What's New
Version 2025.1 January
Ivanti Neurons Platform
The Agent deployment for Linux install includes important notes and system modifications.
Learn more about Agent Deployment.
Ensure that the devices must allow or enable at least one of the ciphers from the list for Agents to work efficiently.
For more information on ciphers used by Neurons Agent, see Ivanti Neurons TLS 1.2 Configuration.
Support for MacOS 15.x is now added to the support matrix in Operating System Compatibility Matrix.
Agent Health allows administrators to ensure optimal performance of their Ivanti Neurons agents within their estate. By providing a centralized and actionable overview of Agent Health, it simplifies the process of identifying and resolving issues that can disrupt operations.
-
Proactive monitoring and diagnosis: Agent Health enables administrators to self-diagnose issues without relying on vendor support. This proactive approach minimizes downtime and enhances the reliability of your Ivanti Neurons implementation.
-
Comprehensive agent filtering: Administrators can quickly filter views to show agents that are overdue for check-in, missing entirely, or have been duplicated. This feature ensures that no endpoint issues go unnoticed, allowing for prompt corrective action. Learn more about health filtering.
-
Intuitive traffic light system: The health of each agent is visually categorized using a traffic light system:
-
Green (Good): Agents operating as expected.
-
Amber (Moderate): Agents with minor issues that may require attention.
-
Red (Poor): Agents with critical problems that need immediate resolution.
This visual system makes it easy to prioritize troubleshooting efforts and focus on the most urgent issues. Learn more about the health indicators.
-
-
Detailed drill-down analysis: For agents marked as Moderate or Poor, administrators can drill-down into individual agent endpoints to access detailed insights into specific issues. This granular visibility accelerates root-cause analysis, ensuring faster time to resolution.
-
Integrated Help resources: Built-in links to Help content provide remediation assistance tailored to the identified issues. These resources empower administrators to resolve problems efficiently without extensive technical expertise.
Agent Health not only enhances operational efficiency but also boosts confidence in Ivanti Neurons implementations by providing the tools and information needed to resolve issues independently. It reduces the time and effort spent on troubleshooting, mitigates potential security risks, and ensures a seamless user experience.
Learn more about Agent Health.
Two new chart types are now introduced in Dashboard Designer, Pivot Table and Histogram. These chart types allow users to drag and drop fields to create customized insights, including device counts and storage usage.
-
Pivot Tables enable dynamic summarization and aggregation of datasets. The pivot table facilitates interactive data exploration.
-
Histograms offer a clear visualization of continuous variables, such as available storage, in a bar-chart format, making it easier to identify distributions and patterns. The histogram displays continuous data ranges.
These updates enhance data visualization for both administrators and customers.
Learn more about Dashboard Designer.
Audit Trails
Audit Trails is now available by default, to all administrators in technical preview. Administrators can delegate these permissions to other roles.
Audit Trails offer a detailed log of user activities and system events to enhance visibility, accountability, and compliance. During the preview, it is limited to Power Management and Patch Reports events, with customers able to access up to 30 days of event history. The feature includes filtering and search capabilities, enabling users to easily locate specific events.
Learn more about Audit Trails.
Authentication
External authentication (SSO) methods for Entra ID Authentication (SAML), Okta Authentication (SAML), PingOne Authentication (SAML), Google Authentication (OIDC), and Google Authentication (SAML) are now supported with this release.
Once Auto Provisioning is enabled, everyone who has access to the Entra ID App Registration will also have access to Ivanti Neurons. Users can also restrict access to certian users or groups from within the Entra ID portal.
For more information, see Microsoft Azure documentation. Learn more about Configure Auto provisioning in Entra ID Authentication (OIDC).
Security
Ivanti connectors enable you to import data about your organization, such as device or user data, into the Ivanti Neurons Platform. Use the Security > Exposure Insights page to view the high-level overview of your organization’s exposure details. Ivanti Neurons Exposure Insights dashboard displays a list of Exposures found.
Learn more about Security.
Support Users
Navigate to Admin > Support Users, a new location to invite an external support technician to temporarily access your Ivanti Neurons tenant.
Learn more about Support Users.
