Nieuw

Automated Policy Assignment helps managing Ivanti Neurons Agent Policies across large numbers of devices with ease. Instead of manually setting up policies for each endpoint, the system automatically assigns the right policies based on device attributes such as type or location. This ensures that new and existing devices always get the security and management required.

Administrators can set up a catch-all default policy that applies to all agent endpoints on the network. Where certain devices need specific policies, it is easy to add individual device or device group exceptions and configure the exceptions to take priority. This reduces administration time and lets IT to manage more complex tasks and helps keep every device protected and compliant.

Learn more about Configuring Automated Policy Assignment.

The Azure Blob Storage SIEM Outbound Connector is now generally available.

Learn more about Azure Blob Storage SIEM-doorstuurconnector.

The Splunk HTTP Event Collector (HEC) Outbound Connector is now available in technical preview. This feature enables customers to export Ivanti Neurons Audit Trails directly to Splunk Enterprise via HEC.

Learn more about Splunk HEC Connector.

• Actions in People View are now being logged and visualized in the Ivanti Neurons Audit Trail.

• Administrative tasks in Inventory Scanner Settings are now being logged and visualized in the Ivanti Neurons Audit Trail.

• Administrative tasks in Remote Control Settings are now being logged and visualized in the Ivanti Neurons Audit Trail.

External Authentication (SSO) method for the following external SSO providers:

• PingFederate Authentication (SAML)

• PingFederate Authentication (OIDC)

• ADFS Authentication (SAML): When integrating authentication with ADFS, you can also use Signed Requests and/or Encrypted Assertions.

  • Signed request are used so the Identity Provider (for example, ADFS) can verify the origin and integrity of the requests.

  • Encrypted Assertions are used so that the response from the Identity Provider, which includes user credentials, are protected from being intercepted and read by unauthorized parties

• Other IdP Authentication (SAML): A new SSO method is now added to use any other Identity Provider. If your Identity Provider is not one of those explicitly supported, this option can be used to integrate with that Identity Provider.
  The SAML protocol is supported for this option. It also allows Signed Requests and/or Encrypted Assertions to be used (requires Identity Provider support).

App Control now includes a new chart that provides insights into the applications granted permissions through the Policy Change Requests, along with actionable ROI analytics. This expanded visibility lets administrators easily correlate the number of grants with subsequent allowances and elevations.

Learn more about Policy Change Requests in Overzicht App Control.

App Control rules support EntraID Users and Groups, enabling better security and streamlined process management. Now, the administrators can define application control policies based on EntraID (formerly Azure Active Directory) users and groups, rather than relying on local accounts or static groups.

Learn more about Configuring Entra ID.

The Neurons for App Control agent now supports custom port configuration for improved flexibility and network compatibility. This introduces BrowserAppStorePort and BrowserCommsPort settings within the Application Control configuration. Administrators have granular control over which network ports the agent uses for browser-related services and communications.

Learn more about these port settings in Configuratie-instellingen.

Organizations can now configure custom policies to prohibit executable files on removable media. This option allows administrators to manage policies prohibiting files, particularly executables, on removable media such as USB drives.

Learn more about the settings in Configuratie-instellingen.

A new monitoring setting Power State History is available in Edge Intelligence settings. When the setting is enabled on a device, it tracks the various power states over time, allowing you to see when devices are On, Off, in Sleep, or Hibernate mode.

Learn more about Power State History in Edge Intelligence-instellingen.

An additional monitoring setting is introduced for the existing Ivanti Application Monitor functionality. This setting is available in Edge Intelligence settings and allows you to enable or disable the monitoring feature as required. The Ivanti Application Monitor component is installed or uninstalled when Edge Intelligence is the only service subscribing or subscribed to it.

Learn more about Application Monitor in Edge Intelligence-instellingen and KB article.

Pagina's Kwetsbaarheid voor aanvallen in Ivanti Neurons worden aanvankelijk niet weergegeven. U moet eerst seedkoppelingen opgeven naar de aanwezigheid van uw organisatie op internet. Navigate to External Attack Surface > Manage Seeds page. De internetblootstellingscrawler van Ivanti zal vervolgens naar die seeds kijken en rapporteren over activa en blootstellingen die worden gevonden.

Learn more about Enhanced Onboarding and Usability in Ivanti Neurons for External Attack Surface Management.

Abuse prevention measures have been implemented for blocklisted domains within EASM to ensure improved security and compliance.

With scope support enabled, bots run by users through custom actions, the run now button or bot preview will now only execute against devices or people that their account is permitted to access.

Learn more about Scopes in Toegangsbeheer and Neurons Bots-resultaten.

Added support for deploying App Distribution’s bundle applications to the Bots stage to ensure both individual and groups of applications can be targeted.

Learn more about Bundle Support in App-distributie activeren.

