As part of the re-affirmed commitment to customers , Ivanti launched an Independent Business Unit (IBU) consisting of proven solutions with a large customer following (dare I say: fans?). One of the solutions managed by this dedicated team is Ivanti Identity Director.

The Identity, Governance and Administration solution is one that has a long-standing history and comes from the former RES Software portfolio. Identity Director has established a reputation of providing solutions to some of the big challenges that growing companies may have, like how to approach user centric security during onboarding and offboarding.

After a powerful start in January when SSO capabilities were added to Ivanti Identity Director, the team intends to keep the momentum going by focusing on password reset, which continues to be the number one source of IT helpdesk tickets.  With so many users now working from home, having a simple, effective and secure password reset solution is more important than ever.  In the 2020.1 release, we’ve listened to your feedback and have added the most-requested password reset enhancements to make Identity Director an even better solution.  Let’s dive into the ‘Big 5’ of the new features, enhancements and improvements of Ivanti Identity Director 2020.1.

1. Brute-force Attack Protection

Do you use security questions to verify the identity claim of a user? The new Identity Director release enables you to lock an account when repeated failed attempts to answer security questions occur. You can set an overall limit of incorrect answers that applies to the whole set of questions and a limit of time in which, if a set of wrong answers are introduced, a lockout gets triggered. Thus, in the event of a brute-force attack, the account will be locked out for a configurable amount of time.

password reset - security questions

2. Password History Verification

One of the most sought-after password reset features is the option to limit the password reuse. Identity Director now features password history verification, allowing the password history to be contained within Identity Director, ensuring old passwords cannot be reused.

password reset - password history

3. Silent Install Support

The Identity Director Web Portal now supports unattended installation using self-signed certificates. An example script for guidance when installing the whole product suite is now also available, including Identity Broker. See the Identity Director Help for more details.  

4. Identity Cleanup

To keep the offboarding process clean and less error prone, an automatic process is required to remove remaining data from the database and possibly Active Directory. Identity Director release 2020.1 allows for identities marked as ‘Ready for Deletion’ to be automatically erased after a certain amount of time, determined by you.

list of users

This enhancement also solves the issue of reusing the same identifier when onboarding an employee with the same name, as many admins usually forget about identities that were left in the database.

5. Multiple Identity Providers within the Same Environment

Identity’s single sign-on component can now be used with multiple providers at the same time. An upgrade in the Identity Director Management Portal allows you to configure claims from multiple providers using the “;” separator. This makes it possible for a user to login with, for example, Azure Active Directory and for another to login with Okta in the same environment.

ivanti indentity broker login screen

For more details regarding this release, including bug fixes, known issues and limitations please have a look at the release notes.