Ivanti Blog: Ivanti News

The Secure-by-Design Pledge: A Commitment to Creating a Safer Digital Future

Wed, 08 May 2024 22:06:03 Z

The exciting benefits of digital transformation and automation — global interconnectedness, efficient operations, greater business outcomes — have come with an equal measure of concern over digital safety. It has become clear that to safely realize the benefits of digital acceleration, as an industry we must take bold steps toward securing the digital landscape and mitigating cybersecurity threats.

At Ivanti this evolution is already under way — and we are committed to being at the very front of the movement. As a company, we have always believed that our customers’ interests – including security – should be a cornerstone of software development. With the threat landscape rapidly evolving, and tactics becoming increasingly aggressive and sophisticated, the imperative to put security first has never been greater.

That is why last month I outlined a bold plan for Ivanti to meet the new reality we are all facing. Our efforts are rooted in Secure by Design principles, weaving security into every stage of our software development lifecycles. Given this commitment, it makes sense that we’re among the first to sign the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure by Design pledge, which they unveiled on May 7, 2024 at the RSA Conference in San Francisco.

The concept of Secure by Design is not new, but it has never been more relevant. It ensures that products are built with security embedded from the ground up, reducing the risk of vulnerabilities and making it more difficult for malicious actors to exploit them. That is why this pledge is so meaningful at this moment in time, and why companies like Ivanti are answering the call. We see this as a meaningful step forward in the industry’s commitment and collaboration around security, and we look forward to setting a new standard for the broader ecosystem.

A bold new level of security

By signing the Secure by Design pledge, we are committing to a set of principles, standards, and actions that will help us further elevate the security of our products and better protect our customers. This includes implementing multi-factor authentication, reducing the use of default passwords, mitigating entire classes of vulnerabilities, increasing the adoption of security patches, establishing a vulnerability disclosure policy and improving our customers' ability to gather evidence of cybersecurity intrusions. I’m pleased that our products and our organization already meet many of these Secure by Design principles, and we are looking closely at opportunities to enhance and accelerate our efforts and practices throughout our organization and product development lifecycle.

For Ivanti, these commitments are far from simply words on paper or empty promises. By signing this pledge, we are making a public commitment to raise the bar and that we will be accountable for delivering. We will work diligently over the coming year to make measurable progress toward each of these goals, and we will update our customers and the wider security community on our progress. We believe that transparency is essential in building trust and fostering a broader culture of security.

Stronger together

We’ve taken a big step by acting as early signers to this pledge. Still, we recognize that we cannot achieve a safer digital future alone. It is crucial that other vendors in the industry also embrace the principles of Secure by Design and take similar steps to prioritize security in their products. We strongly encourage our peers to join us in signing the CISA Secure by Design pledge and to work collaboratively toward our shared goal of protecting our customers and the broader digital ecosystem.

It's good business, and it’s the right thing to do for employees, partners, customers and the communities we serve.

Our recent experience at RSA has only reinforced our belief in the importance of the security community coming together to tackle the challenges we collectively face. Our conversations with customers and partners were invaluable, and they highlighted the need for a collective effort around software security. By sharing knowledge and best practices and holding each other accountable, we can make significant strides toward a stronger and more secure future.

Ivanti is committed to being a leader in this effort, and we look forward to engaging with our customers and the wider community to make Secure by Design the new reality.

Just Released: 2020 Gartner Magic Quadrant for ITSM Tools Recognizes Ivanti a Leader

Mon, 12 Oct 2020 20:13:40 Z

We’re in the early autumn season here in the northern hemisphere, with the weather getting cooler and the nights longer. That growing chill in the evenings encourages staying inside and reading by a fire for enjoyment and enlightenment. But even if you’re an early planner who already has their fall reading list mapped out, there’s one key report you should move to the top: the new 2020 Gartner Magic Quadrant for IT Service Management Tools, just published and ready for you to view.