App Control
Offering additional flexibility for rule creation, App Control now supports rules that are triggered when a particular process launches an application. This offers administrators the ability to enable sub-processes only when they are launched by legitimate means.
Self-elevation gives users the flexibility to have elevated privileges for essential tasks, while giving administrators a view into what those tasks are and an understanding of why they are important. Self-elevation offers a good compromise when you want to remove local administrator rights, but not impact productivity.
Learn more about Self-Elevate Rule.
Complex organizations require highly customized configurations to meet all the business requirements. Tagging and search capabilities are now available to make it easier for you to categorize configuration rules. Rules can be individually tagged with labels that enable them to be located easily when reviewing configurations.
Categories can be created or added to the rule on the Save Rule and Rule Summary page. See the relevant Rule topic for details.
App templates are a useful tool for organizing related applications. Ivanti is now publishing many of the common app templates, out-of-the-box, as defaults so that you can use them. It is also possible to edit these templates, if required.
Learn more about App Templates.
We have introduced some usability enhancements to the App Control Overview dashboard charts:
-
Timeline: You can now filter the chart data to the last 30, 14, 7, 3, or day time period executions. You can also expand the pie charts and switch to a timeline chart.
-
Parent process: You can now see the parent process for a particular file along with some more metadata about it. When creating rules for configurations there are more options for which data to include.
-
Hide files/applications: You can now hide items from the charts and the table that are no longer of interest, for example if they have already been acted upon, such as they have already been included in a rule.
Learn more about App Control Overview.
App Distribution
Users can deploy the App Portal to Windows devices. It contains applications assigned to the end user, allowing them to install them, as required.
Learn more about End User App Portal.
The retry action causes a device to immediately check in and process the app associated with the deployment status record. Up to this point it has been limited to one device at a time. Administrators can now select multiple device records and choose a retry action which appears at the top of the grid view.
Learn more about Using Retry for real-time app distribution in App Distribution Deployment Status.
The distribution name is now included as a column in the Deployment Status screen.
The Distribution column shows the name of the distribution that the device is assigned to. This information helps to quickly find how a device is being targeted in an app distribution.
Learn more about App Distribution Deployment Status.
Bots for Healing and Workspace
The new Bots feature is enhanced to support exporting output results as a CSV file attachment via email. A new option is available in the email stage, allowing users to embed a CSV file. Users can select specific output fields from the previous stage to include in the CSV file, offering greater flexibility and customization in how data is shared.
Learn more about Exporting in Email Report Stage
A new filter feature is introduced to organize Bots and Bot templates more effectively. Users can now view Bots or templates based on category and can create custom categories and assign uncategorized Bots or templates to these custom or existing categories. This enhancement improves the search and filtering mechanism. It also allows users to locate and manage Bots and templates more efficiently.
Learn more about Categorize and Group Bots in Neurons Bots homepage.
Search functionality is added to the Bot Templates section, thus eliminating the need to guess the section where a specific template might be located. Users can now easily search for Bot templates using matching text , or (as before) by filtering based on categories. This enhancement streamlines the process of finding the desired template, saving time, and improving the overall user experience by offering a more intuitive and efficient way to navigate through bot templates.
Learn more about Search feature in Neurons Bots creation
A new Delay Stage is introduced, that allows users to configure workflows to pause execution for a specified duration before proceeding to the next stage. This feature provides enhanced control over workflow timing, enabling users to introduce intentional delays to accommodate dependent processes, external system readiness, or time-sensitive tasks. The delay duration can be customized to meet specific requirements, ensuring smoother execution and better alignment with overall workflow objectives.
Learn more about Delay stages in Neurons Bots Stages.
This feature allows users to rename individual workflow stages with custom, descriptive labels to enhance clarity and understanding.
Learn more about Rename stages in Neurons Bots Stages.
This feature allows users to configure the timeout duration for the "download" stage within workflows. Currently, the timeout is fixed, which may not accommodate all scenarios, especially when dealing with large files, network latency, or variable download speeds. By enabling a configurable timeout, users gain the flexibility to set appropriate time limits based on their requirements, ensuring workflows remain resilient and adaptable. One can set the timeout value between 1-6 hours.
