration projects with Ivanti solutions. Contact us for help.

Want a fuller picture of just how effortless migration can be when challenges are overcome with Ivanti? Check out our whitepaper, Painless User Migration with Ivanti.

Got Office 365? Get Control of Users’ OneDrive Storage!

Wed, 06 Sep 2017 00:17:09 Z

One of Office 365’s significant customer benefits is the 1TB of cloud storage provided to every business user. It’s a great offer, but it has challenges.

For users, using OneDrive requires changes in their working behavior, which usually means that IT needs to provide retraining and can expect an increase in helpdesk calls. Additionally, users utilizing multiple endpoints to do their work may find that they cannot access OneDrive from one or more of their devices—which to IT usually means more helpdesk calls.

For IT, because the OneDrive storage is provided to users, IT admins lack the controls they need to view and manage OneDrive storage and its content—until now.

Capture, Control, and Audit Office 365 Users’ OneDrive Storage

Ivanti File Director’s OneDrive Connector allows IT to capture, control, and audit Office 365 users’ 1TB of OneDrive storage. The Connector uses File Director’s granular sync engine and In-Location Sync to map user files to OneDrive. And, as with on-premises storage, user get their everyday Windows experience when accessing files and folders.

Take a look at our infographic to learn more.

Windows 10 Migration: A Tale of Two Herds

Tue, 21 Feb 2017 17:30:17 Z

The Great Wildebeest Migration in the Serengeti is the largest single movement of animals anywhere in the world. It occurs annually and continues indefinitely.

Millions of wildebeest, along with hundreds of thousands of zebras and gazelles, leave their calving grounds in the Southern Serengeti and head for new water sources in the Kenyan Masai Mara, traversing different countries and terrains, to reach their goal.

So, what do these stunning beasts have to do with Windows 10?

Well, with Microsoft Windows 10 operating system updates now being pushed out more regularly, this enforced release cadence is imposing continuous migrations on organizations and forcing mass movements of users.

Like the wildebeest, millions of Windows 7 users, in fact 49.5 percent of overall desktop operating system users, according to netmarketshare.com, need to undertake a long and arduous journey to the Windows 10 promised land.

Additionally, a huge number of Windows XP (10.5 percent) and Windows 8. x (12.1 percent) users, comparable to the zebras and gazelles of the Serengeti, need to tag along too.

Let’s take a deeper look at the annual Great Serengeti Wildebeest Migration and contrast how two different metaphorical “organizational herds” typically address Windows migration projects.

Migration Phase 1

Typically, wildebeest herds prepare to leave their calving grounds and start the long journey south. With a lot of inexperienced calves tagging along, the beginning of the journey is difficult and dangerous. Predators lie in wait.

Organizational Herd A

Supporting IT users of differing abilities is always difficult. From Baby Boomers (50+ years old), through Generation X (36-50 years old) to Millennials (18 to 35 years old), users require different levels of support when working with Windows Desktops.

Inexperienced users are more susceptible to social engineering and fall prey to ransomware and other malicious attacks more easily. They need more protection.

In addition, an inexperienced IT department can be unprepared for a Windows migration and thus pitfalls await.

Without upfront analysis of the existing IT environment, it will be a difficult journey to identify how to optimize and secure the Windows 10 estate, which will ultimately lead to a poor user experience and reduced user acceptance.

Organizational Herd B

With proper preparation and the concept of user experience at the forefront of planning, common migration pitfalls can be avoided.

By analyzing the current endpoint environment and identifying application requirements such as license usage, required privileges and attempted installs, the new operating system environment can be secured and streamlined to satisfy user needs.

In addition, benchmarking user experience metrics such as logon times, CPU usage or memory consumption will ensure the user acceptance and hence success of the Windows migration project will be heightened.

Migration Phase 2

During this period the wildebeest typically graze and wait for the next step of their gruelling journey.

Organizational Herd A

A long period of reflection on how and when the migration will continue. What unexpected issues were uncovered during Proof of Concept phase? Were unforeseen stability and reliability issues experienced? What about performance? Security? What can be done to avoid future dangers?

Organizational Herd B

Migration Phase 2 is short for this organizational herd as the up-front analysis identified a large majority of potential pitfalls associated with security, performance and application requirements.