If the Gartner Magic Quadrant report is new to you, here’s a quick overview. Gartner analyzes the top vendors in the ITSM market every year and evaluates each vendor on its ability to execute and the completeness of its vision. It’s important to note the Magic Quadrant is not a direct evaluation of individual tools but is a helpful resource and starting point to help IT organizations identify possible solutions.

Get started today by reading the Magic Quadrant for ITSM report for Gartner’s analysis of the top vendors in the IT service management marketplace, including Gartner’s:

Overview and vision of the ITSM landscape
Strengths and weaknesses of each vendor
Guidance when seeking an ITSM solution

Check out the visual summary of the 2020 Gartner Magic Quadrant for ITSM 2020:

Ivanti on the Gartner Magic Quadrant

We at Ivanti are excited to be named a new leader in this year’s report! Our team is proud of the progress we’ve achieved in this year’s Magic Quadrant report, continuing our multi-year run of improving our Magic Quadrant position. But we’re most proud of the benefits we’ve helped our customers realize as they use Ivanti solutions to automate and improve their service delivery, business outcomes, and user experiences. Our modular design and cloud-optimized system have made it easier for teams to select and deploy the functionality they need now and in the future.

Over the past year since the last Magic Quadrant report, we’ve released several notable enhancements to make life easier for IT service management teams by speeding resolutions and helping them discover, optimize, and secure IT assets. These enhancements include our always-on, automation-powered Ivanti Neurons for Healing bots; automated diagnostic and specialist-level remediation workflows; Virtual Support Agents; automated phone interactions; and integrations to thousands of cloud-based applications. And we’ll continue building on our vision for modern ITSM that delivers better user experiences and business outcomes.

Nayaki Nayyar, Ivanti Executive Vice President and Chief Product Officer, recently commented:

“In our view, to be named a Leader in the Magic Quadrant for ITSM Tools is a significant milestone in Ivanti’s history and a true testament to the execution of our product vision and strategy. Ivanti is transforming IT service management with the Ivanti Neurons platform that enables organizations to autonomously discover, heal, secure, and service from cloud to edge with automation bots, as organizations try to address the explosive growth of devices, data, and remote workers.”

We see the Gartner Magic Quadrant report as a trusted resource to help IT leaders select tools to meet their specific needs. We invite you to access the full report and see what Gartner has to say about the ITSM market and its top vendors.

Qualys Integrates Ivanti Patch Management Into Qualys VMDR Platform

Thu, 30 Jul 2020 12:07:27 Z

Our latest announcement comes in the form of another exciting partnership, this time with Qualys! A leading provider of disruptive cloud-based IT, security, and compliance solutions, Qualys has integrated Ivanti Patch Management technology into their Qualys VMDR (Vulnerability Management Detection Response) platform.

Qualys President and Chief Product Officer, Sumedh Thakarsaid, said the following:

"The seamless integration of Ivanti and Qualys technologies in VMDR takes endpoint security to the next level. By extending Ivanti’s leading patch management technology from Windows to Mac, Qualys VMDR now orchestrates the entire process of discovery, prioritization and patching of critical vulnerabilities in real time across hybrid IT environments including macOS devices. Furthermore, it allows us to bridge IT and SecOps workflows to more efficiently secure and manage today’s explosion of remote workers."

The Ivanti and Qualys partnership provides for tight integration of Ivanti Patch Management into Qualys VMDR to automate and simplify the patch remediation process. As a result, customers will be able to quickly detect vulnerabilities, from endpoint to datacenter, and automatically deploy expertly pre-tested Mac patches across dozens of third-party applications. Current Microsoft patch coverage includes both security and non-security content for all supported products, operating systems, and applications, including Microsoft Office. The Ivanti patch catalog is one of the industry’s most comprehensive catalogs currently securing over 180 million endpoints globally.

The next phase of the integration will allow Qualys customers to patch MacOS systems, as well as over 70 third-party Mac applications, directly through Qualys VMDR.

