Ivanti Product Update - October 2022
Product updates and releases covered in this newsletter:
- Service & Asset Management
- Unified Endpoint Management (UEM) / Digital Experience Management (DEX)
- Extended Products Group
Continued expansion of Ivanti Neurons for RBVM and ASOC capabilities
The 2022.4 release of Ivanti Neurons for Risk-Based Vulnerability Management (RBVM) and Ivanti Neurons for App Security Orchestration & Correlation (ASOC) introduces a range of enhancements based on customer feedback:
- Playbooks now support the use of "or" filters so users can run more complex queries
- Notifications can now be triggered to alert users when new findings are assigned to them and new/updated system filters are available
- Key list views for assets and findings get a new user experience with new data grid features, quick filters, KPIs and refined filtering with ‘or’ capabilities
Additionally, this release also includes the introduction of an integration with Sonatype Nexus Lifecycle and enhancements to several existing integrations. Third-party integrations are the lifeblood of RBVM/ASOC platforms and Ivanti is always working diligently to add new and enhance existing integrations.
Check out the Ivanti Neurons for RBVM and ASOC integrations page to see the full range of out-of-the-box integrations supported by the platform.
Ivanti Neurons for Patch Management enhancements
Since its introduction in January, Ivanti has focused on aggressively enhancing Ivanti Neurons for Patch Management. The 2022.4 release of this cloud-native patch management product includes multiple noteworthy developments:
- macOS patch scanning and risk insight (beta) provides the ability to scan Mac endpoints and detect vulnerabilities. Resulting endpoint and patch insights are displayed alongside Windows insights in a unified UI. Full remediation for Mac endpoints is currently available via a hybrid approach in which Ivanti Neurons for Patch Management taps into the capabilities of on-premises Ivanti patch management products. A future Ivanti Neurons for Patch Management release will include full macOS support. If interested in participating in the macOS assessment beta program, click here to contact the product manager for Ivanti Neurons for Patch Management.
- Bandwidth utilization in the Agent Policy manages network performance by allowing users to set the percentage of WAN/LAN bandwidth to be used when downloading patch content packages from Ivanti Neurons.
- CVE upload functionality lets users quickly reconcile a list of CVEs generated by a vulnerability scanner against the Ivanti patch content catalog to reduce the time required to patch vulnerabilities identified in their environment. Ivanti pioneered CVE import functionality years ago for our on-premises patch products and is excited to now offer this functionality in the cloud.
Head to the Ivanti Neurons for Patch Management product page to discover more about this product and how it enables a risk-based approach to patch management.
Updates to Ivanti Neurons Patch for MEM
The number of Windows, Android, and iOS devices protected by Microsoft Intune has grown 60% over the past year. However, Intune still provides no native functionality for updating third-party applications for Windows systems, making tools like Ivanti Neurons Patch for MEM more important than ever.
Ivanti recognizes this importance and is continuing to improve Ivanti Neurons Patch for MEM in response. Among the enhancements included in the 2022.4 release of Ivanti Neurons Patch for MEM are the following:
- An expanded content catalog now contains a majority of today’s most widely used third-party applications, from 7-Zip to Zoom. Head to the Supported Products page on Ivanti’s website for a full listing of the Ivanti Neurons Patch for MEM content catalog.
- A Patched Devices column has been added to the Products table on the Recommended Products page that shows the patch status and number of applicable devices. Recommended Products now gives recommendations based on the software inventory of devices from the Intune environment. This update significantly increases the recommendations and their relevance to the user and provides perspective on the need to begin managing and publishing the product to Intune.
- Advanced deployment options have been added to the product, including:
- Toast notifications to provide more interaction with the end user.
- Administrators can now set a deadline for when an application must be installed. This ensures all systems are updated by a particular date, which is critical when some applications are known to be vulnerable or if a new feature must be available to everyone at a particular time.