Migration Phase 3

There is no food left for the Wildebeest in their current location. The herd begins to gather in readiness for a move.

Organizational Herd A

On business devices, end-users are stuck on older operating systems, while their personal devices are up-to-date and making use of the latest applications and resources. There is an urgency and desire from employees to force a move to Windows 10.

This urgency leads to mistakes, which can set the migration back and lengthen Migration Phase 3 dramatically.

Organizational Herd B

End users have heard about the quick success of the proof of concept phase. Word spreads quickly and, using centralized deployment techniques with templated installation, IT is ready for an influx of devices to be migrated. Migration Phase 3 doesn’t last long for this organizational herd.

Migration Phase 4

The wildebeest re-start their journey across the Serengeti, the migration begins in earnest.

Organizational Herd A

Steady at first, a sub-set of user’s desktops are now being migrated to Windows 10 as part of a pilot implementation. After rollout, performance, productivity and security issues become apparent. Troubleshooting is difficult. Some endpoints are rolled back.

Organizational Herd B

Through proper planning and the use of the correct solutions to aid with the rapid deployment of OS images, applications, data and personal settings, Migration Phase 4 is a huge success and is accomplished quickly.

Migration Phase 5

The Wildebeest funnel together and mass herds are now en route to their next destination.

Organizational Herd A

The pilot was eventually completed, but wasn’t without issue. Unforeseen problems such as slow logon times, poor desktop and application response times or missing applications hampered initial progress. As market awareness of Windows 10 grows, other business units are now becoming interested to have their desktops migrated to Windows 10, putting further pressure on the IT department.

Organizational Herd B

The quick success of the pilot phase had become legendary amongst the end users. Everyone wants to reap the benefits of a fast, secure and modern desktop operating system.

Migration Phase 6

The herds are now mid-migration and pre-pare for the toughest part of their journey.

Organizational Herd A

IT are busy utilising disparate toolsets and scripts to attempt to manage and monitor the migration of many thousands of users. Some users fall by the wayside as issues hamper deployment. Others lose interest due to delays and slow troubleshooting of issues.

Organizational Herd B

Hundreds if not thousands of desktops have now been successfully migrated to Windows 10. User feedback is very positive.

Migration Phase 7

The wildebeest must now undertake a perilous river crossing. Not everyone will make it. Nile crocodiles take the weak and vulnerable.

Organizational Herd A

Business units are mid-migration. Reports of poor logon times, bad user experience or lack of user privileges result in some users opting out of the migration process.

Insecure and unpatched desktops can lead to malicious attacks that take down devices. Ransomware outbreaks successfully deliver their payload and put the migration project back days, if not weeks, while data is attempted to be restored or ransoms are arranged to be paid, ultimately affecting future IT budgets.

Organizational Herd B

There are no victims of ransomware as the new environment has all the latest security patches deployed, all users have had admin rights removed and application control techniques are enforced to stop malicious code from being introduced.

The IT estate is a safe haven for end users.

Migration Phase 8

The survivors that successfully crossed the river pause and celebrate by feasting.

Organizational Herd A

The migration has been a long and difficult process. Large numbers of users have been migrated, but many users are unhappy due to the false promises of a faster desktop and implemented security techniques have locked the system down to within an inch of its life, massively affecting user productivity.

Organizational Herd B

From day one, the migration project has been seamless to the end user. Optimum user experience and a more secure desktop is achieved through upfront planning and proper implementation. User acceptance is high and the migration is viewed as successful by both end users and senior executives.

Migration Phase 9

The herds now break up into smaller groups.

Organizational Herd A

Various business units within the organization are now using Windows 10. However, certain users no longer have access to specific required applications or tools. Personal settings have been lost. User files are missing. Productivity is again affected and user perception of the IT department is diminished.

Organizational Herd B

IT have delivered context-aware Windows 10 desktops to differing business units or user personas. Each user workspace is personalized to their own needs and personal settings and data is exactly where the user expects it to be.

Migration Phase 10

Each of the smaller groups stabilize and become self-sufficient

Organizational Herd A

IT believe their job is done – they have delivered a Windows 10 endpoint to the business and its employees. The management of the desktop is handed down to individual business units.

