What's New

Administrators can now specify authenticated UNC paths or URLs to on-premise file shares, from which to host and download App Distribution content. File hashing and data size checks ensure the correct files are being downloaded, preventing malicious man-in-the-middle attacks from occurring.

The current release of Preferred Server is suitable for App Distribution only.

Audit Trails is now generally available, bringing greater transparency and traceability to your environment.

In this release, you can export audit records in CSV format for up to 30 days. We have also added the ability to view detailed record information, including associated attributes, before-and-after states, and related records. We are continuing to expand audit coverage with new record types, such as device deletions and report activity.
Learn more about Audit Trails

An Agent Health Dashboard has been introduced, displaying common agent issues, from which you can drill down into lists of agent endpoints with the same problem. From here, you will be able to select an endpoint and choose to ‘check-in’ or ‘update binaries’ directly from the user interface, to help resolve specific issues.
Learn more about Agent Health Dashboard.

New fields have been added to the following datasets to support enhanced filtering and analysis:

• Devices DEX Score: Device model, device type, OS short name, and location

• People DEX Score: City, country, department, job title, and office

• Devices: Last software scan timestamp, OS end of feature support date, and OS end of service date

Learn more about Dashboard Designer.

Allow MQTT to communicate over port 443 using Websockets. This will eliminate the need for users to go through painful change processes to update firewall rules. It allows simpler proxy configurations and endpoints to be managed more efficiently, irrespective of their location.

It is now possible to customize the reboot prompt displayed to users on MacOS endpoints. A custom title, description, and icon can be specified to ensure that the end-users receive branded messages.

Learn more about Agent Branding.

All capabilities in Agent Policy that have an associated configuration, such as Patch Management and Application Distribution, are now sorted alphabetically and have a filter option to search for the exact configuration you require. This simplifies administration and provides faster time to value.

External Authentication (SSO) method for OneLogin Authentication (SAML) and OneLogin Authentication (OIDC) are now supported with this release.

Learn more about External Authentication (SSO).

Currently, the Ivanti Connector requires the Jamf option Allow Basic authentication in addition to Bearer Token authentication to be enabled.

However, Jamf has deprecated this feature. Replace it with a new API Role using Client Secret and access tokens. Update the connector to use this new API authentication method.

Device threshold: To limit the amount of data that is gathered for Neurons, it is set by default to 90 days, with a maximum threshold of 90 days. The connector will only import devices that have checked in or changed during that time.

Learn more about Tenable connector.

In addition to being able to access files and applications, Ivanti Neurons for App Control can now also be used to allow or deny access to specific network locations. These can be specified by IP address, network share, or host name. These rules can be targeted to specific users, groups, devices, and IP addresses.

Learn more about Network Access Control in Allow/Deny Rule.

Administrators can now create rules to redirect users away from specified URLs, forwarding requests to an alternate web address instead.

As with all rules, the most permissive wins, so it is possible to create a deny rule for www.generalnews.com but an allow rule for www.generalnews.com/weather so that end users can only look up the weather forecast rather than perusing the entire domain.

Learn more about URL Redirection in Allow/Deny Rule.

The system-defined templates can be copied but not directly edited.

Learn more about App Templates.

• The Overview page of App Control can now have the charts filtered by a specific configuration. This means that administrators can easily identify items of concern or trends associated with the specific devices a configuration is targeted to.
  

  Learn more about Dashboard filtering per configuration in App Control Overview

• Additionally, it is now possible to clone a configuration in order to make small changes and publish it alongside the original version to a different set of devices.

  Learn more about cloning a configuration in App Control Configurations.

• There are new custom settings available for configurations. These are largely used for troubleshooting.

  Contact Ivanti Technical Support for guidance.

An indicator is added to show if the device is online or offline when selecting a device with the targeting capability.

A new permission View Registry is available. If this permission is unchecked for a configured role, then members of this role won't be able to execute the registry sensors in Edge Intelligence.

Ivanti Neurons for EASM also now lets you view all your technologies (third-party software, libraries and more) in one place with the new Technology page.

Learn more about Technologies tab in Insights (Technologies tab).

Gain enhanced attack surface visibility with new dashboard widgets that display exploit distribution and exposures by risk vector.

Learn more about enhanced attack surface in Insights.

Get in-app notifications for start and completion of user triggered events like addition/removal of seed, movement of seed/asset across workspaces, to facilitate effective security reviews.

Learn more about notifications in Insights (Assets tab).

Audit trail is now enabled for Ivanti Neurons for EASM events to aid in compliance and troubleshooting tasks.

Learn more about Audit Trails in Ivanti Neurons for External Attack Surface Management.

