Welcome to Ivanti Security Controls

Welcome to Ivanti Security Controls, a unified IT management platform used for managing and protecting Windows-based machines, Red Hat Enterprise and CentOS Linux machines and VMware ESXi Hypervisors. Security Controls provides you with one centralized and common interface that you can use to perform the following IT management functions.

You can also interact with Security Controls using a PowerShell Command-Line API or a REST API. For more information, see Overview of the PowerShell Command-Line API and Overview of REST API.

Security Controls' industry-leading patch management function provides the ability to scan all Windows-based machines, RHEL and CentOS Linux-based machines and VMware ESXi hypervisors in your network and assess the current patch status of those machines.

After a scan is performed you can generate reports that provide additional details about the patch "health" of each machine. Security Controls can then be used to easily and automatically bring each machine up to date. You simply instruct the program to download and deploy the desired patches to the machines of your choosing. You can even dictate when the deployment will occur and if and when each machine should be restarted. In addition, Security Controls can provide email alerts that notify you when patches are available and it can email the results of scans and other information you wish to share with selected users.

The patch management function can be performed with or without agents on Windows-based machines. This unique blending of agentless and agent-based technologies gives you maximum flexibility while minimizing management overhead. Patch management activities on Linux-based machines are always performed using agents.

To get started (Windows): How Do I Get Started Scanning and Patching?

To get started (Linux): Overview of Linux Patch Management

 

Application Control is only available on Windows-based machines. In addition, if you use a license key to activate Security Controls, a separate add-on license key is required in order to activate the Application Control feature.

The Application Control function includes:

Executable Control

Privilege Management

Browser Control

The Application Control functionality provides a powerful set of controls. A configuration is created to use any, or all, of the features; Executable Control, Privilege Management, Browser Control. You create a set of Rules to build your configuration.

Executable Control is used to apply rules for trusted ownership, to restrict or unrestrict using security levels and to allow or deny files, folder, drives, file hash. Use Privilege Management to enable elevation of privileges or restrict rights for users or user groups, and enable Browser Control to redirect or allow specific URL's.

To get started: Application Control Overview

 

Asset Inventory is only available on Windows-based machines.

The asset inventory function enables you to track your software and hardware assets.

The function works with both physical and virtual machines. You can perform scans to detect and categorize the software and hardware contained on your physical and online virtual machines. Detailed information about your software and hardware virtual assets is available immediately following a scan. You also have the ability to create reports that can be used to track your asset inventory over time.

Like the patch management function, the asset inventory function can be performed with or without agents.

To get started: How Do I Use the Asset Inventory Feature?

 

Power Management is only available on Windows-based machines when performed from the console.

The power management function enables you to control the power state of the machines in your organization.

The primary reasons for using power management are to:

Prepare your machines for maintenance tasks

Reduce noise and power consumption

Reduce operating costs

Prolong battery life

You can shut down, restart, or awaken machines either immediately or on a scheduled basis. When you perform a scheduled restart you also have the ability to specify what power state to put the machines in: fully powered on, in sleep mode, or in hibernate mode. The power management function can be performed with or without agents.

To get started: How Do I Use the Power Management Feature?

 

ITScripts is only available on Windows-based machines.

The ITScripts function enables you to execute PowerShell scripts against the machines and machine groups you have already defined in Security Controls.

With this scripting feature you can:

Access free scripts and all pre-defined scripts provided by Ivanti

Execute scripts against target machines

Execute scripts from the console

Create PowerShell templates

Import custom scripts

Execute scripts immediately

Schedule script execution to run at some time in the future

Execute scripts with or without the Windows PowerShell remoting features

View the results of all scripts that have been initiated from Security Controls

To get started: How Do I Use the ITScripts Feature?