- Administrators can now also provide additional options for users to interact with when their system restarts following an active update. For example, a grace period can be assigned with additional countdown and snooze options.
Refer to the Ivanti Neurons Patch for MEM 2022.4 release notes for more information on additional updates included in the latest release of the product.
New features for Ivanti Security Controls
The powerful Ivanti Security Controls has been further strengthened with the following updates in its 2022.4 release:
- Automate to Compliance is a new REST API script that automates the steps in the patch process (scan, deploy, reboot), repeating the steps until all patches have been deployed to the designated machines.
- The patch metadata function in the REST API has been enhanced to provide better sorting and pagination capabilities when viewing the query results.
- The agent UI has been updated. Much more information is now provided in the patch task logs about the patch status (downloads, installs, success, failure, error messages).
- A security enhancement has been made to the SSH server connection process. Customers now have the option to block connections to an SSH server whose identity is not validated prior to sending credential information.
- The Windows Deployment History tab in the machine view has been updated to add more error code information.
Also, please note that the deprecation of Windows 8.1 support for the Ivanti Security Controls console is scheduled for January 2023. As of the 2023.1 release, Ivanti Security Controls console will no longer be installable on Windows 8.1.
Read the Ivanti Security Controls product page to learn more about the capabilities of this offering.
Service & Asset Management
Ivanti Neurons for ITSM
In this release, Ivanti continues to bring enhancements to Ivanti Neurons for ITSM that include self-service, social and chat capabilities to drive more collaboration and engagement across their teams. These improvements include:
- Microsoft Teams integration
- Self-service chat
- Webservice Actions
- Content Management
- Graphical Action Designer (BETA)
Organizations can benefit from improved collaboration, as well as increased efficiency, productivity, and overall service delivery with these feature advancements.
Ivanti Neurons for ITAM
This version of Ivanti Neurons for ITAM includes functionality that supports our goals for a seamless integration with other systems while improving processes related to receiving assets. These improvements include:
- Ivanti Neurons Integration with ITAM On-Premises Implementations (BETA)
- Integration with Insight Software Invoice Data
- Barcode Scanning Receival Process
These feature advancements offer organizations improved product efficiency and usability, improved processes for barcode scanning, and improved productivity of managing their IT assets.
Ivanti Neurons for Spend Intelligence
This version of Ivanti Neurons for Spend Intelligence focused on improving software recognition, addressing customer bugs, and preparing for features in the next release.
Ivanti Neurons for HR
In this release, Ivanti continues to bring new enhancements to Ivanti Neurons for HR in order to improve the HR case workflows to include more ways to manage each case and update portal with addition of new workflows and actions. These improvements include:
- HR Case Updates (case assignment filter, actions, status flow)
- HR Batch Case
- Knowledge Filtering
These usability updates benefit organizations by improving the experience for users and teams spread out across different countries, as well as the sharing of knowledge and efficiency across the enterprise.
Ivanti Neurons for Facilities
Ivanti continues to bring new enhancements to Ivanti Neurons for Facilities in order to enhance workflows for preventative maintenance, locations, asset, and request management, and to cleanup portal request offering workflows and forms. The innovations in this latest release include:
- Preventative Maintenance
- Improved scheduling of preventative maintenance plans
- Enabled duplication of work order detail, tasks and checklists
- Added scheduling maintenance for rooms, spaces and cubicles
- Facilities Asset Management
- Improved facilities asset location and disposal workflow
- Added notifications for assets that reach End of Life
- Enabled ability to see all possible consumables associated to a facilities asset while in a work order
- Improved tracking of facilities assets and work order management
- Added hierarchy filtering
- Added creation of facilities space
This gives organizations more flexibility in scheduling preventative maintenance for assets and areas within a facility and increases efficiency and productivity of facilities management.
