New features summary
These are cumulative release notes. If a release does not appear in this section, then there were no associated new features and enhancements.
Ivanti Neurons for MDM 117 - New features summary
General features and enhancements
-
Secure Multiuser WebClip Authentication : Ivanti Neurons MDM now supports secure multiuser sign-in for iOS Web Clips using Azure AD, Okta, and local users. Devices automatically enforce re-authentication and reassignment after logout, ensuring secure access in shared environments.
-
Updated App Catalog Configuration Behavior: The updated functionality ensures that when an app is searched for in Apps@Work, it will not appear if the Do not show app in end user App Catalog option is enabled in the app's iOS configuration.
iOS, macOS, watchOS, visionOS, and tvOS features
- macOS 15.4+ Device Attestation for Platform SSO: A new field Allow Device Identifier Attestation has been added under the Extensible SSO configuration in the platform SSO section for macOS 15.4 and later.
For more information, see Single Sign-On Configuration.
-
Fully Qualified Domain Names (FQDNs) for Relays: In the Network Relay configuration, the Match FQDNs and Exclude FQDNs keys are added, and these two keys are supported on iOS 18.4+ and macOS 15.4+ devices.
For more information, see Network Relay Configuration.
-
Passkeys support for DEP registration: On macOS15+ devices, iDP users can now login using Passkeys during Automated Device Enrollment.
For more information, see Device Enrollment.
-
Predicate Validation in Admin Console: A new Test option and STATUS field have been added to validate predicate syntax. Admins can now verify predicate expressions for iOS and macOS configurations before deployment, helping prevent failures and detect syntax errors early.
For more information, see Deploying Apple Devices.
- iPad Battery Health Status: From iPadOS 18.4 onward, Battery Health status channel reporting is supported and must be enabled.
-
Support for iOS App Installation on tvOS Devices : Admin can now install compatible iOS apps on devices running tvOS. Please ensure that the app developer has explicitly enabled support for tvOS, as installation will fail for apps not marked as compatible.
Supported App Types:-
In-house apps
-
Volume Purchase Program (VPP) apps
Public App Store apps are not supported at this time.
You must select Require installation on device in the Install on Device configuration.
-
Mobile Threat Defense features
Mobile Threat Defense (MTD) protects managed devices from mobile threats and vulnerabilities affecting device, network, and applications. For information on MTD-related features, as applicable for the current release, see the Mobile Threat Defense Solution Guide for your platform, available under the MOBILE THREAT DEFENSE section on the Ivanti Product Documentation page.
Each version of the MTD guide contains all Mobile Threat Defense features that are currently fully tested and available for use on both server and client environments. Because of the gap between server and client releases, new versions of the MTD guide are made available with the final release in the series when the features are fully functional.
Ivanti Neurons for MDM 116 - New features summary
General features and enhancements
-
Automatic Certificate Reissuance: Changes to the identity certificate (IDG) policy will now automatically revoke and reissue certificates, removing the manual revocation option. The Clear cached certificates and issue new ones with recent updates option has been removed, ensuring a seamless and secure process. This update eliminates orphaned certificates, enhances security by preventing indefinite storage of private keys, and simplifies certificate management.
For more information, see Identity Certificate.
Android features
-
5G Enhanced Network Slicing: 5G Network Slicing, which uses network virtualization to divide a single connection into multiple virtual ones, allocating resources based on traffic types is now supported on Android 13+ devices. For more information, see Enhanced 5G Network Slicing Configuration.
iOS, macOS, watchOS, visionOS, and tvOS features
- Skip Software Update and Skip Safety and Handling: Support for Skip Software Update pane is extended to macOS 14+ devices, and support for Skip Safety and Handling pane is added from iOS 18.4+ version. For more information, see Device Enrollment.
- Beta Management in Software Update Setting Configuration: Software Update Setting Configuration now supports Beta Management on iOS 18 and macOS 15 devices. For more information, see Software Update Settings Configuration.
