Disabling the nZTA Connection

Ivanti Secure Access Client additionally provides the ability to actively disable the on-demand connection feature. Use of this facility disables the nZTA connection, avoiding the scenario where Ivanti Secure Access Client attempts to repeatedly request authentication even after the user might be unable to authenticate due to too many failed attempts, or where the user just does not require access to any PZTA-controlled resources during that session.

If a user attempts to request a PZTA-controlled resource during the period a nZTA connection is disabled, the request fails. Other Ivanti Secure Access Client connections are unaffected.

For Ivanti Secure Access Client on macOS and Windows, click Disconnect in the Ivanti Secure Access Client connection list context menu. Right-click a nZTA connection profile to see the available options.

For Ivanti Secure Access Client on macOS and Windows, click Disconnect from the System Tray icon. View the sub-menu for the nZTA connection you want to disconnect.

For Ivanti Secure Access Client on macOS and Windows, click Disconnect through the Ivanti Secure Access Client application menu. Open Ivanti Secure Access Client and select the nZTA connection profile. Then click File > Connections > Disconnect.

By setting the nZTA connection to be disconnected, Ivanti Secure Access Client suspends both the control channel and the data channel (where either are active). If the control channel was previously logged-in to the nZTA Controller, this remains the case to facilitate session resumption through a subsequent reconnect.

The disconnect feature is not activated by clicking or tapping Cancel in the nZTA authentication dialog. Canceling an authentication request triggers a timeout interval, after which Ivanti Secure Access Client re-displays the authentication dialog. The disconnect feature instead disables the authentication request process until the user manually reinstates it.

To reinstate the nZTA connection on macOS and Windows devices, use the Launch ZTA option in the Ivanti Secure Access Client system tray menu or tap the ZTA button in the nZTA connection profile in the Ivanti Secure Access Client application.

If the existing session cookie is still valid, the control channel is re-established. If the session is now invalid, Ivanti Secure Access Client prompts the user for their nZTA credentials as normal. On successful re-establishment of the nZTA session, the user is presented with the nZTA End User Portal in the default browser.

When restarting Ivanti Secure Access Client, nZTA connections default to being on-demand services. That is, a previously disabled nZTA connection is re-enabled when Ivanti Secure Access Client starts.