Management and Security

What's new in Ivanti® Endpoint Manager and Endpoint Security for Endpoint Manager 2019.1

  • Agentless remote control. Self-contained remote control agent application for Windows and macOS devices.
  • Standalone remote control viewer. Self-contained remote control viewer application for administrators and helpdesk personnel.
  • Patch impact analysis. Analyze the impact of patches on your environment before you deploy them.
  • Patch definition filtering. Helps you easily define what you want to patch in your environment.
  • CVE to patch. Import a .csv formatted list of CVEs and automatically map them to patch data.
  • Endpoint Security agent settings interface simplification. It's now easier to configure Endpoint Security agent settings.
  • Software distribution Windows action improvements. More supported Windows actions with enhanced reboot and logging support.
  • Core sync security improvements. Core sync now uses certificates and trust relationships between core servers. When upgrading to 2019.1, you must configure these items for core sync to work.
  • Client cache retention customization. You can now customize distribution and patch cache retention for packages and patches. This customization overrides the default global cache retention settings.
  • Privilege management. Integration with the Ivanti Application Control product so you can deploy Application Control configurations using Enpoint Manager.
  • New MDM payloads. New settings payloads have been added to the configuration profile editor for macOS configurations, macOS device configurations, mobile compliance, iOS configurations, tvOS configurations, and Windows configurations.
  • New Apple mobile device commands. Send commands to Apple mobile devices to restart, shutdown, or enable lost mode on a device. These commands can be sent by right-clicking on a device in the inventory or through the diagnostics tool.


What's new in Ivanti® Endpoint Manager and Endpoint Security for Endpoint Manager 2018.3

  • Remote Control WS enhancements. You can now use role-based administration, file transfer, and remote file execution with the new remote control engine.
  • Custom variable support for Windows actions. You can now add custom variables that can be used in Windows PowerShell package actions.
  • Improved Endpoint Security agent setting. Simplifies endpoint security configuration. Many of the options in this agent setting can be configured in other agent settings, but this agent setting gathers important options in one place and helps you configure Endpoint Security by following Ivanti's recommended best practices.
  • Patch user feedback. When enabled, this feature installs a special driver on Windows endpoints that monitors file changes and deletions made by patches. Users on endpoints will also have a new "Report broken application" tool that they can use to report problems, helping administrators identify the associated patches and files.
  • Windows Autopilot support. You can now automatically enroll Windows 10 devices in MDM by integrating Azure Active Directory and your MDM server.
  • MSI software distribution for Windows MDM devices. You can now create MSI software distribution packages for MDM managed Windows devices.
  • New packages for distributing the agent to MDM devices. You can now create packages to automatically install the Agent on Windows 10 and macOS devices during MDM enrollment. The same packages can also be used to install the Agent on devices that are already enrolled in MDM.

What's new in Ivanti® Endpoint Manager and Endpoint Security for Endpoint Manager 2018.1

  • Network mapping. Once configured, the new network map view visually helps you understand your company's network.
  • Software distribution enhancements. Added maintenance window and do not disturb support. Added email address targeting (based on Computer.LDAP User.Primary Owner.Email) in tasks.
  • Portal Manager enhancements. Now supports full rebranding, including custom fonts, taskbar icon, corporate logo, header background, and application background.
  • Diagnostics tool enhancements. Granular RBA rights support. New reboot, shutdown tools. Can now rename Windows computer names.
  • New HTML5 Web Sockets remote control. Redesigned higher-performing and more secure remote control.
  • Windows CSP support. You can now configure Windows CSPs (Configuration Service Profiles) and deploy them through MDM (Mobile Device Management).

What's new in Ivanti® Endpoint Manager and Endpoint Security for Endpoint Manager 2017.3

  • Agentless scanner vulnerability assessment. The agentless scanner can now do both inventory and vulnerability scans. The scanner also can detect VMWare ESX devices, with guest to host mapping and virtual machine inventory miniscans.
  • Enhanced Portal Manager. The end-user Portal Manager interface has been improved and it now supports favorites, search, and screenshots.
  • Software distribution content packages. This new package type makes it easier to create generic package templates that others can reuse.
  • New alerting interface. Alerting has been migrated to agent settings.
  • Ivanti InstllEase for Mac OS and Windows. The InstallEase snapshot package builder has been added to Endpoint Manager. The Windows version creates .msi packages and the Mac version creates .dmg packages.
  • Mobility MDM enrollers now support custom EULAs. You can provide your own EULA that users must agree to before enrolling.
  • Enhanced configuration profiles for Apple devices. Profile support added/improved for Mac OS, tvOS, iOS.
  • Apple device SCEP and S/MIME support. You can now configure profiles that enable SCEP (Simple Certificate Enrollment Protocol) and S/MIME (Secure/Multipurpose Internet Mail Extensions).

What's new in Ivanti® Endpoint Manager and Endpoint Security for Endpoint Manager 2017.1

Antivirus removal from the Mac agent configuration. When altering the Mac configuration agent, you can prevent the antivirus component from being installed on Mac devices as part of the configuration agent. Previously, you could only disable the installation of the antivirus, though it would still be included as part of the configuration agent file. By disabling antivirus from the console, this removes the entire antivirus component from the configuration agent.

Windows Wi-Fi payload support. Deliver Wi-Fi credentials directly to Windows smart devices. This functionality uses the same Mobile Connectivity dialog settings for payloads to iOS, Android, and Windows devices alike.

Windows SCEP for iOS. Dynamically provision certificates as devices request them. By connecting to an existing SCEP server, you effectively protect Wi-Fi payloads. When connected to a SCEP server, Ivanti® Endpoint Manager and Endpoint Security for Endpoint Manager communicates with it through the CSA. The SCEP server should make any certificate requests to a certificate authority, which publishes the certificate to an access point. The certificate is then distributed on a device-by-device basis.

Mac standalone remote control agent. Allow users to access and download the agent from the CSA, which they then simply connect to the server. The agent appears on an administrator page, which allows you to initiate a remote control session. After the session is complete, the device user can simply delete the file.

Credential manager. New centralized tool for managing Endpoint Manager and Security credentials.

Was this article useful?    

The topic was:



Not what I expected