Lack of training or handover quickly results in increased support calls and inter-departmental blame. Due to the complexity of the new solution, no trust is placed on the users to help themselves.

Organizational Herd B

Windows 10 migration has been a complete success. Self-service tools included with the selected migration solutions allow users to help themselves and resolve any common issues without IT intervention and with very little training. Self-sufficiency is achieved rapidly.

Migration Phase 11

The rains begin, forcing the wildebeest to leave the grasslands and head back to the Serengeti.

Organizational Herd A

After migrating to Windows 10, user experience is extremely poor, if not worse than the legacy desktop estate. This can lead uses to resort to shadow IT or to roll back to older platforms.

This introduces new security vulnerabilities, application compatibility issues and increased support costs, just adding to the IT department’s existing pain.

Organizational Herd B

An increased Windows 10 release cadence drives both users and IT towards continuous migration patterns. Having planned correctly and utilized the correct migration solutions upfront, this organizational herd is future proof and ready for further migrations.

Migration Phase 12

The wildebeest return to fresh grazing on the Serengeti plains. Calving begins again. Predators, including lions, hyenas and cheetahs return.

Organizational Herd A

With users stuck with an unstable, insecure and complex workspace, Microsoft releases additional updates to the OS. This increases instability of the desktops and introduces further fear, uncertainty and doubt in the environment.

On top of this, new end-users join the herd and need on-boarding. Some are not tech savvy and susceptible to social engineering and other forms of malicious attack.

The whole sorry migration process needs to begin again.

Organizational Herd B

The latest Windows updates arrive. No problem.

Operating system and application patches are rolled out quickly and successfully to endpoints without any user disruption. If anything, this was far easier than last time!

User experience is still massively high. Security is strong, yet unobtrusive, so it doesn’t interfere with user productivity.

Get there fast and avoid the predators!

What can we learn from the different journeys these metaphorical organizational herds took to mass migration?

Organizational Herd A lacked insight into their existing environment, failed to plan and used incorrect solutions to assist with their migration. This led to a bad and costly experience for both users and the business as a whole.

Organizational Herd B had a safer, much faster route to migration success. Through forethought, preparation and by utilizing the most suitable migration aids, mass movement of users to a new desktop was quick, secure and cost effective.

So, unlike the annual migration of the wildebeest, any update to your existing operating system doesn’t need to be daunting.

Ivanti’s solutions are designed to reduce the time and complexity associated with Windows migration projects and to secure users from malicious attacks.

By separating all the user-specific aspects from the underlying OS and applications, Ivanti removes the manual IT effort required for new platform implementations, dramatically speeding up the migration process and making you future proof for any further OS updates.

In addition, stopping unknown apps from running and preventing unnecessary access to IT resources through privilege management vastly decreases the predatory threats from ransomware and other malicious attacks.

Users will always seek fresh grazing on the latest OS releases. With Ivanti, you can ensure a fast and safe migration while protecting the weak and vulnerable from lurking predators.

Discover more by clicking here.

Controlling Windows Store Applications When Using Windows 10 Pro

Mon, 10 Oct 2016 13:31:10 Z

*This post originally appeared on the AppSense blog prior to the rebrand in January 2017, when AppSense, LANDESK, Shavlik, Wavelink, and HEAT Software merged under the new name Ivanti.

IT administrators who have rolled out Windows Pro for their organization are finding an unwelcome surprise from the Anniversary Update (build 1607).

The update no longer allows restricting of Windows 10 Store Apps to prevent users from installing third party apps using Group Policy. This capability is now only supported by Microsoft on Windows 10 Enterprise and Education editions.

In preventing this control of Windows 10 Store Apps, Microsoft is opening the door to more security issues since users can download apps which are not related to productivity, and very likely fall into the ‘Shadow IT’ category of uncontrolled devices and high-risk activity.

In order to completely prevent unwanted Windows Store Applications from being installed or executed in a Windows 10 Pro environment, Microsoft now suggest upgrading to the Enterprise edition, which obviously comes at an additional cost to organizations. This could stall Windows 10 Pro upgrade projects and result in migrations being postponed or even cancelled completely. Many small to medium sized businesses, which chose to take advantage of Microsoft’s free upgrade promotion to Windows 10 Pro, are not inclined to add this additional cost.

