New features summary

Automatic Certificate Reissuance: Changes to the identity certificate (IDG) policy will now automatically revoke and reissue certificates, removing the manual revocation option. The Clear cached certificates and issue new ones with recent updates option has been removed, ensuring a seamless and secure process. This update eliminates orphaned certificates, enhances security by preventing indefinite storage of private keys, and simplifies certificate management.
For more information, see Identity Certificate.

5G Enhanced Network Slicing: 5G Network Slicing, which uses network virtualization to divide a single connection into multiple virtual ones, allocating resources based on traffic types is now supported on Android 13+ devices. For more information, see Enhanced 5G Network Slicing Configuration.

MSI Product Code Warning: Admins with the System Management role in Ivanti Neurons for MDM can now assign custom roles to others. This ensures that role management continues even if super admins are unavailable, giving System Management admins authority similar to super admins and reducing delays.

Enhanced Rule and Account Groups Limit: Limits have been established for rule and account group evaluations, capping them at 100 rules. This can resolve issues caused by large rule sets, prevent object mapper failures, and improve elastic search performance.

Auto Cleanup Improvements: In the Work Profile on Company Owned Device mode, Auto Cleanup is now supported for Retire the Retire Pending Device and Retire Device actions. For more information, see Device Cleanup Settings.

Speed based control for Kiosk devices: The Driver Safety option is now available to ensure the apps are enabled / disabled depending on the speed limit. For more information, see Lockdown & Kiosk: Android Enterprise.

Improved Lost Mode: The Lost Mode functionality has been improved to disable certain actions and options, thereby enhancing security and streamlining the user experience when a device is in lost mode. For more information, see Managing Android devices in lost mode.

Agentless Script execution: Ivanti Neurons for MDM -managed background tasks have been added to macOS 15, enabling secure deployment of executables, scripts, and configuration files in a tamper-resistant location. With Declarative Management support, scripts can be executed without an agent, either once or on a scheduled daily or weekly basis, streamlining persistent service management.

Simplified Service Discovery for ADDE: Starting with iOS 18.2, macOS 15.2, and Vision OS 2.2, Apple allows organizations to set an alternate Ivanti Neurons for MDM discovery destination if the default HTTP resource is unavailable. For more information, see Account-driven Enrollment.

Support for new restrictions on iOS 18.3 and macOS 15.3 devices: Ivanti Neurons for MDM now restricts external intelligence sign-in using allowedExternalIntelligenceWorkspaceIDs, disable transcription summarization in Notes with allowNotesTranscriptionSummary, and use allowVisualIntelligenceSummary to control whether Apple’s Visual Intelligence can generate summaries from images or visual content. For more information, see iOS Restrictions and macOS Restrictions

Set Default Browser configuration: The newly added Set Default Browser configuration changes the settings of default apps on iOS and visionOS devices. For more information, see Default Browser Configuration - iOS and visionOS.

macOS- Login Window Configuration: Administrators can now customize the login window behavior in macOS devices. For more information, see Login Window Configuration - macOS.

ADMX template updates: Win11 2024 has been updated for GPO configurations.

Standardized Date and Time format: The Date and Time format has been standardized throughout Ivanti Neurons for MDMusing ISO 8601.

New map provider for Admin and Self-Service portals: For the Admin and Self-Service portals, the map provider is changed from MapQuest to Google Maps.

Landing Page improvements: The Ivanti Neurons for MDM landing page has been improved to enhance the user experience, and to make it consistent with other Ivanti products.

Improved number for manual and scheduled reports: Previously, you could create a total of 5 (manual and scheduled) reports only. You can now create 5 manual and 5 scheduled reports each.

Enhanced Lost Mode: The Lost Mode functionality has been improved to disable certain actions and options, thereby enhancing security and streamlining the user experience when a device is in lost mode. For more information, see Managing Android devices in lost mode.

Enhanced Logging: Administrators will now be notified in the event of a device registration failure. This will help identify and understand the reasons behind unsuccessful registrations.

Shared Kiosk Activity details: The administrator can now get more details about the Shared Kiosk Activity within the device report details section.

Kiosk State and Kiosk Type filters: When either of these filters is selected with the "equals to" option, then only the devices in Kiosk mode will be shown in results. Work Managed devices do not appear in the results.

For the following filter combinations (Average established daily sessions, Daily login failures, and Average daily session), the search results will have all the devices or only Kiosk devices.

Support for Lost Mode Preview for Android Devices: This enhancement improves the Lost Mode functionality by enabling a preview of the lost mode for Android devices. If multiple devices are selected, administrators can navigate through the previews using a toggle button.

Webapps in Google iFrame after migration: This feature allows the administrator to enable the replication of Webapps between the Endpoint Manager Mobile (EPMM) and Ivanti Neurons for MDM. Webapps created in Ivanti Neurons for MDM will be replicated to EPMM directly and these can be distributed to the devices. However, to replicate the Webapps created on EPMM to Ivanti Neurons for MDM, contact the support team.

Preserve Data Plan option for Wipe Devices: When wiping a device, the option to Preserve Data Plan is selected by default. For more information, see Wiping a Device.

Management Server Capabilities - DDM: Custom Attributes are now supported in DDM Predicates. For more information, see Deploying Apple Devices.

Updated Ivanti Tunnel (On Demand) Configuration support: New fields EnforceRoutes, ExcludeLocalNetworks, and IncludeAllNetworks are added for VPN configuration in Packet Tunnel. Administrators can now enhance the tunneling of device wide traffic via Sentry. For more information, see VPN On Demand Configuration.

Custom Policy option for Autopilot-Enrolled devices: A new option, "Autopilot Enrolled" is now available when creating a custom policy. For more information, see Custom Policy.

Rate Limit: All Windows devices can now be checked into Ivanti Neurons for MDM only one time per minute.

Non-user registration for new Windows devices: Bulk enrollment is now supported for devices with single user created using the PPKG package. For more information, see Ivanti Bulk Enrollment.

Assign to User for bulk enrolled devices: Bulk enrolled devices can now be assigned to user from the Device Details page. For more information, see Ivanti Bulk Enrollment.