Nayaki Nayyar, EVP and Chief Product Officer, Ivanti, had this to say about the expanded partnership:

“Ivanti’s expanded partnership with Qualys further underscores our mission to help deliver end-to-end security solutions. Our recently announced Ivanti Neurons platform powers security teams with advanced automation capabilities to discover, prioritize, remediate vulnerabilities and self-heal endpoints and edge devices.”

As mentioned in a recent press release, Ivanti Neurons transforms the way IT gets work done. Powered with hyper-automation capabilities, it delivers:

Learn more in the interview below:

Intel vPro® Platform-Based Devices with Intel® Endpoint Management Assistant Now Integrates with Ivanti Neurons Platform in Strategic Partnership

Thu, 23 Jul 2020 12:21:43 Z

We at Ivanti are thrilled to announce our new strategic partnership with Intel. Offering Device-as-a-Service with self-healing capabilities for the next generation workforce, Intel® Endpoint Management Assistant (Intel® EMA) now integrates with the Ivanti Neurons hyper-automation platform. This partnership enables IT organizations to self-heal and self-secure with Intel vPro® platform-based devices—both inside and outside of the corporate firewall.

Stephanie Hallford, Intel Vice President of the Client Computing Group and general manager of Business Client Platforms, had this to say about the partnership:

“By partnering with Ivanti, Intel continues to expand our industry-leading technologies that support our joint customers to manage a remote workforce and edge devices. Using the Intel vPro^® platform will provide in band and out of band endpoint management via the cloud. The Ivanti DaaS solution, along with the built for business Intel vPro platform is perfect for driving customer value for the next generation workforce. Together we are providing unparalleled technologies, performance and enhanced security for DaaS.”

As mentioned in a recent press release, Ivanti Neurons transforms the way IT gets work done. Powered with hyper-automation capabilities, it delivers:

Ivanti Neurons empowers organizations to self-heal, self-secure and self-service from the cloud to the edge with efficiency, accuracy, speed and out-of-the-box automation content for unprecedented IT productivity.

With the integration of Intel vPro platforms with Intel Endpoint Management Assistant, Ivanti Neurons provides enhanced remote management for on-premise and cloud-based endpoints. Ivanti Neurons can take remote actions on Intel vPro platform-based devices such as powering-on a device, restarting a device, setting wakeup times, and controlling a system even during OS failure, and repairing devices at scale.

Nayaki Nayyar, EVP and Chief Product Officer, Ivanti, said the following:

“Together, Ivanti and Intel are delivering unparalleled endpoint management for devices using the Intel vPro® platform for on-premises and cloud-based endpoints remote management—integrated with hyper-automation bots on Ivanti Neurons platform. As remote becomes the next normal, auto-healing, securing and servicing the endpoints and edge devices becomes a key priority for organizations. With Ivanti Neurons, organizations supporting Intel vPro platform-powered devices can gain a 360-degree view of users, devices, and applications and auto-remediate performance, security, configuration issues.”

Intel technologies may require enabled hardware, software or service activation.

No product or component can be absolutely secure.

Your costs and results may vary.

Intel, the Intel logo and other Intel marks are trademarks of Intel Corporation or its subsidiaries. Other names and brands may be claimed as the property of others.

Introducing the Ivanti Neurons Platform to Self‑Heal, Self‑Secure, and Self‑Service

Tue, 21 Jul 2020 11:42:34 Z

Today is the day! We've just published this press release announcing our brand new Ivanti Neurons platform!