When using Windows 10 Pro, the following key policies are still displayed in the Group Policy Editor but contain a note stating they only apply successfully on certain Windows 10 editions

Turn off Microsoft consumer experiences

This setting disables specific third party Windows Store apps from being automatically installed and disables promotional links to other third party apps

Disable all apps from Windows Store

This setting disables the Windows Store completely and prevents all Windows Store Apps that were pre-installed or downloaded from running

Why would I need to control Windows Store Apps?

If users are able to download or run any type of Windows Store App onto their Windows 10 Pro desktop, the probability of introducing compatibility issues with operating system components and other corporate delivered applications is greatly heightened, which can lead to IT support headaches and user experience issues.

For example, on a Windows 10 Pro desktop, a user may now choose to run Microsoft Edge as their default Web browser as opposed to Internet Explorer, Google Chrome or another type of browser rolled out and supported by IT. Microsoft Edge’s known incompatibilities with many web pages and web apps will more than likely result in unnecessary IT helpdesk incidents being raised and user productivity being adversely affected.

Within educational establishments such as schools, colleges and universities, and amongst the millennial generation (those typically below 35 years old), users are now extremely tech savvy and it has become second nature to access applications and data via a host of different endpoint devices and platforms. Students will typically find ways to bypass campus IT security and install or run applications they are more familiar with or prefer using. This ability to bypass IT delivered services and use alternative sources is known as ‘Shadow IT’.

With many games freely available for download from the Windows Store, end-user productivity can be badly affected. The most popular free Windows Store Apps currently include the likes of Facebook, Messenger, Netflix, Amazon and Dropbox – non-productivity apps and apps that can potentially be used as shadow IT to bypass existing IT delivered technologies and security controls already in use within your organization. This could ultimately lead to regulatory compliance issues and security breaches.

When utilizing the Windows 10 Pro Anniversary Edition, the inability to prevent access to unauthorized applications from the Windows Store, especially with the ongoing proliferation of Ransomware and Malware attacks, could also introduce a huge security conundrum for those organizations that have already adopted Windows 10 Pro or were looking to roll this edition out in the near future.

Often, the most hazardous third-party Windows Store Apps do not explicitly contain Malware or Ransomware themselves (so as to pass initial Microsoft Windows Store security checks). Instead, once they are installed, they deliver their lethal payload via links to external executables, built-in app updates or in-app purchases.

With Microsoft AppLocker and Windows 10’s Group Policy security settings now only supported on Enterprise and Education editions, how do Windows 10 Pro customers go about securing the Windows App Store and preventing these types of applications from being installed or run?

Microsoft suggest it’s still possible, using Group Policy, to ‘filter’ which third party applications are displayed to end-users through “store suggestions”, but this still wouldn’t completely stop those applications from being accessed and installed on Windows 10 Pro endpoints.

So, step up to AppSense Application Manager. A marriage made in heaven.

How can AppSense Application Manager help?

AppSense Application Manager has the ability to easily control which Windows Store Apps are allowed to be run or installed based on simple, context-aware rules.

These rules can be based on Groups, Users, Devices, Processes or even custom rules to target specific scenarios as to when users should or shouldn’t be allowed access to specific Windows Store Apps.

Through simple whitelisting and/or blacklisting techniques, IT admins can now lock down Windows 10 Pro Store Apps within seconds, securing endpoints, eliminating shadow IT, preventing unlicensed software from being utilized and ensuring regulatory compliance.

In addition, AppSense Application Manager’s unique Trusted Ownership Checking capabilities mean that if an official Windows Store App does attempt to deliver a Malware or Ransomware payload via an update or in-app purchase, it is instantly prevented without the need for IT intervention.

How this works is if a standard user copies, downloads or attempts to install any unauthorized executable, they take ownership of that file (via NTFS permissions) and it’s instantly blocked because the user in question is not a Trusted Owner. This means IT admins don’t even need to know the name of the executable the user is attempting to install or run.

If the application is attempted to run directly from the Internet, an email attachment or from a non-local drive, it is also instantly denied.

Alternatively, if the application is installed, and hence owned, by a Trusted User, e.g. an Administrator or other Trusted Installer account, then the application is allowed to run by default for everyone, unless stated otherwise. This reduces the IT burden of maintaining complex whitelists and blacklists and frees up IT admins to concentrate on more urgent tasks, while maintaining the highest level of endpoint protection.

