What's New

Discovery has now been split into three distinct areas:

• Discovery Scans
• Active Discovery Settings
• Passive Discovery Settings

Admin > Discovery > Discovered Devices has been removed from the user interface to simplify the user experience. All discovered devices are visible from the main Neurons Devices view. This eliminates the chance of out-of-sync device data, that could potentially cause duplicates or conflict with device data shown in the main Devices view. This also improves the performance when querying and adding endpoints for agent deployment.

The concept of a Deployment Representative no longer exists. In order for Active Discovery to elect a scanner, any endpoint with the Active Discovery capability enabled as part of the agent policy, can now be elected as the active Scanner.

Learn more about Global Discovery and Agent Policy Capabilities.

Ivanti Neurons now offers Role Based Access Control for Discovery so that Administrators can lock down the Discovery area of the UI to non-admin users. Modify, View, or No access Permissions can be granted. By default, the Admin role has Modify access, the Analyst role has View access and all other roles, including custom made roles, have No access.

Learn more about Access Control.

Accessed via the icon in the Description column of the Logon Session Details query. This query compares, among all users, the performance of a specific activity that is part of the logon process (for example: applying User Policies). Making it easy to understand which users experience a long duration for the selected activity. It is also possible to drill down on the Action Count, to get a detailed overview that visualizes the activity duration over time.

This summary query helps you understand how many crash dump files are present on devices and when they were created. There is also an option to drill down into an additional overview showing you more details per crash dump.
This query provides the information that was previously available in the now defunct Blue Screen Crashes query.

• The Blue Screen Crashes query has been renamed to Unexpected Shutdowns.
• The Blue Screen Crash History query has been renamed to Unexpected Shutdown History.

This query has been enhanced and now also reports on applications that are installed via the Windows Store (appx). Additional columns have been added, including 'Username' and 'Install Type'. This information clarifies if the application was installed for a specific user, or for global use on the device.

Because of a configuration change, the IP address that must be accessible for the Edge Intelligence Location sensor has changed.
If you use allow-rules based on IP addresses in your firewall, please add the new IP address (20.77.156.110) to the allow-list.
For more information about firewall rules, see Required URLs, IP addresses and ports.

Bot surveys which leverage the rating stage/sentiment stage will now automatically generate AI analysis, with no additional configuration required, when 10 or more responses are received. This comprises of an overall survey summary, along with a per-open-ended question analysis, which includes summarization, drillable topic modelling, and sentiment analysis.

New to bots is the ability to target people groups. This is an area of expanding functionality, in this release it provides the capability to interact with users for non-technology centric use cases, as well as being able to capture and slice survey results on organizational context such as department, location, and role. Learn more about Target Types.

The ITSM Ticket (Create or update) stage has been enhanced to allow more granular control over asset linking, de-duplication control, reusing existing ticket IDs, and 1:many scenarios to expand the use cases available through ticket automation.

The Map Network Drive stage has been enhanced to support token inputs. This allows context to be passed in dynamically at the time when the bot is run, such as by a help desk analyst.

The bot-level access controls now supports specifying roles, in addition to users, to control which bots are available to which users in the Devices view.

NPS survey type is now supported. This formats the question appropriately, as well as representing the survey score in NPS format.

When creating a download action, there is now an option to open an explorer window and connect Azure Blob storage directly to choose a file. Credentials for Azure are created in Admin > Credentials.

Learn more about Cloud file explorer.

Linux configuration options now include the ability to deploy updates included in a Patch Group. This enables administrators to define specific updates allowed to install, and prevent any other updates from being deployed. This provides strict change controls to the Linux systems. Learn more about Creating a Custom Patch Configuration.

Compliance Reports can now be archived if they are no longer being used. The ability to Archive and Restore Compliance Reports allows admins to hide or remove from services those artifacts that are no longer needed. This enhancement eases the management of reports allowing for cleanup of unused or unnecessary reports to reduce noise or clutter. Learn more about Compliance Reporting.

Configurations in Patch Settings can now be archived if they are no longer being used. The ability to Archive and Restore Patch Configurations allows admins to hide or remove from services those artifacts that are no longer needed. This enhancement eases the management of configurations allowing for cleanup of unused or unnecessary configurations to reduce noise or clutter. Learn more about Patch Settings.

CVSS v4 has released and vulnerabilities will start to be assessed against this new version in 2024. Support for CVSS v4 has been added so when data starts showing up, we will display the v4 scores, as well as earlier scores where applicable. This allows organizations to take advantage of the more robust capabilities of the new version.

Management of Agent Policies has been re-designed to improve user workflow and to add flexibility to how policies are managed.

A list of agent policies is available detailing the policy name, version, how many endpoints it’s assigned to, who modified the policy and the last modification date. From here policies can be viewed (in read only mode), edited or deleted.

A new, more intuitive user interface simplifies the process of selecting Neurons capabilities, whilst enhancing the flexibility of what can be deployed to endpoints.

This includes the ability to:

1. Pick and choose any combination of engines or capabilities to assign to endpoints, for example, patch management settings can now be included in Default Agent policies.
2. Infrastructure components, including deployment and connector capabilities can co-exist on the same endpoint or be patched.

Furthermore, the concept of ‘Deployment Representatives’ no longer exists. In order to achieve deployment of agents and capabilities to endpoints, any endpoint with the ‘Deployment’ capability enabled as part of its policy can now be used to deploy out to other endpoints.