What it is: Ivanti Neurons is a new hyper-automation platform that empowers organizations to proactively, predictably and autonomously self-heal and self-secure devices, and self-service end users. Ivanti Neurons augments IT teams with automation bots that detect and resolve issues and security vulnerabilities while improving the accuracy, speed and costs of services IT delivers. Early adopters of the solution have reduced unplanned outages up to 63%, reduced time to deploy security updates by 88%, and resolved up to 80% of endpoint issues before users reported them.*

With this release, we are delivering on our vision to address the rapid growth and complexity of devices, data, multi-generational remote workforce, and increasing cyber-security threats with hyper-automation. By helping organizations mature from basic automation to a confluence of hyper-automation powered by deep learning capabilities, we are delivering a self-healing autonomous edge with contextual, anticipatory and personalized experiences for remote workers.

“As remote becomes the next normal, Ivanti Neurons enables organizations to heal and secure devices and deliver a seamless ‘work from anywhere’ employee experience. Always on and always working, Ivanti Neurons enables IT’s desire to ‘shift-left’ with automation bots that autonomously discover, secure and service endpoints at the edge.”

— Nayaki Nayyar, Ivanti's Executive Vice President and Chief Product Officer

The new Ivanti Neurons hyper-automation platform offers multiple capabilities for enterprises:

Ivanti Neurons for Edge Intelligence
- Gives IT the ability to query all edge devices using natural language (NLP) and get real-time intelligence across the enterprise in seconds. It provides quick operational awareness, real-time inventory, and security configurations across the edge leveraging sensor-based architecture.
Ivanti Neurons for Healing
- Offers an army of automation bots to proactively detect, diagnose, and auto-remediate configuration drift issues, performance issues, compliance issues, and security issues for endpoints. Automation of routine tasks paves the way to creating a truly self-healing environment, reducing time, costs, and improving employee experience.
Ivanti Neurons for Discovery
- Delivers accurate and actionable asset information in minutes. This provides visibility in real-time using active and passive scanning and third-party connectors. These provide normalized hardware and software inventory data, software usage information and actionable insights to efficiently feed configuration management and asset management databases.
Ivanti Neurons Workspace
- Provides a 360-degree view of devices, users, applications, and services, with real-time data. This allows first-line analysts to resolve issues previously escalated to specialists. User and device views cut complexity, long wait times and high escalation costs, resulting in faster end user resolution and greater productivity.

For more information, visit the Ivanti Neurons page on our website.

Find us on social to stay on top of the conversation: LinkedIn, Facebook, Twitter, and Instagram.

*Customer results are specific to their total environment and experience, of which Ivanti is a part. Individual results may vary based on each customer’s unique environment.

Remote Support During a Crisis

Tue, 17 Mar 2020 20:18:11 Z

The Challenge

With the current health crisis being faced across the globe, businesses are looking at how they can activate their disaster recovery and business continuity plans to support most of their workforce being remote. The current global situation has put a spotlight on every organisations ability in a health crisis or natural disaster to carry on functioning.

Ivanti is in the position to help organisations deliver continued support to their workforce, maintain security compliance and provide secure file access from anywhere.

Ivanti Cloud

A software as a service (SaaS) fully managed platform hosted from Australian data centers.

Ivanti Cloud provides IT teams unique capabilities to support and work with their remote users, including:

Perform diagnostics on a user’s machine with no remote session
Check the location of a user’s machine if lost or user is non contactable
Enable/disable or start/stop windows components, services and application remotely
Ability to network isolate and repair compromised remote devices
Perform scripted PowerShell tasks on a remote machine initiated from the cloud
Maintain visibility to security, health and inventory of your remote fleet
Covers Windows, Mac and Linux

As a SaaS offering the only thing you need to do is deploy the cloud sensor to your devices after cloud tenant provisioning. The sensor can be deployed via SCCM or provided to the user as a compiled installer to self-install. There is no professional service required to get this running, it’s turned on and you are ready to go.

Ivanti Security Controls

Ivanti offers industry leading patch platforms for remote and on premises patching featuring centralised reporting for both. The challenge faced by organisations is how to keep Microsoft and 3^rd party applications updated when many remote devices may not return to the corporate environment for weeks or months.