These capabilities help protect the Windows 10 Pro environment from unnecessary applications and content, thus improving user productivity and ongoing user experience. It also provides the deepest level of security for your Windows 10 Pro endpoints and ensures Malware and Ransomware, which may have already circumvented your installed anti-virus and perimeter security, is stopped dead in its tracks.

Lock Down Security with AppSense Application Manager

AppSense Application Manager ensures a consistently good user experience and helps improve end-user productivity and increased security for organizations that choose to adopt Windows 10 Pro.

It ensures IT departments can lock down Windows 10 Pro images and guarantee only IT delivered applications and Windows components are allowed to be accessed by users. This eliminates user introduced shadow IT, which may otherwise have been used without explicit organizational approval.

Endpoints are protected from malicious Windows Store Apps and other, unauthorized Win32 applications, improving security and compliance while eliminating the IT burden of maintaining complex whitelists and blacklists.

AppSense Application Manager avoids putting Windows 10 Pro roll-outs on hold due to concerns with security features being removed from the Anniversary Update edition.

For organizations still looking to upgrade to Windows 10, AppSense Application Manager eliminates the requirement to upgrade to the more expensive Enterprise edition – so as to make use of the built-in Windows Store controls – and instead allows IT to lock down Windows Store Apps and other Win32 apps in Windows 10 Pro, thus reducing both costs and complexity.

Organizations now have a compelling reason to celebrate the Windows 10 Pro Anniversary update - by utilizing it without fear of opening the door to new security risks.

Ivanti Blog: Posts by

NEW! Set Windows 10 Default Apps with Ivanti Environment Manager

NEW! File Director 2018.3 – Windows Client Cache Management

How it works

Enabling Windows Client Cache Management

Configuring a Grace Period

Excluding processes from Cache Clean-up

Excluding file types from Cache Clean-up

Summary

NEW! Environment Manager 2018.3: OneDrive Cache Roaming for Virtual Sessions

How is this achieved?

What happens on the endpoint?

Concurrent User Access for Office 365 VHD Containers

Ivanti Automation Integration With Ivanti Environment Manager

How Ivanti Environment Manager Can Trigger an Ivanti Automation Task to Make a Change in AD Using an Automation Connector

INTRODUCTION

USE CASE

CONFIGURING IVANTI AUTOMATION

CONFIGURING IVANTI ENVIRONMENT MANAGER

TESTING THE CONFIGURATION

From RES ONE Workspace to Ivanti Environment Manager: Just-In-Time App-V 5.x Apps

Using Office 365? Ivanti File Director Saves You Money by Migrating Files to the Cloud

Ivanti File Director

The 3 Biggest Obstacles to Windows 10 Migration

Migrating to Windows 10

1. Roaming Profiles

What is a Roaming Profile?

Challenges of Roaming Profiles:

Migrating Roaming Profiles From Windows 7 To Windows 10

2. Folder Redirection

What is Folder Redirection?

Challenges of Folder Redirection:

3. Offline Files

What is Windows Offline Files?

Challenges of Offline Files:

Having Migration Migraines?

Windows 10 Migration With Ivanti: Migraine Managed

Effortless Migration With Ivanti

Step 1 – Baseline Your Existing Environment

Step 2 – Centralize Management of Users’ Personal Settings

Step 3 – Application Control and User Privileges

Summary

Having Migration Migraines?

Got Office 365? Get Control of Users’ OneDrive Storage!

Capture, Control, and Audit Office 365 Users’ OneDrive Storage

Windows 10 Migration: A Tale of Two Herds

Migration Phase 1

Migration Phase 2

Migration Phase 3

Migration Phase 4

Migration Phase 5

Migration Phase 6

Migration Phase 7

Migration Phase 8

Migration Phase 9

Migration Phase 10

Migration Phase 11

Migration Phase 12

Get there fast and avoid the predators!

Controlling Windows Store Applications When Using Windows 10 Pro

Turn off Microsoft consumer experiences

Disable all apps from Windows Store

Why would I need to control Windows Store Apps?

How can AppSense Application Manager help?

Lock Down Security with AppSense Application Manager