Windows features
- eSIM Configuration: eSIM Configuration is now supported on Windows 11 devices. For more information, see eSIM Configuration.
- Bulk Enrollment User support: Bulk Enrollment for Users is now supported on Windows devices.
Mobile Threat Defense features
Mobile Threat Defense (MTD) protects managed devices from mobile threats and vulnerabilities affecting device, network, and applications. For information on MTD-related features, as applicable for the current release, see the Mobile Threat Defense Solution Guide for your platform, available under the MOBILE THREAT DEFENSE section on the Ivanti Product Documentation page.
Each version of the MTD guide contains all Mobile Threat Defense features that are currently fully tested and available for use on both server and client environments. Because of the gap between server and client releases, new versions of the MTD guide are made available with the final release in the series when the features are fully functional.
Ivanti Neurons for MDM 114 - New features summary
General features and enhancements
-
MSI Product Code Warning: Admins with the System Management role in Ivanti Neurons for MDM can now assign custom roles to others. This ensures that role management continues even if super admins are unavailable, giving System Management admins authority similar to super admins and reducing delays.
-
Enhanced Rule and Account Groups Limit: Limits have been established for rule and account group evaluations, capping them at 100 rules. This can resolve issues caused by large rule sets, prevent object mapper failures, and improve elastic search performance.
Android features
-
Auto Cleanup Improvements: In the Work Profile on Company Owned Device mode, Auto Cleanup is now supported for Retire the Retire Pending Device and Retire Device actions. For more information, see Device Cleanup Settings.
-
Speed based control for Kiosk devices: The Driver Safety option is now available to ensure the apps are enabled / disabled depending on the speed limit. For more information, see Lockdown & Kiosk: Android Enterprise.
-
Improved Lost Mode: The Lost Mode functionality has been improved to disable certain actions and options, thereby enhancing security and streamlining the user experience when a device is in lost mode. For more information, see Managing Android devices in lost mode.
iOS, macOS, watchOS, visionOS, and tvOS features
-
Agentless Script execution: Ivanti Neurons for MDM -managed background tasks have been added to macOS 15, enabling secure deployment of executables, scripts, and configuration files in a tamper-resistant location. With Declarative Management support, scripts can be executed without an agent, either once or on a scheduled daily or weekly basis, streamlining persistent service management.
-
Simplified Service Discovery for ADDE: Starting with iOS 18.2, macOS 15.2, and Vision OS 2.2, Apple allows organizations to set an alternate Ivanti Neurons for MDM discovery destination if the default HTTP resource is unavailable. For more information, see Account-driven Enrollment.
-
Support for new restrictions on iOS 18.3 and macOS 15.3 devices: Ivanti Neurons for MDM now restricts external intelligence sign-in using allowedExternalIntelligenceWorkspaceIDs, disable transcription summarization in Notes with allowNotesTranscriptionSummary, and use allowVisualIntelligenceSummary to control whether Apple’s Visual Intelligence can generate summaries from images or visual content. For more information, see iOS Restrictions and macOS Restrictions
-
Set Default Browser configuration: The newly added Set Default Browser configuration changes the settings of default apps on iOS and visionOS devices. For more information, see Default Browser Configuration - iOS and visionOS.
-
macOS- Login Window Configuration: Administrators can now customize the login window behavior in macOS devices. For more information, see Login Window Configuration - macOS.
Windows features
-
ADMX template updates: Win11 2024 has been updated for GPO configurations.
Mobile Threat Defense features
Mobile Threat Defense (MTD) protects managed devices from mobile threats and vulnerabilities affecting device, network, and applications. For information on MTD-related features, as applicable for the current release, see the Mobile Threat Defense Solution Guide for your platform, available under the MOBILE THREAT DEFENSE section on the Ivanti Product Documentation page.
Each version of the MTD guide contains all Mobile Threat Defense features that are currently fully tested and available for use on both server and client environments. Because of the gap between server and client releases, new versions of the MTD guide are made available with the final release in the series when the features are fully functional.