Contact Us
HaloITSM

HaloITSM

HaloITSM is a powerful, scalable ITSM solution with robust security.

Basic Information

  • Model: HaloITSM is a continuously developed IT Service Management (ITSM) and Enterprise Service Management (ESM) software platform.
  • Version: The platform undergoes continuous development, with new feature releases quarterly and beta versions released every two weeks. Specific patch versions are released as needed for security.
  • Release Date: The product has been under continuous development since 1994, leveraging over 25 years of industry expertise.
  • Minimum Requirements: For on-premise server installations, the minimum requirements include Microsoft SQL Server 2019/2022 for the database, Windows Server 2016/2019/2022 as the operating system, a 32-bit (x86) or 64-bit (x64) platform, a 2 GHz or faster dual or quad-core processor, and 8 GB of RAM.
  • Supported Operating Systems:
    • Server: Windows Server 2016, 2019, 2022.
    • Client/Mobile: Windows, macOS, Linux, Apple iOS (10.0 and above, or 12.0 and above for newer versions), Android (Lollipop 5.0 and above, or 10.0 and above for newer versions).
  • Latest Stable Version: HaloITSM is continuously updated with quarterly releases for new features and larger-scale changes.
  • End of Support Date: Not explicitly defined, as HaloITSM provides continuous support for active licenses, offering 24-hour global support.
  • End of Life Date: Not explicitly defined for the platform, given its continuous development and Software-as-a-Service (SaaS) and on-premise deployment models.
  • License Type: HaloITSM offers concurrent licenses, also known as a floating user pricing model, or named licenses. The licensing model is all-inclusive, charging per agent license without additional costs for end-users, approvers, assets, or modular functionality. Licenses typically auto-renew for 12-month durations.
  • Deployment Model: The asset supports both cloud-based deployment, primarily hosted in AWS data centers, and on-premise installation options.

Technical Requirements

  • RAM: A minimum of 8 GB RAM is required for server installations.
  • Processor: A dual or quad-core processor running at 2 GHz or faster is necessary for server installations.
  • Storage: Requires Microsoft SQL Server 2019/2022 for database operations. Specific storage capacity for the application itself is not detailed but scales with database size and usage.
  • Display: Compatible with standard web browsers including Internet Explorer, Microsoft Edge, Chrome, Firefox, and Safari.
  • Ports: Utilizes standard web protocols (HTTPS/TLS) for UI and API communication.
  • Operating System:
    • Server: Windows Server 2016, 2019, 2022.
    • Client: Windows, macOS, Linux, Apple iOS, Android.

Analysis of Technical Requirements: HaloITSM's technical requirements are typical for a modern enterprise-grade web application with a robust database backend. The server specifications are moderate, allowing for deployment on various hardware configurations, while client access is broadly supported across major desktop and mobile operating systems via web browsers and dedicated mobile applications. The flexibility for both cloud and on-premise deployments caters to diverse organizational needs. The emphasis on SQL Server highlights its data-intensive nature, requiring adequate database resources for optimal performance.

Support & Compatibility

  • Latest Version: The platform is subject to continuous updates, with new features released quarterly and beta versions available bi-weekly.
  • OS Support:
    • Server: Windows Server 2016, 2019, 2022.
    • Client: Windows, macOS, Linux, Apple iOS (10.0+ or 12.0+), Android (Lollipop 5.0+ or 10.0+).
  • End of Support Date: Halo Service Solutions provides continuous support for active licenses, including 24-hour global support coverage.
  • Localization: The platform supports multiple languages, including English, Spanish, French, Italian, Welsh, Polish, Dutch, and German.
  • Available Drivers: As a software platform, HaloITSM does not rely on traditional hardware drivers. It offers extensive integration capabilities with over 100 existing integrations and quarterly releases of new integration options, including Microsoft Teams, Azure AD, Azure DevOps, InTune, Slack, SCCM, and PowerShell.

Analysis of Overall Support & Compatibility Status: HaloITSM demonstrates strong support and broad compatibility. Its continuous development model ensures the platform remains current, while extensive OS support for both server and client environments caters to a wide user base. The 24/7 global support and multi-language localization make it highly suitable for international enterprises. The focus on integrations rather than drivers highlights its role as a central service management hub, connecting with numerous third-party systems.

Security Status

  • Security Features: HaloITSM hosts service data in AWS data centers certified with ISO 27001, PCI DSS Service Provider Level 1, Cyber Essentials, and SOC 2 compliance. All communication with the UI and API is encrypted via industry-standard HTTPS/TLS (1.2 or higher), with HTTP Strict Transport Security (HSTS) active. Physical security measures are implemented in AWS data centers, and a risk-based approach to information security is adopted, including regular ISMS monitoring, data encryption, and information classification. The platform has a vulnerability disclosure policy.
  • Known Vulnerabilities:
    • A critical SQL injection vulnerability was discovered and subsequently patched in versions 2.174.94, 2.184.23 (candidate), and 2.186.2 (beta).
    • SAML XML Signature Wrapping (XSW) vulnerability (CVE-2024-6202) affecting versions up to 2.146.1, fixed in versions past 2.146.1 and patches from 2.143.61.
    • Password Reset Poisoning vulnerability affecting versions up to 2.146.1.
    • Template Injection vulnerability affecting versions up to 2.146.1.
    • Stored Cross-Site Scripting (XSS) vulnerability (CVE-2024-6200) affecting versions up to 2.146.1.
    • Improper Input Validation leading to Open Redirect vulnerability in the returnUrl parameter.
  • Blacklist Status: No information regarding a blacklist status is publicly available.
  • Certifications: HaloITSM is ISO 27001, PCI DSS Service Provider Level 1, Cyber Essentials, SOC 2, and GDPR compliant. It also holds CSA Star Level 1 certification.
  • Encryption Support: Supports HTTPS/TLS 1.2 or higher for all network communications. Data and devices are encrypted where possible.
  • Authentication Methods: Supports various authentication methods including Single Sign-On (SSO) with Okta, Microsoft, and Google, as well as Two-Factor Authentication (2FA) via SMS, Email, Hardware, Software, TOTP, and U2F. OAuth 2.0, API keys, and basic authentication are also supported for integrations.
  • General Recommendations: Organizations should apply the latest security patches promptly, conduct regular system audits for signs of exploitation, and implement secure coding practices. Strong authentication measures, including multi-factor authentication, regular security audits, firewall monitoring, and encryption of sensitive data, are recommended.

