Ivanti Neurons for Patch Management Connector Guide

Summary: How to set up and use the Ivanti Neurons for Patch Management connector in Ivanti Neurons RBVM.

Overview

The Ivanti Neurons RBVM platform provides an API-based connector that integrates with Ivanti Neurons for Patch Management, which enables customers to associate CVES to patch groups and create new ones.

Connector Configuration

Prerequisites

  • Requires an active subscription to Ivanti Neurons for RBVM.
  • Requires an active subscription to Ivanti Neurons for Patch Management.
  • URL used to access the instance of Ivanti Neurons for Patch Management.
  • Tenant Id for the instance of Ivanti Neurons for Patch Management.

User Setup

In order to connect Ivanti Neurons for RBVM to Ivanti Neurons for Patch Management, an API user will need to be created with the following minimum access:

  • PatchGroup.Admin - Enables POST methods to create new patch groups.
  • PatchGroup.Editor - Enables PUT methods to edit existing patch groups.

Patch Management documentation for managing user permissions can be found here: Patch Management API Overview

Connections

The following API calls are performed during a connector run to modify or create Ivanti Neurons for Patch Management groups.

API Type

Endpoint

Get All Organizations

/api/v2/organizations

Edit patch groups

/api/patch/content/v1/cves-to-patch-group (PUT)

Create patch groups

/api/patch/content/v1/cves-to-patch-group (POST)

List patch groups

/api/patch/content/v1/patch-group (GET)

Platform Setup

When logged into the platform, navigate to the Automate > Integrations page.

Using the search bar in the upper-right corner of the Integrations page, type “Ivanti Patch” to find the connector. Locate the Ivanti Neurons for Patch Management card under Patch Management and click Configuration.

Complete the following required fields. These fields include:

  • Connector Name: Connector name for the Ivanti Neurons for RBVM platform.
  • URL: Ivanti Neurons for Patch Management instance URL.
  • Tenant ID: Ivanti Neurons for Patch Management tenant identifier.
  • Client ID: Ivanti Neurons for Patch Management client identifier.
  • Secret Key: Ivanti Neurons for Patch Management secret key.

Optional Configurations

Once the fields have been filled out, click Test Credentials to ensure the connector can connect to the Ivanti Neurons for Patch Management instance.

Additional Optional Configurations can be set up here.

  • Allow users to create new patch groups: This will allow administrators to manage whether they allow users in Ivanti Neurons for RBVM to create new groups in Ivanti Neurons for Patch Management. Users must ensure the create group access is granted to the account configured.
  • Allow users to update existing patch groups: This will enable existing patch groups to be edited via Ivanti Neurons for RBVM. The default behavior is to allow for all groups.
    • All patch groups: This will allow editing of all current and future groups.
    • Selected patch groups: This will present the user with a list of the current groups available to the login at the moment of the Test Credentials. Only chosen groups can be edited, however, when the option to “Allow users to create new patch groups” is selected, these new groups will also be editable as they are created.
    • Negation of patch groups: This will present the user with a list of the current groups available to the login at the moment of the Test Credentials. The chosen groups will not be show in the list of groups to edit.

Once the connector configuration is complete, click the Save button. Once a single connector to Ivanti Neurons for Patch Management is created, the option to configure another is disabled.

When the connector is set up, a new entry for it appears at the top of the Integrations page. This connector will enable the new “Add to Patch Group” menu options in the Host Findings actions. Check the connector’s logging of patch management by clicking the History button.

Editing a Connector Configuration

Connector configurations can be updated at any time after creation. Go to the Automate > Integrations page and select the specific connector you want to update.

Utilizing the Connector

The CVE data from Ivanti Neurons for RBVM is sent to Ivanti Neurons for Patch Management to help manage and create patch groups. The data displayed in the menus of Ivanti Neurons for RVBM is dynamically pulled from the Patch Management API on demand. At this time, data is not retained in RBVM platform which relates the CVEs and findings to patch groups.

Assets

Data in the Hosts list view of Ivanti Neurons for RBVM is aggregated from scanners and CMDB connections. Critical data elements about these hosts can be utilized at the Host Findings list views as filters in order to enable teams to focus on the CVEs that are affecting their most important assets. The Host list view does not include a menu action to add CVEs to patch groups, however, the data itself can be leveraged from the Host Findings list view to most effectively accomplish this.

Findings

The new menu option to “Add to Patch Group” is shown on the Host Findings page when the new connector is enabled. Similar to other Action menu options, at least one finding must be selected in order for this menu option to activate.

There two possible options that will appear under this menu action:

  • Add to Patch Group - This will show a list of configured patch groups available for editing. Choose a specific patch group from the list of available patch groups. This will enable a new window to edit this patch group. A list of the first five CVEs from the selected findings will appear on the left side with an indication if there are more. All the selected CVEs will be sent to Ivanti Neurons for Patch Management for addition to the existing group.

  • Create Patch Group - The menu option will appear if the connector is configured to allow users to create patch groups. This will enable a new window to create a new patch group. Enter the name of the patch group that will be created. A list of the first five CVEs from the selected findings will appear on the left side with an indication if there are more. All the selected CVEs will be sent to Ivanti Neurons for Patch Management for the group creation.

Connector Data Mapping

This table maps the high-level fields from Ivanti Neurons for Patch Management with that of the Ivanti Neurons for RBVM platform.

Section

Ivanti Neurons for RBVM Field

Ivanti Neurons for Patch Management Field

Filterable in Ivanti Neurons

Host Findings

CVE

Patch Group Name

Patch Count

Last Modified

CVEs

Patch Group Name

Patch Count

Last Modified

No

No

No

Yes

Note: Ivanti Neurons for RVBVM does not retain the data above in platform but displays them dynamically from the Patch Management API.