Using the Ivanti Protect Cloud, customers can patch machines via the cloud gateway. This means machines stay up to date with the latest security patches while they are disconnected from the corporate network. Importantly they automatically report back their compliance securely, so your organization maintains visibility of its current risk profile.

Security Controls does require an on premise/Azure/AWS install, but this can run on a Windows server virtual machine and can scale to thousands of remote devices. Devices must have the patch agent installed, this is managed through an automated email invitation. Detailed monitoring statistics are available for integration with solutions such as Splunk.

Typically, this configuration can be stood up in less than half a day, with little to no professional services.

File Director

With so many remote workers, ensuring they have secure access to key corporate data to do their job is imperative. This access when remote is commonly provided by a corporate VPN. With so many users accessing these VPNs during a crisis, some customers may find their VPN solutions reaching saturation.

Ivanti File Director provides simple, secure file syncronisation from Windows, Mac, IOS or Android devices. An on-prem virtual Linux appliance acts as a file proxy for the users to access both corporate file shares and cloud storage solutions. This access is available for all platforms including browser-based devices.

There is no requirement to move any data or change any file permissions. File Director integrates directly with Active Directory and provides granular data policies, and data wipe functionality. Detailed monitoring statistics are available for integration with solutions such as Splunk.

The virtual appliance can be uploaded to an existing hypervisor (VMware. Hyper-V) and configured in around 30 minutes.

What’s the Value?

Being able to deliver your users a consistent level of support, and full user experience is key in enabling them to successfully do their jobs, while working remotely for an extended period of time.

Ivanti solutions will deliver value in 5 key areas:

Ability to manage your users remotely & maintain business continuity and keep the lights on
Maintain the security compliance of your devices
Provide visibility to your remote fleet and their health, security and performance status
Subscription licensing to allow flexible, instant access to these solutions
Rapid deployment of these solutions can be achieved typically with no professional services

Next Step

Are You Ready for the New WannaCry? You Better Be!

Wed, 15 May 2019 18:30:01 Z

After the carnage and financial damage caused by WannaCry in 2017, here we go again. Yesterday Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, identified and reported to Microsoft by the UK’s National Cyber Security Centre.

This vulnerability is wormable, meaning it’s a pre-authentication and requires no user interaction and can jump from vulnerable machine to vulnerable machine. It is inherent in the RDP (terminal services) protocol and only affects Windows XP, 7, 2003, 2008 and 2008 r2. Modern operating systems are unaffected.

This vulnerability was seen as so severe, Microsoft took the uncommon step of releasing patches for unsupported operating systems.

Unlike WannaCry, this threat is seen as extremely easy to exploit. It took a leaked NSA tool to exploit the WannaCry vulnerability, whereas the fear with this one is that it will be much easier to take advantage of.

With a patch now available you can bet there are cyber adversaries out there reverse engineering the patch while I write this blog, getting ready to exploit organizations and individuals alike.

In Australia the problem looks like this today from a desktop OS standpoint: 21% of machines still run an affected OS.

It’s much harder to ascertain from a server OS standpoint what the exposure size is, as most servers are not internet-facing to get these stats. If the customers I speak to on a daily basis are anything to go by, there are still many pockets of these 2003 and 2008/r2 servers around.

Many of these older servers are Citrix server-based computing environments which will all be running RDS. I was listening to my favorite cyber security podcast last week (Darknet Diaries), and the host was talking to a penetration tester who did internal pen tests. He said when he is in an environment and he finds Citrix, that becomes his primary target. It’s a hub of applications, tools and privileges. If you have one of these legacy environments, make sure it’s patched!

A Rapid7 blog showed how internet scanning engine Binary Edge identified 16 million endpoints publicly available on port 3389 and 3388 typically reserved for RDP. With 67,338 endpoints internet facing for RDP as of July 2017. It’s not clear what OS these exposed servers were running.

So what’s the answer? You better get patching, ASAP!

With the latest versions of MS SCCM not supporting Windows XP and Server 2003, the job is going to be more difficult. Does this mean manual patching? Not necessarily.

