Management and Security powered by Landesk

What's new in Ivanti® Endpoint Manager and Endpoint Security, powered by Landesk 2017.1

Antivirus removal from the Mac agent configuration. When altering the Mac configuration agent, you can prevent the antivirus component from being installed on Mac devices as part of the configuration agent. Previously, you could only disable the installation of the antivirus, though it would still be included as part of the configuration agent file. By disabling antivirus from the console, this removes the entire antivirus component from the configuration agent.

Windows Wi-Fi payload support. Deliver Wi-Fi credentials directly to Windows smart devices. This functionality uses the same Mobile Connectivity dialog settings for payloads to iOS, Android, and Windows devices alike.

Windows SCEP for iOS. Dynamically provision certificates as devices request them. By connecting to an existing SCEP server, you effectively protect Wi-Fi payloads. When connected to a SCEP server, Ivanti® Endpoint Manager and Endpoint Security, powered by Landesk communicates with it through the CSA. The SCEP server should make any certificate requests to a certificate authority, which publishes the certificate to an access point. The certificate is then distributed on a device-by-device basis.

Mac standalone remote control agent. Allow users to access and download the agent from the CSA, which they then simply connect to the server. The agent appears on an administrator page, which allows you to initiate a remote control session. After the session is complete, the device user can simply delete the file.

Credential manager. New centralized tool for managing Endpoint Manager and Security credentials.

What's new in Ivanti® Endpoint Manager and Endpoint Security, powered by Landesk 2016.3 SU3

Windows 10 MDM support. Enroll both desktop and mobile devices using the Windows 10 operating system with Mobility Manager. Devices enrolled in this feature are treated as mobile devices, which means you can deploy mobile app packages, sync devices, and perform wipes.

Identity Server. Identity Server is a Secure Token Service that delivers OAuth2 and OpenID Connect tokens. It acts as a login authorization service that replaces the logon policy for BridgeIT. Using this service, you can utilize single sign in and federated authentication. For new installations, this feature is already activated. However, for upgraded systems, you'll need to configure this manually from the Configuration Center.

What's new in Ivanti® Endpoint Manager and Endpoint Security, powered by Landesk 2016.3

Apple Device Enrollment Program (DEP). Use Apple DEP to automatically enroll and install specific applications to new devices purchased through the Apple Store. Upon arrival, these devices are already part of your inventory and usable immediately.

Apple Volume Purchasing Program (VPP). Distribute and retrieve software licenses through Apple IDs enrolled in the Volume Purchasing Program. By enabling VPP with Ivanti® Endpoint Manager powered by Landesk, administrators can view available licenses associated with their corporate Apple account and specify where each license goes.

Managing iMacs and Macbooks as mobile devices. Mac device management is possible through Mobility Manager with the installation of an MDM Enroller app. These devices are then handled as mobile devices, and use the same packages for deploying software and other policy settings.

Android for Work. Handle bring-your-own-device (BYOD) with Android for Work, which applies specific policies to work-related apps without interfering with the device owner's existing privileges.

Standard, Profile Owner, and Device Owner restrictions. Device restrictions are handled depending on the level of control desired for a device. Standard restrictions are applied throughout a device, typically for corporate-owned devices. Profile Owner restrictions protect work-related functions for devices enrolled with Android for Work. Device Owner restrictions handle enabling and disabling global access to device features like cameras, factory resets, and uninstalling apps.

What's new in Ivanti® Endpoint Manager and Endpoint Security, powered by Landesk 2016.1

Mobile Device Management (MDM) integration: Use the management console’s MDM capabilities to create and apply policies and packages to the appropriate mobile-device platforms.

Security administrator workspace: Bridge the security/IT operations gap with a workspace that’s designed to identify the state of endpoint security and take action by applying a patching process.

Roll-out projects tool: Automate staged roll-out projects to progress from smaller pilot groups to widespread enterprise distributions—perfect for maintaining Windows 10.

Enterprise Mac & Chromebook platform management: Endpoint Manager 10 extends Mac and Chromebook management through the enterprise and includes patching for Linux.

New release for Mobile Security Suite: Apply new mobile-device security features, such as app wrapping and secure email, along-side the new MDM capabilities in Endpoint Manager.

Simplified provisioning and distributions: Endpoint Manager 2017 helps simplify complex provisioning and software distributions by providing flexible templates, conditional actions, and simplified workflows.

Xtraction enablement: Use Ivanti Xtraction to leverage management and security data with quick executive views. Xtraction provides IT data enabled for add-on Xtraction dashboards. These business value dashboards can be created in a brief timeframe and are ideal for executives among others to see and modify views into multiple sets of IT and business data.

Management console dashboards: You’ll find 100+ workspace-like charts and graphs inside the console, which is the same visual data shared in the Ivanti workspaces. Three of the 4 dashboards are security focused—one for patch, one for a comprehensive set of security data (AV, app control, etc.), and one for a subset of security, focused on security posture.

Discovery for rogue devices and lost assets: Endpoint Manager 2017 automates the subnet-representative election process to reduce administrative overhead for passive discovery on each subnet.

Simplified advanced endpoint security: This version of Endpoint Manager includes a large content database of trusted files and applications to improve workflows for application control, whitelisting, and blacklisting. Application control is simplified with file-reputation security updates.