Unified Endpoint Management (UEM) / Digital Experience Management (DEX)
Ivanti Neurons for MDM R86 & R87
Ivanti continues to enhance Ivanti Neurons for MDM and add new capabilities to improve IT efficiency, user experience and device/data security with additional security restrictions. With Q4 release, Ivanti fully supports the latest OS updates from Apple, Google, and Microsoft from day zero. There are several new features to better support shared device and COSU (Corporate owned single use)/dedicated device use cases including shared iPad enhancement, Companion/Extension app support in COSU etc.
iOS/iPadOS 16/macOS 13
- Enhancements on shared iPad for business
- Improved user experience via faster log in process
- Enabled default domains and remote authentication
- Deliver security fixes to users more frequently
- Added security restrictions help improve device security
- Support software update command for multiple devices
- Improved IT productivity and experience
- With the new Ivanti Zero Sign On integration and UEM controls, a FIDO key can be used to login to the device
- Seamless and secure login experience in shared kiosk
- Companion/Extension app support in COSU
- Advanced logging for Android devices allows log collection without user interaction
- Bulk Enrollment Enhancements: Easily generate QR Code in the UEM console
- Reduced admin overheads
- Added logging capability for enterprise security and network logging
- Easier troubleshooting with better visibility
- Enabled to delete TeamViewer integration
- Improved IT admin/user experience
Windows 11 2H22
- Admin app updates notifications for Windows apps
- Prevent app related risks with ability to review changes to the AppCatalog apps
- Reboot device options after app installation
- Better app management over off hours reduces impacts on user productivity
- Ability to create reports based on hardware attributes
- Help IT keep their fleet in compliance
Ivanti Neurons 2022.4
The latest release of Ivanti Neurons 2022.4 provides capabilities to further enhance operational excellence, ease of use, and security to improve your overall digital employee experience. The release also includes numerous customer requested enhancements. Highlights include:
- Automated Lenovo and Dell Warranty Data: Automatically collect warranty information from Lenovo and Dell and improve issues resolution without spending unnecessary resources to fix devices out of warranty.
- Real-time device insights: Improved Windows and Mac sensors to measure additional real-time indicators of device health, security and inventory.
- Improved Security Indicator for DEX: Updated Inventory Scanner to utilize WMI to pick up CrowdStrike Falcon Sensor and Windows Defender Status to accurately report on the device experience.
- New AI-driven automation bots experience: With this release we are beginning to enable our all-new next-generation automation experience which has been architected from the ground up to provide you with powerful low-code/no-code remediation options across the issue lifecycle. Let us know what you think of the new experience.
You can learn more about the Ivanti Neurons 2022.4 capabilities in the help documentation.
Ivanti EPMM 11.8
iOS/iPadOS 16/macOS 13
- Enhancements on shared iPad for business
- Improved user experience via faster log in process.
- Enabled default domains and remote authentication.
- Rapid Security Response
- Added security restrictions to iOS 16/macOS 13.
- Support software update command for multiple devices
- Improved IT productivity and experience.
- Managed app config for in-house apps
- Same app and configuration extended to AOSP and non-AOSP deployments
- Improved IT efficiency
- Unlock command to support custom PIN
- Customize 6-digit PIN settings.
- Improved device security and compliance.
- Single App support in COSU mode
- New single app mode allows admin to deploy devices in Single App Mode and set-up devices easily.
- Improved business productivity on dedicated devices.
- Integrated [email protected] in [email protected] and MI Go
- A single app for device status, mobile threat, and the [email protected] catalog.
- Simplified and improved user experience for apps.
- Enable/Disable end user app updates notifications
- Admin can enable or disable them, also choose the cadence of the notifications to daily or weekly.
- No app updates, no notifications
- Improved user experience for apps.
Endpoint Manager 2022 SU2
The latest release of Endpoint Manager continues to enhance employee (and IT Admin) on-boarding experience, productivity, and security.