New out-of-the-box policies are available for new customers, to help faster-time-to-value, including a Default Agents policy and Infrastructure Agents policy (which includes Discovery, Deployment and Connector Server capabilities).

These changes future proof the platform so that new, or additional, Neurons capabilities can be added into the policy interface easily.

Learn more about Agent Policies.

Enrollment keys are used to register agents with a customer tenant and apply the relevant agent policy to the endpoint.

These enrollment keys contain both an expiry date and a maximum number of endpoints that can be enrolled using the key. As enrollment keys have always been hidden from the UI, several customers have fallen foul of these enrollment keys either expiring or being depleted. When that occurs, agents can no longer register with the tenant.

By exposing the management of enrollment keys in the user interface, customers can now ensure new endpoints can enrol successfully.

Another major benefit of exposing these enrollment keys, is that until now, it’s not been possible to download an agent from a tenant and have it automatically enrol into a bespoke policy, so that a customized mix of capabilities can be installed.

By exposing the management of enrollment keys, customers can track expired or depleted keys, create new ones to replace them and register new agent installs directly into a policy of their choice, thus reducing admin overhead.

Learn more about Enrollment Keys.

A new Agent Management page has been added to the User Interface. This will provide a high-level summary of all devices with Neurons agents installed and show which policy has been assigned to that device. This will be filterable by policy to quickly find all devices with a given set of capabilities.

From here, it will be possible to re-assign a different policy to selected endpoints, retry failed installations, uninstall agents, or delete endpoints from the list.

The state of the agent install on the device will be easily visible and any failed or pending installations will be highlighted. Again, it will be much more straightforward to fix issues with installations stuck in a ‘pending’ state.

This page is also where we’ll be looking to add links to agent health status in future, the go-to location for customers to troubleshoot platform and capability issues far more easily.

Learn more about Agent Management.

Previously Ivanti Neurons contained an Agent Management page that was used only for the download of Default Agents for Windows, macOS and Linux endpoints. It offered no real agent management capabilities.

The existing Agent Management page for downloading agents has been removed and replaced with a specific Manually install an Agent page, which is more intuitive and simpler to use. From this new page, customers can specify a custom policy and enrollment key, and automatically install and register the agent on the endpoint with a specific policy.

Learn more about Manually Install Agent.

A new Push Install or Deploy with Ivanti Neurons page for installing agents from the cloud directly onto endpoints has been added to the tenant.

Previously, agent deployment was tied directly in with agent policy creation. This has now been separated out to make it simpler for admins to deploy out agents, and who do not require access to edit policy settings. This lays the foundations for us to apply more granular RBAC settings in the future.

The ability to target endpoints for agent installation via the use of Device Groups created in the main Devices view, makes agent deployment much more flexible and is the first step towards dynamic agent policy assignment – which will eventually provide the ability to have discovered endpoints auto-register themselves into a specific policy based on conditional logic associated with device rules (this will be delivered in a future release).

This page will also enable customers to re-install agents in the event of failed installations, and to fix problems where devices get stuck in a ‘Pending Install’ state.

Furthermore, it will be possible to provide separate Windows, macOS or Linux installation credentials when attempting to install the agent, which will lead to fewer failed installs.

Learn more about Deploy Agent with Ivanti Neurons .

Ivanti Neurons now offers Role Based Access Control for Agents so that Administrators can lock down the Agents area of the UI to non-admin users. Modify, View, or No access Permissions can be granted. By default, the Admin role has Modify access, the Analyst role has View access and all other roles, including custom made roles, have No access.

Learn more about Access Control.

The People view now has all attributes exposed to filter on. This makes it much easier to find the desired people records.

The People view has a more comprehensive list of column options that have been implemented to choose from.

New iteration of Dashboards, featuring enhanced capabilities for data visualization. Work seamlessly with curated and pre-processed device data. There are four essential chart types: pie, bar, table, and big number.
Furthermore, the Dashboard designer now offers a comprehensive suite of customization features. This allows you to fine-tune your dashboards according to your specific requirements. This update aims to empower you with advanced data visualization tools for in-depth analysis and exploration.

Learn more about Dashboard Designer.

The Software Inventory page now shows a single, consolidated list of all the discovered software in your estate. The list now includes both titles that have been matched with items in the Definitive Software Library, and those that haven’t, giving you a single place to find information about the software installed on devices. Learn more about Software.

In addition to being able to export the list of all discovered software titles in your estate, you can now also export the list of devices where selected titles are installed, giving you greater insights into your software inventory. Learn more about Software.

An improved filtering control has been added to the Software Inventory view. This helps you to view your data in a more meaningful and structured way. Learn more about Software.

• A new Remote-control policy has been implemented that allows for the end user prompt to be disabled. This eliminates the need for an end user to be present to approve a remote-control session.
• The Remote Control engine has been updated to make it more reliable and dependable.
• New features:
  • RC integrated chat feature
  • File transfer
  • Remote execute

User Workspace Manager 2024.1 has been released and the Ivanti Neurons Agent has been updated with the new versions of the Environment Manager, Application Control, and Performance Manager engines. To ensure compatibility, you should upgrade all configuration consoles to the latest release. The applications can be downloaded from the Ivanti Community.

Learn more about What's New in Environment Manager, What's New in Application Control, What's New in Performance Manager.