New features summary

These are cumulative release notes. If a release does not appear in this section, then there were no associated new features and enhancements.

Product nomenclature: This is cumulative documentation and the product names you encounter in this documentation were accurate at the time of publication. Ivanti updates each new section to reflect evolving product nomenclature, but leaves legacy citations intact to ensure proper frame of reference for the reader.

  • Branding-related updates in Ivanti [email protected] for iOS: Ivanti [email protected] for iOS is now re-branded to Ivanti [email protected] for iOS. The following updates were made:

    • Notifications were updated

    • Brand logo was updated in Settings >Troubleshoot

    • Icons were updated

    • My Devices tab was updated

    • References to the product name in the text were updated

    • References to the product name in messages were updated

  • Local notification prompts appear when the application is terminated: If the device user terminates the [email protected] application, administrator can set the application to do one of the following:
    • To display the default notification - Ensure that device users stay connected with the App to keep their device secured by setting the following values in the Managed App configuration in Ivanti EPMM.

      • Key - enableAppTerminationNotification

      • Value - 0 or 1

      • Type - Boolean

    • To display a custom notification - Add the following Key to the Managed App configuration:

      • Key - appTerminationNotificationMessage (The key is ignored if enableAppTerminationNotification is absent or has a value of 0.)

      • Value - Custom notification

      • Type - String

    For more information, see "Configuring the plist setting to take precedence over the iOS managed app configuration setting in the Ivanti EPMM [email protected] Guide.

  • View the privacy statement from the Home screen: Previously, the Privacy page was available from Settings > Privacy. Starting from this release, device users can view the Privacy page from the Home screen. Additionally, a new section "Your Privacy" has been added to the Home page. Tap "Learn More" to navigate to the Privacy page.

  • [email protected] available from [email protected] for iOS: Starting from [email protected] 12.11.80, you can transition to [email protected] native experience from the [email protected] application. The [email protected] native appstore is deployed automatically with the client.
    • For newly created tenants, no action is required from the administrator. The [email protected] tab is displayed on the client task bar and device users can view and install their company-approved apps from [email protected]
    • For newly created tenants, the administrator can distribute the [email protected] Webclip configuration to iOS devices.

  • Device compliance data sent to single/multiple Microsoft Office 365 GCCH/DoD tenants: Device compliance status can now be sent to GCCH and DoD Tenants.

  • Device status is Compliant / Not Compliant: The Home screen now displays a card giving the status of device's compliance. If the device is not connected and the local compliance is not compliant, then "Device not in compliance" will display. Tapping the card opens to the Status Info page giving an explanation of why the device is not in compliance. If compliant, then "Device in Compliance" displays. A time stamp records the last device check in.

  • Check for updates: Device user can pull the main screen to check for updates from the Ivanti EPMM server.

  • Extensible Single Sign-On (SSO) configuration to manage Pasteboard Permission pop-up: The Pasteboard Permission feature in iOS 16+ devices displays a notification banner or a pop-up asking the user permission before accessing the pasteboard content from another application. When an AppConnect application is launched, a pasteboard banner or pop-up appears.

    The Extensible Single Sign-On configuration from the Core server lets you enable or suppress the banner or pop-ups from appearing on iOS client and AppConnect applications. The AppConnect applications that do not support the Extensible Single Sign-on configuration will continue to use the pasteboard feature and display the banner or pop-up.

    The server pushes the Extensible Single Sign-On configuration after the MDM profile is installed. During this interval of a few minutes, the SSO Extension does not work.

    The pasteboard banner or pop-up will continue to appear on iOS 16+ devices in the following scenarios:

    • If the device user performs copy or paste.

    • While generating the AppConnect application logs (since the transmission of log files takes place through pasteboard).

    • If [email protected] or any AppConnect application does not support the Extensible Single Sign-on configuration.

  • Send device compliance data to multiple Microsoft Office 365 tenants: Administrator can configure device compliance data to be sent to multiple (up to 36) Microsoft Office 365 tenants in Standard environment.

  • AAD re-registration screen removed: Upon AAD Password change/reset, the AAD re-registration screen will not display.

  • Support for device compliance on branded clients: [email protected] now supports AAD Compliance for branded clients.

General features and enhancements

  • In-App Notification: [email protected] now allows the device user to see deep links associated with in-app notifications. Web URLs open the corresponding page in the user device's default browser; app deep links open the corresponding app; multiple links can be opened from one notification.

  • Dynamic Privacy Policy presentation: When a device user is registering their device via iReg or with in-app registration, the privacy policy will display. The privacy policy is dynamic based on the enrollment type.

  • Azure Active Directory Support: For migrated iOS [email protected] devices, Azure Active Directory is supported.

  • BLE support for FIDO users: FIDO users can now unlock their desktop on [email protected] for iOS using BLE technology in offline mode.

General features and enhancements

  • Client receives executable Enable/Disable Enhanced logging command: This new feature is the client side of the Remote Enhanced Logging feature. The device user can allow or disallow the remotely activated Enhanced Logging for the given device.
  • Certificate Pinning - Registration Time: This new feature for certificate pinning provides a warning to the device user if the pinning fails: "You are not able to register at this time, please contact your administrator."
  • Support for new languages: The Hungarian and Swedish languages are now supported.
  • Improvement for administrator-required reporting: In this improvement, device users will receive in-app notifications of administrator requirements to register for Azure Active Directory (AAD) device compliance reporting. By clicking on the push notification, the device user is automatically taken to the correct in-app settings.

Mobile Threat Defense (MTD) features and enhancements

Mobile Threat Defense (MTD) protects managed devices from mobile threats and vulnerabilities affecting device, network, and applications. For information on MTD-related features, as applicable for the current release, see the Mobile Threat Defense Solution Guide for your platform, available under the MOBILE THREAT DEFENSE section on the Ivanti Product Documentation page.

Each version of the MTD guide contains all Mobile Threat Defense features that are currently fully tested and available for use on both server and client environments. Because of the gap between server and client releases, new versions of the MTD guide are made available with the final release in the series when the features are fully functional.