New features and enhancements
These are cumulative feature summaries. If a release does not appear in this section, then there were no associated new features and enhancements.
Product nomenclature: This is cumulative documentation and the product names you encounter in this documentation were accurate at the time of publication. Ivanti updates each new section to reflect evolving product nomenclature, but leaves legacy citations intact to ensure proper frame of reference for the reader.
New edit option for Safari Domains on Windows integrated touch devices: You can now edit Safari Domains information, such as domain name and description, in the Edit VPN Setting window from the Windows UI touch screen. For more information, see "Managing VPN Settings" in the Ivanti EPMM Device Management Guide for your OS.
There are no new Android features for this release.
iOS and macOS features
Increased maximum length of the Service Token field: The Service Token field now accepts tokens of lengths up to 1024 characters. For more information, see: Linking Ivanti EPMM to an Apple licensed account in the Ivanti EPMM Apps@Work Guide, and Importing licensed apps from an Apple licensed account in the Ivanti EPMM Apps@Work Guide.
There are no new Windows features for this release.
- Logs now exported to splunk and syslogs: The /var/log/httpd logs are now exported to the splunk and syslog settings. When an Ivanti EPMM instance is compromised, you can now check the splunk or syslog logs for indicators of compromise (IOC). For more information, see "Export Logs" in Working with logs.
ECDSA X.509 certificates must now be formatted with named curves in all modes: In Federal Information Processing Standards (FIPS) and Common Criteria Mode, only secp256r1 (NIST P-256), secp384r1 (NIST P-384), or secP521r1 (NIST P-521) are allowed. With this release, explicitly-defined Elliptic Curve Digital Signature Algorithm (ECDSA) curves certificates cannot be used to represent local certificate authority (CA) certificates. For more information about supported cypher suites, see Advanced: Incoming SSL Configuration or Advanced: Outgoing SSL Configuration.
Certificate pinning options now available from Certificate Mgmt page: You can now enable certificate pinning for in-app registration of iOS and Android devices from the System Manager > Security > Certificate Mgmt page. There, you can add certificates, generate a pinning request, and upload your pinning statement. For information about enabling and configuring certificate pinning, see Cert pinning for in-app registrations for iOS and Android devices.