Enhanced Microsoft and macOS Support
- Increase end-user experience and productivity by providing the ability to choose which of the Microsoft 365 applications are configured and installed through Autopilot
- New support for Windows 11 2022 update providing seamless end-user experience
- Zero Day support for macOS 13 Ventura
- Ability for a single device to provide Apple content caching for a subnet
- Easier administration of Mac devices via Ivanti Agent Tool
Enhanced Web Console and Remote Control
- New Web Console productivity and efficiency enhancements:
- Run and export queries/reports
- Reboot action per device
- Device and user views
- Ability to customize remote control user notifications
Security and Productivity Improvements
- Save time by reducing steps and decrease manual work needed to maintain Patch Definition Filter
- Enhancements to self-updating Agent (BETA) after EPM upgrades making upgrades quicker, easier, and more reliable.
Ivanti Xtraction 2022.3
The Ivanti Xtraction 2022.3 release delivers several improvements to support our customers including:
- Microsoft 365 authentication for email: It is now possible to use Microsoft 365 as the authentication provider for email.
- Trusted Sites: For improved security, we’ve added “Trusted Sites” which means the system administrator must configure the domains, paths or IP addresses allowed to access Xtraction. For existing customers upgrading to Ivanti Xtraction 2022.3 please see the upgrade notes for detailed instructions.
- Database Traffic Encryption: All traffic from Xtraction can now be encrypted and/or requires a specific certificate. There are two new settings that support this, “Encrypt” and “Trust Server Certificate”.
- New Authentication Providers: It is now possible to use either Microsoft Azure Active Directory (AAD) or Okta as authentication providers for Xtraction.
- Connectors: In response to feedback, the connectors are regularly updated. This quarter we have updated the connectors to Ivanti Neurons for ITSM, ServiceNow, Jira Service Manager, Ivanti Security Controls and Ivanti Endpoint Manager
Extended Products Group
Ivanti Workspace Control 2022.4
Ivanti Workspace Control continues to add customer-requested feature enhancements with each release and the 2022.4 release continues this trend by including the following capabilities:
- Troubleshooting – Sampling Mode column: Sampling Mode is a great feature but can rapidly fill up your database. We’ve introduced a Sampling mode column in the user settings overview. The Workspace Control Administrator can now filter the newly added column to see if any of the User settings are configured to use Sampling mode.
- Reporting – Configuration Item Field: We’ve added a Configuration Item Field to the Application Properties view so that Applications can be mapped/linked to external change management systems. When changes have a negative impact on the User Experience, this field can be used to easily identify changes made in the time period when issues have been reported to the service desk.
- Integrations – Ivanti Browser Manager: This integration enables customers to save and deploy Ivanti Browser Manager configurations using Custom Resources.
- Ignore IP addresses: we enhanced the Engineering registry keys to hide specific Client or Server IP Addresses/Ranges from the User Session overview.
- Inform about Azure AD TLS requirements: The window that is being used to configure Azure Active Directory will now inform you about the TLS 1.2 requirement. Once configured, the console process will always check if the TLS settings are being met on the device where the administrator starts the Workspace Control Console.
- Connection State in User event log: We now report any change in the Connection States in the user Event Log. In previous versions, the connection state changes were not reported.
Desktop and Server Management 2022.2
In the 2nd major release this year, we have continued to improve employee (and IT Administrators) experience, productivity, and efficiency.
Enhanced Microsoft Support
- Faster PowerShell troubleshooting now with all errors and write commands shown in installer log
- Increased productivity and improved cloud reach/functionality with Azure Windows 10/11 multisession support
- Increased functionality in the DSM console to show MS-Intune actions
Enhanced Remote Control
- Notifications to increase communication with end-user of ongoing session
- Connect without confirmation window to increase productivity when connecting unsupervised devices
- New actions within Ivanti Neurons to increase hybrid functionality + enhance migration to the cloud
- Added security layer with new Confirmation Window when resetting variables
- Increased productivity with automatic package installation based on location
- Increased consistency across Ivanti products with eTray icon enhancements
- Increased productivity for Admins with new Registry Search folder now supports multi-string
Ivanti Device & Application Control 2022.4
The 2022.4 release introduces the following new features:
- Search Option within Device Explorer: It is easier than ever to find the right device you are looking for. A new search bar searches through all the fields visible in the Device Explorer and automatically moves the focus to the string found. You can also use the keyboard to move to the next search result (F3) or move to the previous result (Shift + F3).
