New Features V2022.x
V2022.4
It is easier than ever to find the right device you are looking for. A new search bar searches through all the fields visible in the Device Explorer and automatically moves the focus to the string found. You can also use the keyboard to move to the next search result (F3) or move to the previous result (Shift + F3).
For more information about the Device Explorer, see Working with Device Explorer.
End-Users can now encrypt USB storage devices larger than 2TB (non-portable encryption) directly on the client. There is no longer any need to involve an Administrator.
The limitation of a three digits time-frame while creating a maintenance task has been removed. You can now select up to 9999 days for entries to keep.
Configure which notifications your end-users see, and which they don't. This will reduce "notification fatigue" for end-users where they ignore all notifications.
You can configure the filter using Regular Expressions, so there are no limits.
Examples on how to use Regular Expressions can be found in the help.
For more information, see Notification Filters.
Starting with this release, we officially support Microsoft Surface devices based on ARM64 architecture.
With this enhancement we are able to reach even more endpoints and increase the security in your environment.
For more information about supported operating systems, see the separate System Requirements.
The documentation for the Client Side SDK API is now available at help.ivanti.com.
V2022.3
Ivanti Device Control controls all devices, even if you have a cloud first strategy. IDAC can help not only to allow and block certain cloud drives, but also provides full visibility of which files have been copied to and from the cloud drive, enabling you to always know where your files are.
Application Boundary (Cloud Drive Management) is a new feature for logging and controlling cloud drive applications. A small subset of its functionality was made available as a public preview with V2022.1, and the enhanced functionality is now fully available in this release.
For more information, see Application Boundary Configuration tool.
You can now log every INSERT event for optical media regardless of the previous insert media hash using the sxopt Tool. Two states are available:
0: Disabled (default)
1: Enabled
For further details, contact Ivanti Technical Support.
The handling of Bluetooth connected devices has been improved by also including the UniqueID. This improves the identification of individual Bluetooth devices, and also enables you to set individual permissions on a single instance of a device. For example, if you have several headsets of the same model, you can selectively grant permissions to individual instances instead of to the entire group. This allows granular permission setting and avoids having to set file transfer permissions for Bluetooth by default if you want to allow the usage of Bluetooth headsets.
The MacOS client agent can now handle the Wifi and Ethernet Class in the same way as on the Windows side.
The Client Status report now includes an additional column to provide an overview of which client is protected using the BitLocker System Drive Encryption - and more importantly, which client isn't currently protected.
This will enable you to quickly identify potential security risks.
For more information, see Client Status Report.
You can now copy the recovery password from the Recovery Password dialog to send to users when using BitLocker system drive encryption.
For more information, see BitLocker System Drive Encryption.
For more details about the release, including the issues fixed, see the Ivanti Community.
V2022.2
You can now manage, store and retrieve BitLocker recovery keys directly from the Management Console by entering the Recovery ID. The first six digits are sufficient to retrieve the key. This enhances the BitLocker system drive encryption as you don't have to manage the recovery keys separately using a different interface.
For more information, see BitLocker System Drive Encryption.
There is a new report that displays all inactive clients (clients that haven't communicated with the server for more than 30 days) that have a direct permission assignment within the Management Console. This could be either an individual permission assignment or a change of the default options on the computer level.
This enables you to identify clients that potentially no longer exist but that still have permission entries in the Management Console. By leveraging this information you can decide whether this client is still needed in the Management Console, or whether you can remove the permissions to concentrate on information in the Management Console that matters.
For more information, see Client Status Report.
The Client Status report now includes additional information about the FIPS status. This helps you to determine whether or not the FIPS mode has been configured correctly for each client.
For more information, see Client Status Report.
We increased the loading speed of the scan results within the Scan Explorer and Exe Explorer. Also adding additional files to file groups within the Scan explorer provided a performance boost.
For more information, including issues fixed in this release, see the V2022.2 Release Notes on the Ivanti Community.
V2022.1
Functionality to control PowerShell Scripts. Allow/Deny option handled in similar way as VB Scripts. IDAC determines the specific scripts based on a checksum which then can be either allowed or denied from running.
On the Tools menu in Application Control, click Default Options then on the Computer tab set Powershell Protection to Disabled or Enabled as required. For more information, see Computer tab.
Ability to control the data traffic from and to OneDrive. You can either allow or deny the file copy actions. We also implemented the ability to shadow the file names. Within this release, this feature is in "Early Adopter" status and therefore doesn't have any UI implementation. The functionality and how to configure it is outlined in this Knowledgebase article.
All reports created from within the console (SMC) are now created as a *.CSV file in addition to the *.HTML file. The CSV file can be used to a much greater extent to be further processed by a third-party software. This means you might be able to create additional reports and have greater visibility based on your company processes.
The *.CSV file is stored in the same location as the *.HTML.
After creating, the report opens in HTML format as before. Within the HTML format a button is shown to open the related CSV file to review.
For more information about reports, see Using Reports.
The move to 64-bit on the server side increases performance and stability of the console (SMC) and future-proofs the product.
As a result of this, there are some changes to the installation instructions (for more detail see the Quick Start help). For more information, see this Knowledgebase article.
For new installations
- The default installation folder has changed from Program Files (x86) to Program Files
- The license file needs to be in the System32 folder (not SysWow64)
- sxs64.exe and sxsproxy64.dll are installed in System32
- The folder IDAC.SXS.Net is installed in System32
For upgrade installations
- The installed folder remains the same as before the upgrade, which is usually Program Files (x86)
- The license file is copied to System32 from SysWow64
- The files appconfig.json and SXS.Net.Host.NLog.config from the folder IDAC.SXS.Net are moved to System32 from SysWow64
Ability to install the IDAC agent on and manage Windows 10 version 21H2, Windows 11, and MacOS Monterey devices.
For the complete supported platforms, see System Requirements.
For information about differences in behavior for MacOS Monterey, see this Knowledgebase article.
For more information, including issues fixed in this release, see the V2022.1 Release Notes on the Ivanti Community.