Secure Configurations

This page details the Neurons for ITSM content related to the Administrator role, their tasks pertaining to secure configuration and administration and all security components in ITSM that are required to be aligned with the FedRAMP guidelines.

User roles in ITSM

In ITSM, the user roles are broadly defined under three user categories –

Administrators – are users managing the overall administration of Neurons for ITSM and monitoring its operational health. Administrators have access to all modules and configuration of workspaces.

For most configuration tasks, you must log in as an administrator and work in the Configuration console.

Common administrator tasks include the following:

•Defining the security structure.

•Add users to roles to control access to the system.

•Constructing business objects used to capture and display data in the environment.

•Designing the workflows required to process information.

•Defining the schedule of escalation for processing incidents, tasks, and service requests.

Users – are the IT support staff who manage service requests, problems, and incidents, for example, Service Desk Analyst, Service Desk Manager, and Change Manager.

Self Service Users – Employees and external customers who use the Self-Service portal to request IT business services, such as reporting a service interruption or ordering a computer. Users in the Self-Service portal can also create incidents and check the status of existing incidents.

For more information, refer to Types of Users.

Adding Users to the System and Assigning Roles

The Administrator manages user access by adding new users to the system and assigning roles to ensure required permissions and responsibilities are set for users to function and carry on with their responsibilities.

For more information, refer to Adding Users to the System and Assigning Roles to Users and Setting up Roles.

Secure Login

The Administrator ensures secure login to the application by managing authentication settings, enforcing strong password policies, managing session timeouts, and more.

The following topics have in-depth information regarding assigning user roles, setting up users, accessing URLs securely,

•Setting Up User Login

•Logging in or Accessing Records Using URLs

•Configuring Anonymous User

•Application Security

•Role-Based Security

•Controlled Access

Provisioning and Decommissioning of Tenants

The following topics have in-depth information regarding provisioning and decommissioning of tenants:

•Deploying Neurons for ITSM

•Using Development Project

•Decommissioning of tenants – To decommission a tenant, raise a ticket to the Ivanti Operations team.

Administrator-Only Security Controls

Administrators ensure application security by configuring authentication settings restricted to top‑level accounts, with clear security implications.

The following topics have in-depth information regarding authentication methods and security settings:

•Authentication

•About external authentication configuration

•Setting up ITSM users for authentication via the Neurons Platform

•Setting Up External Authentication with LDAP

•Working with Single Sign-On authentication

•Working with ADFS/SAML

•About Windows Integrated Security

•Setting Up Authentication for OpenID Connect with Google

•Setting Up authentication for OpenID Connect with Microsoft Azure

•Neurons for ITSM OpenID Connect Configuration

•Setting Up Authentication for OpenID Connect with Yahoo

•Setting Up Authentication for OpenID

Recommended Secure Default Settings for Administrative Accounts and Privileged Accounts

This capability is currently not available, but it's tentatively planned to be delivered by the end of 2026.

Compare Current Settings to Default Settings for Administrative Accounts and Privileged Accounts

This capability is currently not available, but it's tentatively planned to be delivered by the end of 2026.

Export Security Settings in a Machine-Readable Format

There are currently no plans on the one-year roadmap to provide this capability due to other innovations taking priority. It may be considered in future releases.

View and Adjust Security Settings using API or any other integration

There are currently no plans on the one-year roadmap to provide this capability due to other innovations taking priority. It may be considered in future releases.

Version History for the Recommended Default Secure Settings

This capability is currently not available, but it's tentatively planned to be delivered by the end of 2026.