Analysis on Overall Security Rating: HaloITSM demonstrates a strong foundation in security, evidenced by its numerous certifications (ISO 27001, PCI DSS, SOC 2, GDPR) and adherence to secure infrastructure practices, particularly with AWS hosting. The platform supports robust authentication methods, including comprehensive 2FA and SSO options. However, the recent discovery and patching of critical vulnerabilities, such as SQL injection and SAML XSW, highlight the ongoing need for vigilant security practices, timely updates, and continuous auditing of the codebase. While patches are released, users must ensure their instances are up-to-date to mitigate risks. The vendor's vulnerability disclosure policy is a positive aspect, promoting transparency.

Performance & Benchmarks

  • Benchmark Scores: Specific benchmark scores are not publicly detailed.
  • Real-world Performance Metrics: HaloITSM is built using the REACT framework, contributing to "unparalleled system speed." The performance is highly dependent on the underlying database speed, with recommendations to increase server resources accordingly. The architecture is designed for scalability, with separate application servers hosted on AWS that can scale to meet demand. A blue-green deployment strategy ensures no downtime during system updates.
  • Power Consumption: As a software solution, direct power consumption metrics are not applicable. Cloud deployment leverages shared, optimized data center resources for energy efficiency.
  • Carbon Footprint: Specific carbon footprint data for HaloITSM's operations or its cloud hosting is not publicly disclosed.
  • Comparison with Similar Assets: HaloITSM positions itself as a competitive alternative to "legacy ITSM tools," offering a lower Total Cost of Ownership (TCO). It emphasizes an all-inclusive feature set without module locking, differentiating it from some competitors that use tiered plans.

Analysis of Overall Performance Status: HaloITSM focuses on delivering a fast and scalable user experience through its modern REACT-based architecture and cloud-native design. The use of AWS and a blue-green deployment strategy ensures high availability and minimal disruption during updates. While specific benchmark figures are not provided, the emphasis on efficient database performance and scalable infrastructure suggests a system capable of handling varying workloads. Its competitive positioning highlights a focus on value and comprehensive functionality compared to other ITSM solutions.

User Reviews & Feedback

User reviews and feedback generally highlight HaloITSM's strengths in its intuitive interface and extensive configurability. Users appreciate the low/no-code environment, which simplifies administration and allows for scalability across various departments like HR, Facilities, and Finance for Enterprise Service Management (ESM). The comprehensive feature set, including ITIL alignment, robust CMDB, asset management, and AI capabilities, receives positive mentions. Strong customer support and a structured onboarding process are frequently cited as benefits, contributing to effective implementation. The platform's scalability is also a key strength, accommodating organizations from small to enterprise level. A recurring area for improvement, particularly in recent feedback, relates to the need for continuous vigilance and timely patching concerning security vulnerabilities.

Summary

Halo Service Solutions HaloITSM is a comprehensive and highly configurable IT Service Management (ITSM) and Enterprise Service Management (ESM) platform. Its strengths lie in its modern, intuitive, and low/no-code interface, enabling broad adoption and customization across various organizational departments. The platform offers an extensive feature set, including ITIL V4-aligned processes, robust Configuration Management Database (CMDB), asset management, and integrated AI capabilities, making it a powerful tool for service delivery. HaloITSM boasts strong global support, broad operating system compatibility, and extensive localization, catering to a diverse international user base. Its deployment flexibility, offering both cloud-based (AWS) and on-premise options, along with a scalable architecture, ensures it can meet the demands of organizations of all sizes. Security is a significant focus, with numerous certifications (ISO 27001, PCI DSS, SOC 2, GDPR) and robust authentication methods, including multi-factor authentication and SSO.

However, recent critical vulnerabilities, such as SQL injection and SAML XML Signature Wrapping, highlight a weakness in past secure coding practices and underscore the critical importance of prompt patching and continuous security audits by both the vendor and its users. While these issues have been addressed with patches, they serve as a reminder for ongoing vigilance.

Overall, HaloITSM is a strong contender in the service management space, particularly for organizations seeking a flexible, feature-rich, and scalable solution with extensive integration capabilities. Recommendations include leveraging its comprehensive feature set for ITIL and ESM processes, maintaining all instances with the latest security patches, and utilizing its robust authentication and security features. Organizations should also ensure their server infrastructure meets or exceeds recommended specifications for optimal performance.

The information provided is based on publicly available data and may vary depending on specific device configurations. For up-to-date information, please consult official manufacturer resources.

Simplify your IT ecosystem with InvGate Asset Management

30-day free trial - No credit card needed

Get started

Clear pricing

No surprises, no hidden fees — just clear, upfront pricing that fits your needs.

View Pricing

Easy migration

Our team ensures your transition to InvGate is fast, smooth, and hassle-free.

View Customer Experience