What's New

Administrators can now specify authenticated UNC paths or URLs to on-premise file shares, from which to host and download App Distribution and Patch Management content. File hashing and data size checks ensure the correct files are being downloaded, preventing malicious attacks from occurring.

A new sync engine is available in Agent Policy to sync patch content between multiple Preferred Servers. This engine can be deployed to specific endpoints, along with a sync engine configuration containing a list of included Preferred Servers. This provides failover and redundancy in the event of an infrastructure outage.

Any unexpected errors during the patch download or sync process will be visible from a Server Log, accessed directly from the user interface, under each Preferred Server entry. This will track events such as authentication failures, mismatched file hashes, broken URLs, etc.

Learn more about Configuring a sync engine.

Azure Blob Storage Security and Information Events Management (SIEM) outbound connector is now in technical preview. It allows customers to securely export audit logs to their own Azure Blob Storage containers. Logs are delivered in JSON format with a configurable export schedule, making them easy to ingest into SIEM tools for compliance, analytics, or long-term retention.

Learn more about Outbound Connector in Azure Blob Storage SIEM Forwarding Connectorand Connectors.

The audit logs from the following sources are now supported:

• Patch Management

• Authentication

• Role-Based Access Control

• Edge Intelligence

  Learn more about Audit Trails.

Reports can now be used to export audit logs for up to 90 days. CSV reports can be filtered to focus on specific events, scheduled for automatic generation, and sent via email to be designated recipients.

Learn more about Audit Trails Report.

Control when Agent and Capability Engine updates occur using Maintenance Windows. An unlimited number of windows can be created per-policy using daily, weekly, monthly, and yearly recurrence as well as one-time events.

Learn more about Agent Policy Maintenance Windows.

The Device Group field is added to the Devices, Device Patch Scan, and Device Patch Deployment datasets to support enhanced filtering and analysis.

Learn more about Dashboard Designer.

The Ivanti Neurons Linux Agents now support proxies with authentication using HTTPS connections for encrypted credentials.

Learn more about Proxy Support for Agents.

Mac endpoints are now supported for Agent Branding. Custom titles, icons, and messages can be utilized in Mac Agent reboot messages.

Learn more about Agent Branding.

Ivanti App Control enforces the rules laid out in the configuration. Policy Change Request can be implemented to alter these rules. This feature enables the user to request access to or elevation of any application on their device. When this request is approved, the configuration on that device is automatically updated for a specified period of time. The request and approval mechanism is achieved through integration with ServiceNow that can be managed through the advanced process engine available there.

To accommodate audit of the occasions when policy change request is used, two new charts have been added to the dashboard – one showing applications that have been allowed due to a policy change request and the other showing applications that have been elevated by it.

• Allow Elevated Applications: When creating elevation rules it is now possible to automatically also allow the subject of those rules so that a separate allow rule is not required. This streamlines the policy creation process making it easier for administrators to manage their configurations.

• Optional New Log Location: In addition to choosing to display Neurons App Control events in the Windows Application event log, it is now possible to choose to have them sent to an alternate ‘Ivanti’ event log instead. This means the events are separate from the regular Windows events and easier to export to a third party tool for analysis.

Learn more about Policy Change Request, Configuration Settings, and Elevate Rule.

Administrative tasks in Edge Intelligence are now being logged and visualized in the Ivanti Neurons Audit Trail.

The Ivanti Neurons Application Control sensors are enhanced to support both UWM Hybrid and Neurons modes.

• You can now generate External Attack Surface Management (EASM) reports directly from the Reports section of the Neurons platform, alongside Patch Management and Audit Trail reports.

• This integration introduces new functionality, such as report scheduling and emailing, which were previously unavailable for EASM reports.

• To support this transition, the Create New Report feature in the External Attack Surface section of Neurons will be disabled after this release.

• Historical EASM reports will remain accessible for 90 days, allowing users to view or download them as needed.

• Role-based access controls for EASM reports have been updated to align with other Neurons products. Administrators and users with qualified custom roles will have permissions to View, Create, and Delete reports, while Analyst roles will not be granted these actions to ensure security and role-specific functionality.

Learn more about EASM Reports

• A new EASM dashboard widget is added to the Neurons homepage, featuring an Add Seed action to streamline onboarding.

• The workflow for adding seeds has been improved, enabling automatic workspace creation directly from the same page.

• The Seed filter is expanded to include all asset types, simplifying search, and organization.

• A revamped workspace creation workflow allows multiple seeds to be added from a single page for improved efficiency.

• This release delivers enhanced reporting capabilities, improved onboarding features, and streamlined usability for EASM within the Neurons platform.

