What's New

Build: 30859

  • Single Stack IPV6 connection: Ivanti Secure Access Client now supports Single Stack IPv6 tunnel connections. It supports connecting to an ICS configured with a Single Stack IPv6 tunnel Connection Profile for ISAC 22.7.4 Windows endpoints only.

  • Search device DNS only for IPv6: When the Search device DNS only option is selected, DNS on the end user's system is replaced with device DNS. This option is recommended to avoid ISP's DNS hijacking. This feature was previously supported for IPv4, now it is enhanced to IPv6 Windows endpoints only.

  • Bypass client proxy settings: This feature allows the administrator to bypass the client proxy settings in certain conditions using Advanced client configuration.

  • FQDN Support for Lockdown Exceptions: This feature allows admins to block or allows FQDN hostnames based lockdown exception. This feature is supported on macOS and for IPv4 resources only. This feature is already available on Windows.

  • Support for Windows 11 24H2: Ivanti Secure Access Client is now supported with Windows 11 24H2.

  • Support for macOS15 sequoia: Ivanti Secure Access Client is now supported with macOS15 sequoia.
  • Support for RHEL 9: Ivanti Secure Access Client is now supported with RHEL 9.

Build: 30227

  • Support for macOS15 sequoia: Ivanti Secure Access Client is now supported with macOS15 sequoia.
  • FQDN Support for Lockdown Exceptions: This feature allows admins to block or allows FQDN hostnames based lockdown exception. This feature is supported on Windows and for IPv4 resources only.
  • Support on Windows Server version 2022: Ivanti Secure Access Client now supports Windows Server version 2022.
  • Support for M3 chip based macOS: Ivanti Secure Access Client is now supported on M3 chip based macOS.

Build: 29103

  • Embedded browser DNS resolution when TTL is minimal: For macOS, this feature ensures that embedded browser and client application gets same IP for the gateway and communicate FQDN to same gateway server.To enable this feature, on installing the , run the following command: defaults write net.pulsesecure.Pulse-Secure.plist EnableGWDnsCacheResponse-bool true.
  • FQDN Split Tunneling with Traffic Enforcement: This feature enables strict enforcement of traffic routes using FQDN split-tunneling rules configured in the Ivanti Connect Secure.
  • Split DNS parity for nZTA gateways: On windows, this feature enables the DNS requests corresponding to a specific list of domains, sent to specific list of DNS servers through the corresponding virtual adapters.Ensure that the ZTA gateway DNS server do not conflict with DNS servers of the virtual or physical adapter.
  • Display last login details: ISAC now displays the details of the last successful login. Under the Advanced Details tab in Connection Details, you can find the following three values related to the Last Login:
    • Last Login Time (Time and Date)
    • Last Login Device (hostname/FQDN) This field is not available for browser login
    • Last Login Agent Type (OS details)
  • Default enabling of DNS caching: On windows, this feature enables DNS caching of VPN Gateway FQDN for SAML based embedded browser by default. For more information, refer Admin Guide.

Build: 29163

No new features introduced in this release.

Build: 28369

  • Select Session Command: The CLI provides an option to connect or cancel new sessions.
    CLI format: pulselauncher.exe -sessionselection <connect|cancel> -url <url_of_server> -u<username> -p <password> -r <realm>
    • sessionselection connect: Terminates the previous session and establishes a new session. When the maximum concurrent sessions are reached, the first session in the existing sessions will be terminated.
    • sessionselection cancel : Maintains the previous session without establishing a new session. It is equivalent to not utilizing the sessionselection parameter.
  • Support re-sizing of embedded browser: This feature allows the user to set the default size of the embedded browser as small or large.
  • Configurable MTU Size: This feature allows administrators to configure the MTU size on the gateway. The default value is set to 1400, the values can range from 576 to 1500.

Build 27593

No new features introduced in this release.

Build 26825

  • EdgeWebView2 support for nZTA: EdgewebView2 is used as the embedded browser on nZTA connections for SAML authentication and End-user portal.Single Sign-On for the nZTA connections (using the same Idp as windows), enhances end-user experience.
  • Network Manager support on Debian Linux Client: Network Manager is supported on ISAC clients running on Linux OS.This feature uses Network manager service to set DNS server and domains without modifying the configuration file.
  • Support on Windows 11 23H2: Ivanti Secure Access Client now supports Windows 11 Windows 23H2 (OS Build 22631.2506)
  • Support on macOS 14 Sonoma: Ivanti Secure Access Client now supports macOS 14 Sonoma.

Build 26249

No new features introduced in this release.

Build 25375

  • End User Portal Auto launch Suppression : This feature provides an option for admin to control the auto launch of the End User Portal.On nZTA controller configure the option under Managed Devices --> Global Device Preferences --> Application control.
  • Enhanced Host checker validation: This feature provides an option for admin to enable enhanced host checker validation for an ISAC connection.

Build 20175

No new features introduced in this release.

Build 19959

No new features introduced in this release.

Build 19787

No new features introduced in this release.

Build 18209

  • Support on Windows 11 22H2: Ivanti Secure Access Client now supports Windows 11 22H2
  • Support on Windows 10 22H2: Ivanti Secure Access Client now supports Windows 10 22H2
  • Support on macOS 13 Ventura: Ivanti Secure Access Client now supports macOS 13 Ventura.
  • Support on Ubuntu 22.04: Ivanti Secure Access Client now supports Ubuntu 22.04.
  • Embedded browser DNS resolution when TTL is minimal: This feature ensures that embedded browser and client application gets same IP for the gateway and communicate FQDN to same gateway server.

Build 1295

  • Edge as External Browser: Ivanti Secure Access Client uses Microsoft Edge as external browser by default on all Windows platforms.
  • FIDO2 Password less Support: Ivanti Secure Access Client uses Microsoft Edge WebView2 based Embedded browser, on all Windows platforms, for Captive portal, SAML, Custom sign-in, and SAML Single Logout (SLO). The embedded browser also supports FIDO2 passwordless Authentication. Ivanti recommends downloading the Evergreen Bootstrapper software and run it on the endpoints. Software Download available at: https://developer.microsoft.com/en-us/microsoft-edge/webview2/#download-section.
  • PSAL Browser Extension: This feature allows communication through browser extension instead of PSAL custom protocol. The browser extension allows to communicate to native host application installed on the client machine. The combination of native host application with the browser extension serves as the Pulse Secure Application Launcher (PSAL).
  • Replace OpenSSL FIPS module with wolfEngine/wolfSSL: OpenSSL FIPS module is now replaced with wolfSSL through wolfEngine. This feature allows single client installer for FIPS and non-FIPS users.
  • Debian 11 qualification: Ivanti Secure Access Client is qualified on Debian 11 platform.
  • Ivanti Secure Access Client upgrade through browser: This feature allows administrators to control role level auto upgrade of Ivanti Secure Access Client on browsers.