ServiceNow integration now includes enhanced ticket automation, with new action stages introduced for creating and updating ServiceNow tickets seamlessly with an option to avoid the duplication of incidents.
Learn more about ServiceNow in ServiceNow Incident (Create or Update).
Newly created and updated stages in the Neurons platform will now be flagged to enhance visibility and awareness of feature enhancements. Users can easily identify these stages when creating bots, as these stages are highlighted next to the stage list. This improvement is designed to ensure better accessibility and utilization of newly added or updated functionalities.
Learn more about Call outs in Neurons Bots Stages and Neurons Bots creation.
The Console Output Limitations in PowerShell Script Actions is now captured in Troubleshooting Neurons Bots.
Connectors
-
EPM connector filters out archived and disposed devices while importing devices from the Asset Control.
Learn more about Devices. -
Users can now apply filters based on Device categories.
Learn more about Insight connector. -
The Device Threshold filter is available for the SCCM connector. Configuring this filter will retrieve devices based on the specified number of days.
Learn more about Microsoft Configuration Manager connector. -
The Device Threshold filter is available for the Patch for SCCM connector. Configuring this filter will retrieve devices based on the specified number of days.
Learn more about Ivanti Patch for Configuration Manager. -
The Stale Threshold in Device and User filters are available for the ServiceNow connector. Configuring this filter will retrieve devices and users based on the specified number of days.
Learn more about ServiceNow connector. -
The Device Threshold filter is available for the Virima connector. Configuring this filter will retrieve devices based on the specified number of days.
Learn more about Ivanti Neurons for Service Mapping connector - BETA. -
By default, devices from Asset Control will not be imported.
Learn more about Ivanti Endpoint Manager connector.
Edge Intelligence
A new sensor Network Interfaces now replaces Network Adapters and shows all the connected and disconnected network interfaces along with all basic network information such as IPv4, IPv6, and the SSID of the network.
Additional properties Deciding Rule and Auditing Mode are added to the Application Control Denied Executables query. This information displays when you view event ID's 9000, 9060, and 9061.
An additional option Column Chooser is added to all query widgets that allows you to edit table columns. When you open the Column Chooser, you can add, remove, and reorder columns of your interest. The changes will be saved as per the browser and individual user so that you can easily re-execute the query with the changes already applied.
Learn more about Column Chooser in Edge Intelligence
Platform and Operating System additional properties are included in the Ivanti Edge Intelligence Configuration > Targeting configuration section. When you configure the conditions in the Filters section, these properties are present whether you create a new target or modify an existing target.
An additional option, Toggle fullscreen view, is added to all queries showing a map. This allows you to toggle the map to fullscreen view or revert it back to the previous view.
Ivanti Neurons for Workspace
Inventory scanner, scans the database for software, asset, and hardwarae information. When a tenant is registered with Neuron, the default settings are applied. Two new settings have been introduced to the Admin > Inventory settings page.
-
WMI settings - Searching for file extensions in the WMI helps find vulnerabilities. You can choose the files you want to search as that may contain those vulnerabilities.
-
Registry key settings – Searching for custom registry keys lets you gather valuable information on a device. Scripts can be created to include cost center, asset tag etc. The administrator requires this custom information as part of the device record.
Learn more about Inventory Scanner settings.
A new section for Calculating Dex Score is added to help calculate the dex scores for Devices, People, and Organization.
Learn more about Calculating Dex score in DEX Scores.
Patch Management
We are releasing six new OOTB Report Templates:
- Devices by Patch Detailed
- Patches by Device Detailed
- Devices by CVE Summary
- Devices by CVE Detailed
- Deployment Detailed
- Monthly Maintenance
The Devices by CVE Summary report offers a vulnerability-centric view of your environment, highlighting affected devices for better risk assessment and level of exploit impact. The Monthly Maintenance report tracks Regular Maintenance, Priority Updates, and Zero-day Response activities over different time periods. Our four new detailed reports provide a deeper, more granular analysis compared to summary-level reports, giving you comprehensive insights into your patching and vulnerability landscape.
Learn more about Reports.
Filtering capabilities are now enhanced allowing you to easily filter reports to display only missing patches. This improvement streamlines report generation, helping you quickly identify and address gaps in your patching process.