Learn more about Ivanti Neurons for External Attack Surface Management, Home, and Manage Seeds.

This release introduces a new type of automation that allows the bot to run with no initial context such that it does not run against devices or people objects. This supports general/runbook use cases such as calling APIs, looking up records from Data Services (inventory), interacting with ITSM, or interacting through Teams. This has a stage library with a subset of stages that are compatible with no starting context.

This means that a wider array of use cases can be unlocked with no requirement for devices to be online.

Learn more about Neurons Bots creation.

Results are limited to 1000 objects.

A new To device context stage is introduced in Universal Context automation which makes it possible to embed a device context bot within a universal context bot. When you click the Device Context resizable stage, the stage library will dynamically change to the device context library.

Devices can be hardcoded in, passed in as a token (for example, from an input), or fed in from a list (for example, a device inventory stage with a computer name attribute returned, which now additionally has a group picker).

This format is useful for orchestration of workflows when you want to sequence different actions across different devices as part of the same workflow. Information can be passed out from a device context workflow by specifying outputs.

The device context stage is intended for use with small volumes (<1000) of devices. For larger device groups, Ivanti recommends using device context bots.

Learn more about Neurons Bots Stages.

Teams welcome message provides enhanced experience by supporting localization. Ivanti Neurons currently supports en-IN, en-US, en-GB, en-ZA, de-DE, es-ES, es-GT, es-MX, fr-FR, it-IT, ja-JP, nl-NL, pt-BR, ru-RU, zh-CN, and zh-TW.

If the default locale and welcome message are overridden, custom messages can be set for each locale. Teams will choose the appropriate locale for the welcome message based on the user’s current input locale.

Localization applies to the welcome message only.

Ivanti has launched new bot templates for Windows 10 to Windows 11 migration, HP software orchestration, Dell Command orchestration enhancements, patch surveys, and Teams call quality enhancements.

Adobe has officially discontinued support for JWT authentication. In response to this change, the Neurons Adobe Connector has been updated accordingly with the following changes:

• OAuth is now the only supported authentication method.

• JWT authentication is no longer available.

• The authentication type dropdown has been removed, as OAuth is now the default and only option.

If your existing connector was configured using JWT, you must create a new connection using OAuth credentials to ensure continued functionality.

Learn more about Adobe Connector.

A new catalog type Bundles is now introduced for applications . Bundles enable you to group multiple applications together and deploy them as a cohesive unit, whether as a single package or a nested structure.

Bundles can be used to install a set of related applications simultaneously, ensuring consistency, and streamlining deployment. Additionally, Bundles simplify the application deployment process by organizing applications into hierarchical groups, making management and distribution more efficient and intuitive.

Learn more about Bundles in App Distribution Catalog and App Distribution Deployment Status.

Usage mapping of the software helps track the utilization of the software applications including associated executable files and optionally their versions.

Learn more about Usage Mapping in Software

The latest enhancement to Preferred Server adds a synchronization service to ensure that the necessary patches are copied to designated shares within your environment to stage patches in predictable locations and reduce network traffic in bandwidth constrained environments.

Learn more about Patch Settings.

The integration of User Surveys into the Ring Deployment experience allows for quick user interaction directly in the patch experience to determine how the overall update worked and identify when those downstream issues are occurring.

Learn more about User Survey in Neurons Bots and Ring Deployments.

Device scopes support is now available for Neurons for Patch Management. You can perform various operations on Patch Management based on RBAC, against the set of devices limited by scopes.

Learn more about Access Control: Scopes.

This release introduces the ability to create custom report templates. You can define templates by selecting the dataset and choosing the fields to include. Once a template is saved, reports can be generated using the existing report generation flow. This feature provides more flexibility in tailoring reports to your specific needs. CSV and Excel output format are supported.

Learn more about Creating Custom Templates.

The integration of Maintenance Windows into the Patch Management experience allows administrators to define Maintenance Windows where changes are allowed and configure features like Ring Deployment to use the Maintenance Window instead of the current scheduling options.

Learn more about Maintenance Windows configuration in Configuration Behavior

The ability to uninstall a patch has been added to allow for select updates to be rolled back for troubleshooting and recovery purposes.

Learn more about Rollback.

This release expands the user actions that are visible in the Audit feature of the platform allowing for more visibility into the changes and updates made by administrators across the patch experience.

Learn more about Audit Trails.

Ivanti Neurons for Patch Management on Intune now supports ARM devices. Devices with ARM Processor need to be updated on a regular basis to reduce security risks and improve operational efficiencies.