Mac and Windows icons are now added to the cards in the bot template library along with all the stages updated in the template library. This allows users to see what operating system the bots supports OOTB without having to create a saved copy first.

The ability to run the PowerShell Query stage as a specified user opens up the ability for additional use cases such as checking for access to network resources.

Learn more about PowerShell Query in Aangepaste fasen and Neurons Bots fasen.

A number of changes have been made to the Automation framework to improve the speed at which Bot stages and their results are processed.

Performance improvements have been made and data filtering issues are fixed with Entra ID connector. The Neurons Entra ID connector is now updated:

• Previously, applying user group filters led to some users being skipped. This issue is now fixed.

• The connector made a large number of API calls to retrieve group members, which resulted in longer execution times and increased the risk of network failures.

• API call volume is reduced, allowing the connector to complete its execution much faster.

• A retry mechanism is introduced to handle network related issues more robustly.

Learn more about Microsoft Entra ID-connector.

Software Inventory now has the ability to include complementary data from the Ivanti Software Library. The data includes regularly updated attributes such as end-of-life, product family, and release version details. If edited, inventory data does not match new Software Library data, you can easily review and resolve by accepting the new Ivanti data or keeping your edits.

Learn more about Software Conflict Resolution in Software-inventaris.

Op de pagina Instellingen voor inventarisscanner worden instellingen geïntroduceerd om BitLocker-sleutelinstellingen in te schakelen. Zodra dit is ingeschakeld, begint het Neurons-platform met het verzamelen van de BitLocker-herstelsleutel van het apparaat waarop het Windows-besturingssysteem draait tijdens de inventarisatiescan. Deze sleutel wordt in het systeem opgeslagen voor toekomstig sleutelherstel.

IT-beheerders met toegang tot het Neurons-dashboard kunnen de herstelsleutel indien nodig ophalen. Om bijvoorbeeld met Neurons de herstelsleutel te vinden, navigeert u naar Apparaten > Windows OS > Codeersleutel > Herstelsleutel-id selecteren.

Instellingen inventarisscannerApparaatactiesLeer meer over de BitLocker-herstelsleutel in Instellingen inventarisscanner en Apparaatacties.

The Status field in Device Patch Deployment History dataset now includes patch rollback status.

Meer informatie over Dashboarddesigner.

Device view column configuration has been enhanced with secondary columns. Secondary columns allow the selection of columns that have arrays of data.

Learn more about Device View in Apparaten.

Multiple enhancements have been made to the Automation framework to improve the speed at which Bot stages and their results are processed.

The Execute Script - CMD Support

The ability to run CMD prompt commands has been added to the Execute script function. Along with this, CMD prompt commands can be run as either local system or currently logged in user.

Learn more about Execute Script in Apparaatacties.

The initial release of Ring Deployments supported a phased rollout of patches over a period of 30 days. To support organizations with rollout requirements greater than a month, Ring Scheduling now extends to a maximum of 90 days and supports individual soak time of up to 28 days for each Ring.

Multiple Ring rollouts now operates consecutively, allowing a Ring that has successfully completed a deployment to initiate a new rollout while the previous rollout still deploys on later rings.

Learn more about Multiple Concurrent Ring Rollouts in Configuratiegedrag.

Previously, devices needed to be individually added to specific Rings when employing a Ring Deployment. With this release, administrators can optionally assign whole device groups to Rings. Devices that are later added to a device group automatically populate the associated Ring.

Learn more about Dynamic Ring Assignment in Ring Deployments.

Administrators now have the option to simultaneously rollback to a previous version of a patch that was successfully installed on multiple devices. This eliminates the need to individually rollback a bad patch on each affected device independently.

Learn more about Multi-Device Patch Rollback in Apparaatdetails.

A new icon is added next to device names in console pages to indicate if that device is a member of a device group. A numerical value is also provided next to the icon to identify the number of device groups to which the device is a member. When the icon or number is selected, a searchable overlay is presented displaying the associated device groups.

Learn more about Device Groups in Implementatiegeschiedenis.

In the console Device page > Patches tab, administrators can now select one or more advisories and add them to a patch group without needing to navigate to the Patch Intelligence page.

PatchgroepenLeer meer over Patchgroepen.

Reports generated for Patch Management now respect device scopes assigned to users. When a user creates a report, it is automatically scoped based on their assigned device access.

Learn more about Device Scopes in Patchbeheerrapporten.

Reporting Access Controls have been updated for Patch Management, External Attack Surface Management (EASM), and Audit Trails. Users with View permission can only access reports they have generated or reports that have been explicitly shared with them. To share reports with other users, new Share permission is required.

Learn more about Permissions and Roles in Rapporten.

Two OOTB Patch Management report templates, Deployment History (Summary) and Deployment History (Detailed) now include new columns and sections detailing successful patch rollbacks.

Learn more about Deployment Status in Patchbeheerrapporten.