What's new in Ivanti® Endpoint Manager and Endpoint Security for Endpoint Manager

Ivanti® Endpoint Manager and Endpoint Security for Endpoint Manager has switched to an annual release schedule. This new schedule consists of a major yearly release, and then ongoing cumulative service updates for that release that may contain new features.

Not all updates in a release require documentation changes. For a complete list of updates, refer to the release's Ivanti Community readme.

Version 2020.1

Version 2020.1 service updates

Service update documentation changes:

  • Service update 1 readme (Ivanti Community)
  • New MDM navigation. Tools > Modern Device Management > MDM Configurations has been redesigned to provide a better MDM experience, making it clear which configurations you need to manage your devices and providing more contextual guidance for each configuration option.
  • APNs wizard. The new APNs wizard simplifies the APNs experience by handling all communications with Ivanti's signing service, so you only need to leave the console interface to interact with Apple's APNs token portal.
  • Activation lock for Apple devices. Enable activation lock to secure your MDM managed iOS, iPadOS, and macOS devices in case they are lost or stolen.
  • Windows MDM deep link enrollment. After clicking an MDM enrollment deep link, device users are taken to the built-in Windows enrollment app where they enter their corporate credentials to enroll.
  • Windows MDM group policy enrollment. Creating a group policy will automatically enroll all devices that are hybrid-joined to Azure AD.
  • New MDM agent settings. New settings payloads have been added to the configuration profile editor for macOS configurations, macOS device configurations, and Windows configurations.
  • Improved Android Enterprise account creation. The new account creation process has improved security by authenticating with the Ivanti licensing identity server. Internet Explorer is no longer required, and you do not have to adjust your browser security settings to complete the process.
  • Patch Automation. A new tool that helps you simplify and automate monthly patch campaigns.
  • Windows 10 reboot notifications. New support for Windows Action Center reboot notifications and custom reboot notification rebranding.
  • Remote control full screen and Alt+Tab passthrough. The HTML 5 remote control viewer now supports these features.

Version 2019.1

  • Initial release readme (Ivanti Community).
  • Agentless remote control. Self-contained remote control agent application for Windows and macOS devices.
  • Standalone remote control viewer. Self-contained remote control viewer application for administrators and helpdesk personnel.
  • Patch impact analysis. Analyze the impact of patches on your environment before you deploy them.
  • Patch definition filtering. Helps you easily define what you want to patch in your environment.
  • CVE to patch. Import a .csv formatted list of CVEs and automatically map them to patch data.
  • Endpoint Security agent settings interface simplification. It's now easier to configure Endpoint Security agent settings.
  • Software distribution Windows action improvements. More supported Windows actions with enhanced reboot and logging support.
  • Core sync security improvements. Core sync now uses certificates and trust relationships between core servers. When upgrading to 2019.1, you must configure these items for core sync to work.
  • Client cache retention customization. You can now customize distribution and patch cache retention for packages and patches. This customization overrides the default global cache retention settings.
  • Privilege management. Integration with the Ivanti Application Control product so you can deploy Application Control configurations using Enpoint Manager.
  • New MDM payloads. New settings payloads have been added to the configuration profile editor for macOS configurations, macOS device configurations, mobile compliance, iOS configurations, tvOS configurations, and Windows configurations.
  • New Apple mobile device commands. Send commands to Apple mobile devices to restart, shutdown, or enable lost mode on a device. These commands can be sent by right-clicking on a device in the inventory or through the diagnostics tool.

Version 2019.1 service updates

Service update documentation changes:

  • Service update 3 readme (Ivanti Community).
  • Android Enterprise fully managed device mode. Android Enterprise fully managed device mode offers extensive control over device policies, settings, and applications for your company owned devices.
  • Android Enterprise kiosk device mode. Kiosk mode is for devices intended for a single use or an extremely limited scope of use. Kiosk mode (also known as dedicated device mode) locks fully managed devices to a single app or set of apps.
  • Wi-Fi settings for mobile Android configurations. When configuring agent settings for Android devices, you can create a Wi-Fi payload to define how devices connect to your network.
  • CrowdStrike security activity view. This new feature helps you identify devices that don't have a CrowdStrike agent installed. In a single place view CrowdStrike agent status and agent details from both CrowdStrike and the Ivanti inventory scanner.
  • Software distribution cloud storage. Store your software distribution packages on Amazon S3 or Azure blob storage for deployment anywhere in the world. Use this alongside or in place of your existing preferred servers.

Version 2018.3

  • Initial release readme (Ivanti Community).
  • Remote Control WS enhancements. You can now use role-based administration, file transfer, and remote file execution with the new remote control engine.
  • Custom variable support for Windows actions. You can now add custom variables that can be used in Windows PowerShell package actions.
  • Improved Endpoint Security agent setting. Simplifies endpoint security configuration. Many of the options in this agent setting can be configured in other agent settings, but this agent setting gathers important options in one place and helps you configure Endpoint Security by following Ivanti's recommended best practices.
  • Patch user feedback. When enabled, this feature installs a special driver on Windows endpoints that monitors file changes and deletions made by patches. Users on endpoints will also have a new "Report broken application" tool that they can use to report problems, helping administrators identify the associated patches and files.
  • Windows Autopilot support. You can now automatically enroll Windows 10 devices in MDM by integrating Azure Active Directory and your MDM server.
  • MSI software distribution for Windows MDM devices. You can now create MSI software distribution packages for MDM managed Windows devices.
  • New packages for distributing the agent to MDM devices. You can now create packages to automatically install the Agent on Windows 10 and macOS devices during MDM enrollment. The same packages can also be used to install the Agent on devices that are already enrolled in MDM.

Version 2018.1

  • Initial release readme (Ivanti Community).
  • Software distribution enhancements. Added maintenance window and do not disturb support. Added email address targeting (based on Computer.LDAP User.Primary Owner.Email) in tasks.
  • Portal Manager enhancements. Now supports full rebranding, including custom fonts, taskbar icon, corporate logo, header background, and application background.
  • Diagnostics tool enhancements. Granular RBA rights support. New reboot, shutdown tools. Can now rename Windows computer names.
  • New HTML5 Web Sockets remote control. Redesigned higher-performing and more secure remote control.
  • Windows CSP support. You can now configure Windows CSPs (Configuration Service Profiles) and deploy them through MDM (Mobile Device Management).