- Allow Client-Side Disk Encryption of Larger Storage Drives: End-Users can encrypt USB storage devices larger than 2TB (non-portable encryption) directly on the client. No need any longer to involve the Administrator.
- Increase Number of Days within the DB Maintenance Tasks: Now you can select up to 9999 days for entries to keep under DB Maintenance settings.
- Agent Notification Filtering by Device Class: Configure which notifications your end-users should see, and which they shouldn't, to help reduce “notification fatigue” associated with users receiving too many notifications.
- Official Support for ARM64 Architecture (Specifically Microsoft Surface devices): With this enhancement we can reach even more endpoints and increase the security in your environment.
Ivanti Identity Director 2022.4
The latest release of Ivanti Identity Director eases the load on IT departments by allowing them to fully prioritize critical services and by making access certification campaigns more granular and more friendly for everyone.
Here’s how we enhanced access certification:
- Advanced notification settings for users and managers: You can now choose granular notification triggers for reviewers and their managers alike.
- Campaigns can be duplicated: This speeds up the definition phase of campaigns, as many one-time campaigns have multiple similar aspects to previous ones.
- Reason for approval or denying of access: One particularly important aspect in certifying access is the ability to record the reasons why access is approved or denied. This is now possible on a person-by-person basis through the process.
- Expanding the scope of the “Group Membership” data source: People brought in via this connector are now also being searched for in deeper levels, such as subgroups.
Identity Director 2022.4 also includes changes based on customer feedback that will bring some big improvements to self-servicing workflows:
- We allow complex operations to be presented in a straightforward way in the Provide Information WFA, like allowing data in tables to be presented and queried in a tree type structure.
- Customers can now use the service person checklist and person list attributes in page conditions in the Provide Information WFA.
For more details and a full list of new capabilities, refer to the Ivanti Identity Director 2022.4 Release Notes. Check out the latest videos on Vimeo as well for information on topics such as access certification.
Ivanti Service Desk 2022.4
The 2022.4 release introduces the following new features:
- Bulk Actions in Web Access: A much-requested customer feature, enabling you to run an action on several items at the same time.
- REST Behaviour DELETE method: You can now use the DELETE method with the REST web service which helps to extend integration support for the O365 framework.
- Web Access Framework enhancements: We’ve updated and added new functionality to the Web Access Framework to close the gap between Web Access and the Console / Workspaces functionality.
- Usability improvements: We’ve made several improvements for administrators and designers including:
- Manage Scheduled Data Import: Allow individual import definitions to be suspended
- Calendar-based chat availability: Chat is automatically switched on and off based on an SLA calendar
- Chat Screen Names: Ability to set the name displayed for users in a Chat window
For more details, check out the Service Desk Help page. We’ve also added a new video to our YouTube playlist that describes how to configure your system to give better knowledgebase search results and provides advice on how to write better knowledge articles.
Ivanti Endpoint Security
We haven’t released an update of Ivanti Endpoint Security as part of the Q4 release window. However, there are some updates that we’d like to tell you about.
- REST API Enhancements: We’ve made further enhancements to our REST API framework and have added new capabilities to help you add automation to Ivanti Endpoint Security. If you haven’t already done so, check out the latest use cases.
- Ivanti Automation Integration: To help get you started on your automation journey, we’ve developed a video of implementation with Ivanti Automation.
- Want to try out Ivanti Neurons for Patch Management? If you are ready to start your cloud journey, contact your Ivanti Account Manager to learn how you can move to our Risk-Based Cloud Patch Management solution.