EASM now provides a FAQ section that answers common questions about specific topics for an enriched customer experience.

Learn more about FAQs in External Attack Surface Management (EASM) FAQs.

It is now possible to multi-select contiguous stages and run against a test user or device. This is useful when verifying the function of branches depending on the difficulty to reproduce conditions (For example: a specific event ID) or to model error handling logic / different permutations of filters.

Usage guidance is available in the stage inspector (right-hand panel in the bot editor) when no stages are selected.

Hold the shift-key and draw a box around the stages you would like to run to invoke the test panel which prompts for any required information as well as user/device targeting.

Learn more about stages in Neurons Bots editor.

It is useful when building a bot to administratively disable/enable connecting links.

For example, using a bot with remediation capabilities in information-only mode for a period of time to test upstream logic and model ‘what if’ behavior prior to enabling remediation. This also helps Ivanti streamline the creation of new bot templates without needing to create separate examples for reporting vs remediation use cases.

Learn more about enable/disable links in Neurons Bots editor.

If a bot is run against a large number of devices or users in error, or there are emerging problems with a running bot it may be desired to stop the current bot from progressing beyond the currently processing stage(s).

A new capability is introduced on the trigger history page where any bots in a pending state will have a cancel button available. This will also extend to the trigger history table on the bot to target any pending stages across any versions of that bot.

Learn more about Canceling a running bot in Trigger History and Neurons Bots Results.

Introducing a new Advanced Schedule Setting option on the Bots Scheduler to offer more precision over when a bot is executed. It supports scenarios such as weekdays/weekends and also offers the ability for longer interval bots for monthly and beyond cadence.

Learn more about Advanced Scheduler Settings in Neurons Bots editor and Neurons Bots homepage.

For any stage or bot input that returns multiple results (list), it is possible to render these as dynamic buttons on a Teams interaction.

For example, Which Wifi network do you normally connect to? Which drive letter would you like to perform a cleanup o?, and so on.

Learn more about interaction buttons in MS Teams Stages.

It is now possible to choose the fields that you want to update in an update ticket scenario.

For example: The description/summary can be preserved while changing state and updating the journal.

Bots for Toronto and Tokyo regions are now available in the Microsoft Teams app store.

Immediate start of an application for time-sensitive application deployments.

Key enhancements are introduced to streamline time-sensitive application deployments and improve compliance remediation efficiency.

Immediate Deployment Capabilities:

• Added the option to Run Now on Distributions for the immediate start of an application deployment on all targeted devices, especially for urgent scenarios.

• Alternatively, use Run Now specifically for non-compliant devices to quickly address compliance issues.

These new actions are available directly within the Distribution schedule screen, providing flexibility, and control over deployment timing to ensure your devices are always up to date when it matters most.

These updates focus on reducing deployment delays and enhancing responsiveness for critical rollouts.

Learn more about Run Now in App Distribution Catalog

You can now configure Inventory Engine for the WMI to support files extensions.

Learn more about Inventory Scanner settings

The group membership is now visible under Group Tags after the Microsoft Entra ID connector synchronization completes.

Learn more about Group Membership in Device details.

Patches can now be deployed and tested in a small set of devices within a ring before being rolled out (promoted) to a larger set of devices in production. Patch configuration under routine maintenance can be enabled for ring deployment, with the options for manual and automated promotion, along with the ability to continuously track a rollout. This phased approach helps identify potential issues early and ensures smoother and predictable patch management across the organization.

Learn more about Ring Deployments.

Neurons for Patch Management now supports Amazon Linux. Contentless patching for both security and non-security related patches can be applied in Amazon Linux 2023 and Amazon Linux 2.

Learn more about Operating System Compatibility Matrix.

In addition to on-demand reports, you can now schedule recurring reports with flexible daily, weekly, and monthly options. Start and end dates can be specified for each schedule. The Reports list is updated with new columns to display the schedule, last run, and next run.

Now, you can also view the run history of each report instance under Report Details.

Learn more about Reports

When generating a report, you can now specify Neurons Platform members to receive it by email. If the file size is within the limit, the report is sent as an attachment; otherwise, recipients are directed to the Reports page to download.

Distribution details are available under Report Details.

Learn more about Reports

This release includes several enhancements to existing report templates:

• New filter options to display only failed deployments in Deployment > Summary and Deployment > Detailed reports.

• Deep linking to device, patch, advisory, and CVE details.

• New icon to indicate superseded patches in selected templates.

• Unique device count added to the report overview in selected templates.

Learn more about Reports

A new out-of-the-box Patch Management Dashboard is now available. This dashboard includes curated charts covering endpoint vulnerability, patch intelligence, and deployment history, providing a consolidated view of your patching posture in a single dashboard.