Ivanti Security Controls 2023.4.x
Build Information
These release notes support the General Availability (GA) version of Ivanti Security Controls 2023.4.1, released in November 2023. The GA build is 9.6.9275.0 and it can be downloaded from the download page.
You can upgrade to Security Controls 2024.1 from Security Controls 2022.2 or later. See the Upgrade Guide for complete details.
IMPORTANT! We recommend you back up your current database before performing any upgrades. If you are using a full edition of SQL Server, use the SQL Server Maintenance Plan Wizard to perform the backup. SQL Server Express users who do not have access to the SQL Server Maintenance Plan Wizard can use the Ivanti Security Controls Database Maintenance tool.
Installation Notes
System Requirements
The following operating systems are no longer supported for use by the Security Controls console:
- Windows Server 2012 family
- Windows Server 2012 R2 family
The following operating systems are no longer supported as Windows endpoints:
- Windows Server 2008
- Windows Server 2008 R2
Microsoft SQL Server 2012 is no longer supported. You must be using Microsoft SQL Server 2014 or later.
A new version of the Microsoft Visual C++ Redistributable for Visual Studio 2015 – 2022 is available, so this will likely be identified as missing during the prerequisite check of the installation process.
For a complete list of requirements for the console, your agentless clients and your agent-based clients, see System Requirements in the help.
New Installation vs Upgrade
If you are an existing customer using Security Controls 2022.2 or later, you should upgrade to Security Controls 2023.4.1 (or 2022.2 if you require a Common Criteria certified version). This will enable you to maintain your current product database and configuration data.
If you are a new Ivanti customer or an Ivanti Application Control customer who is migrating to the Application Control feature in Security Controls, you will be performing a new installation.
Although the upgrade and new installation processes are similar, there are differences. For example, if you upgrade you will not be presented with the opportunity to create a new database or choose how users and services will connect to the database.
Disconnected Networks
If you are installing on a disconnected console machine, in addition to manually installing any prerequisite software, you must also manually download and install the product core files BEFORE you begin the installation process. For complete information on this process, see the Performing a New Installation topic in the Security Controls help.
For information on how to manually manage your data files in a disconnected environment, see How to Download Content Data Files and Patches Using the Download PowerShell Script on the Ivanti Community.
Enhancements and Improvements
This release contains the following changes:
- The Security Controls REST API has been updated to provide more control of cultures and to enable specifying an instance name if required when deploying patches.
- Windows Server 2012 and Windows Server 2012 R2 clients are supported with Microsoft Extended Security Updates (ESU) and an Ivanti ESU – contact your Ivanti supplier.
- Windows Server 2012 and Windows Server 2012 R2 are no longer supported for the console.
- The Ivanti Security Controls Diagnostic Toolkit, which provides utilities to help diagnose your system and provide information to support is now available. See Security Controls Diagnostic Toolkit Release Notes for more information.
- Ivanti Security Controls 2022.2 will soon become the Common Criteria Certified version (certificate pending), replacing V2019.3. As a result, V2019.3 will soon be retired to End of Life and we strongly recommend that you upgrade to the latest Common Criteria Certified version. See Ivanti Security Controls Common Criteria Certified Download for more information.
Known Issues
None.
Removed Features
Feature That Was Removed from 2023.4
The Security Controls console is no longer supported on the following operating systems:
- Windows Server 2012 family
- Windows Server 2012 R2 family
Feature That Was Removed from 2023.2
The Ivanti Scheduler has been removed. The Microsoft Scheduler has been improved to the point that the Ivanti Scheduler was no longer needed.
Feature That Was Removed from 2022.2
Support for Red Hat Enterprise Linux 6 has ended. This is because Red Hat has stopped providing maintenance support for Red Hat Enterprise Linux 6.
Features That Were Removed from 2021.2 Update 1
The following operating systems are no longer supported:
- The Security Controls agent is no longer supported on Windows 8 and CentOS 6 operating systems
- Agentless operations are no longer supported on Windows XP, Windows Server 2003, Windows Vista and Windows 8 operating systems.
Features That Will Be Removed in Future Releases
- The database views are now organized using the Reporting2 namespace. The original Reporting namespace will be removed in a future release and should only be used by legacy queries. All new queries should be created using the Report2.* views. For more information about report views, see the Generating Custom Reports section in the Security Controls help.
- In the REST API, support for servicecredentials requests and the sharewithservice parameter will end in a future release. This capability is contained in the new shared credentials functionality.
- In the REST API, support for the /metadata/vendor Family.products parameter will end in a future release. That capability is being replaced by the Family.productVersions parameter.
Bugs Fixed
2023.4.1 (build 9.6.9275.0, November 2023)
| Problem ID | Title |
|
99021 |
Corrected an issue where running ITScripts crashed the console. |
2023.4 (build 9.6.9271.0, October 2023)
| Problem ID | Title |
|
94501 |
Corrected an issue in the REST API where Patch Deployment completion status could be prematurely set if the patch deployment also triggered via the REST API. |
|
94521 |
Corrected an Agent installation status reporting issue that prevented agents from being registered with isec.ivanticloud.com. |
|
94396 |
Corrected an issue where multiple concurrent download requests for the same file could cause the agent STDownloader process to crash. |
|
94581 |
Corrected a regression that prevented Linux Agents from patching if a patch group containing patches for multiple distributions was specified in the deployment configuration. |
|
94596 |
Corrected an issue that prevented IT Scripts from running against Hosted Virtual Machines in 2023.3. |
|
98514 |
Corrected an issue that prevented new agent registrations 135 days after a certificate renewal period has begun and database maintenance is enabled. |
|
94747 |
Corrected a package version parsing issue that prevented ESXi package install states from being reported correctly. |