Ivanti Wake on LAN Overview

Ivanti Wake on LAN is a Ivanti Endpoint Security module you can use to power on endpoints within your network without physically turning them on. With this capability, daily management tasks are simplified, desktop and laptop energy consumption is reduced, and system management tasks that interfere with employee productivity are prevented.

Ivanti Wake on LAN (WOL) is a module you can install within Ivanti Endpoint Security. Use this module to control the power status of endpoints within the network (on or off), thereby managing tasks that occur at a specific time each day.

Using WOL, you can ensure swift deployment of critical security patches and ensure that every endpoint within the network is powered on during scheduled patch assessment. These functions are especially beneficial to organizations with networks containing thousands of endpoints. Using WOL, you can perform maintenance tasks for multiple endpoints after regular business hours, thus minimizing employee productivity disruption.

Advantages of Using Ivanti Wake on LAN

Ivanti Wake on LAN contains features that benefit administrators of networks of all sizes. With Ivanti Wake on LAN, you can maintain large networks containing thousands of endpoints or smaller networks where an administrator only manages a handful of endpoints.

The benefits of using Ivanti Wake on LAN features:

  • Enables administrators to complete administrative tasks following business hours using other Ivanti Endpoint Security modules. Wake endpoints according to a schedule or using the Wake Now feature, regardless of operating system version.

  • Because endpoint maintenance can be performed following business hours, employees can operate their endpoints without interruption during business hours.

  • Because endpoints can be woken, employees can power off their endpoints following business hours, leading to reduced power consumption.

  • Ivanti Wake on LAN improves the likelihood that mobile network devices and hardware (devices with unpredictable use patterns) are scanned and updated more frequently, returning them to a state of security policy compliance.

  • Ivanti Wake on LAN automation features ensure administrators do not have to repetitively schedule wake times.

  • Ivanti Wake on LAN requires minimum maintenance.

The Ivanti Wake on LAN Process

When getting started with Ivanti Wake on LAN, you should perform Ivanti Wake on LAN in a recommended sequence to use the product effectively.

  1. Install Product and Agents

    Install Ivanti Endpoint Security on a server and Ivanti Endpoint Security Agent on network endpoints. Installing these products creates the infrastructure to wake network endpoints without being physically present at the endpoints.

  2. Install Module

    Install the Ivanti Wake on LAN module (the Ivanti Wake on LAN module server component) on the Ivanti Endpoint Security server. During this process, all components needed to send network endpoint wake requests are installed.

    By default, the Ivanti Wake on LAN platform module is installed with Ivanti Endpoint Security. Therefore, installing the module manually is usually unnecessary.

  3. Install Wakepoints

    Define wakepoints. During this step, the Wakepoint module (the Ivanti Wake on LAN module endpoint component) is installed on network endpoints hosting agents. Wakepoints are agents that relay server wake requests to other agents in the wakepoint's network segment (VLAN). Each network segment should contain at least one wakepoint. However, Ivanti recommends installing several wakepoints in each network segment in the event that a router blocks a wake request.

  4. Schedule Wake Times

    Schedule wake times. During this step, you define how Ivanti Wake on LAN schedules the time to send endpoint wake requests. You can schedule wake times using either agent policy set hours of operation or a custom wake time assigned to specific groups. After the wake time is scheduled, Ivanti Wake on LAN broadcasts wake requests at the scheduled time, and network endpoints are woken.

    You can only schedule wake times using agent hours of operation if the Patch and Remediation module is installed.

About Wake Requests

To power on endpoints, Ivanti Wake on LAN sends Wake Requests: network packets that contain code that wakes recipient endpoints from a suspended, hibernating, or powered-off state.
Most network interface cards support a listening mode, enabling them to receive network packets even when the endpoints that host them are powered off, hibernating, or sleeping.

Although WOL can wake endpoints from an off state, most network cards include security features to prevent remote boots. Therefore, Ivanti recommends using WOL to wake endpoints in a sleeping or hibernating state.

Wake requests are sent from the Ivanti Endpoint Security to wakepoints. These wakepoints then relay the request to managed endpoints. For additional information about wakepoints, refer to About Wakepoints.

Wakepoints use limited broadcast to relay wake requests to agent-managed endpoints within their subnet. During limited broadcast, the wakepoint sends the wake request to the 255.255.255.255 IP address. By sending the wake request to this address, a wake request is sent to all endpoints within the subnet. When managed agents receive the wake request, their host endpoints are woken.

Wake requests send packets called magic packets. Magic packets include the broadcast address (255.255.255.255) and endpoint MAC addresses, which are discovered using the Ivanti Endpoint Security Agent. When managed endpoints receive this request, they are powered on after recognizing the broadcast address and their unique MAC address.