Ivanti Security Controls provides our customers the ability to patch both XP and Server 2003, in an automated approach with complete visibility to status. Know if you are exposed rather than waiting on manual analysis and reports you don’t trust 100%.

If you want more information on how we can help protect you now, call +61 283787201.

365 Days of Accelerating Your Office 365 With Ivanti Environment Manager

Mon, 21 May 2018 22:35:02 Z

Wow, it only feels like 12 months ago since I was at the Ivanti booth at Citrix Synergy discussing with attendees all the great benefits Environment Manager (EM) can bring to help accelerate their Office 365 projects. Wait a second, it was 12 months ago! Time flies when you are having this much fun.

Recalling back, what was even more satisfying was the real-world examples of how our customers were already using Environment Manager for just that. For the uninitiated, it has been possible for some time to manually configure our Policy engine to roam large application caches such as OST, OneNote and Skype GAL, and by introducing our best practices whitepaper, we made this a step easier for customers.

Fast forward from May 2017 to February 2018 and with the release of EM 10.1 FR4, we stepped up our game a notch further by making it even easier for customers to roam essential Office 365 caches with a set of new policy actions to provision and manage VHD containers and also effortlessly configure our out-of-the-box Cache Roaming actions for applications such as Outlook, Skype & OneNote.

This has been a great hit with customers and partners. But don’t take our word for it. Read an impartial view from Alchemy Group.

Below is a summary of the extent of EM 10.1 FR4’s Cache Roaming capabilities:

Note that a few of the items on this list have been attracting great discussions within our community, and it is worthwhile explaining further:

OneDrive: Having the ability to roam a user’s OneDrive cache massively improves experience within non-persistent environments, and we are very excited that we now have this working in the lab and can demo it on request. We’ll add it to the product soon! Voice your support via a vote on our User Voice portal here to stay updated.

Concurrency: Using our contextual Policy engine, customers can take the necessary steps required to ensure that users who may have concurrent sessions receive the correct behavior. Some of the common scenarios that are available today are:

Connect to a secondary cache if primary is unavailable
Configure the user’s session for Exchange Online mode should their primary container be unavailable
Or, even if the user’s container is unavailable, prompt the user with a message and auto-logoff their session

Example configuration snippets will be available on Ivanti Marketplace very soon to kickstart your deployment!

Search: Roaming a user’s mail search also frequently comes up in conversation. This is the most intriguing of topics especially since the advances in Outlook 2016 Fast Search, discussed in the following article, outlines the benefits of relying on this as opposed to Windows Search (and its legacy issues around index rebuilds).

Our testing to date shows minimal returns in comparison, and we welcome any discussions or experiences that may differ with our research via our User Voice portal here.

Beyond Cache Roaming...

We should also reiterate the depth of the Office 365 benefits we provide to our customers with the following range of out-of-the-box features for both physical and virtual environments:

Automated Outlook Signature Creation

Customised corporate signatures can be configured and deployed to ensure the latest template is in use.Combine with AD Session Variables as demonstrated here by Ivanti’s James Simpson.

Office Application Lockdown Wizard

Go beyond Group Policy control with our Lockdown Policy action to control access to all the key Office features. Remove or lock down content to help simplify the user interface for users or address potential security loopholes. A key use cases includes the ability to prevent printing from remote ICA sessions or IP address range.

Office 2013/2016/365 Personalization Templates

Apply personalization, on-demand at application start/stop, to ensure efficient profile management that can be managed from our central Web console.From 10.1 FR2, customers can also configure Geo-Sync to ensure a consistent experience where users may roam between geographic locations and require access to their personal settings from different Datacenters (Cloud or on-premises).

Office Shared License Token Roaming

Microsoft introduced Shared Activation roaming in Office 365 with version 1704 and by applying our templates as below, EM Personalization ensures seamless roaming of thesesettings across sessions.