Ivanti Endpoint Security

Basic Information

Ivanti Endpoint Security is a comprehensive software suite designed to protect managed devices from various threats, including zero-day attacks, malware, ransomware, and unauthorized access. It integrates with Ivanti Unified Endpoint Manager (UEM) to provide a unified platform for endpoint management and security.

• Model: Ivanti Endpoint Security (often referred to in conjunction with Ivanti Endpoint Manager)
• Version: Latest stable versions are frequently updated. As of early 2025, versions like 2025.1, 2025.2, and 2025.3 are current fully-supported versions.
• Release Date: Recent versions include 2025.3 (July 15, 2025), 2025.2 (April 15, 2025), and 2025.1 (February 04, 2025).
• Minimum Requirements (Server):
  • Processor: 2.0 GHz dual-core processor (minimum for trial environments of 50 endpoints)
  • RAM: 4 GB (minimum for trial environments of 50 endpoints)
  • Storage: 50 GB or more hard drive space (RAID 1 disk array, 7200 RPM drive speed recommended)
  • Network: 1 Gbps Network Card
• Supported Operating Systems (Endpoint Agent):
  • Windows: Windows 11, Windows 10 (32- and 64-bit, specific versions supported per Ivanti's support matrix), Windows Server families (2025, 2022, 2019, 2016).
  • macOS: Various versions supported via the Linux/Unix/macOS Agent.
  • Linux: Various versions supported via the Linux/Unix/macOS Agent.
  • UNIX: Various versions supported via the Linux/Unix/macOS Agent.
  • Mobile: Android, iOS (when integrated with Ivanti Unified Endpoint Manager).
• Latest Stable Version: Ivanti Endpoint Security 2025.3 (as of July 15, 2025)
• End of Support Date: General support for recent versions typically lasts for a period after release. For example, version 2023.1 (8.6 U6) had a General Support End Date of January 17, 2025, and an Extended Support End Date of July 17, 2025.
• End of Life Date: Ivanti Endpoint Security (formerly HEAT EMSS) has an announced End of Life (EOL) date of December 31, 2026.
• License Type: Subscription license.
• Deployment Model: On-premise, cloud-based interface, or hybrid.

Technical Requirements

Ivanti Endpoint Security's technical requirements vary between the server component and the endpoint agent. The server typically requires more resources to manage and process data from numerous endpoints. Endpoint agent requirements are generally lighter to minimize impact on user devices.

• RAM:
  • Server: Minimum 4 GB, with 16 GB recommended for high-performance environments (10000+ seat license).
  • Endpoint Agent: Minimum 1 GB, with additional RAM potentially required based on other installed applications.
• Processor:
  • Server: Minimum 2.0 GHz dual-core processor, with 4-8+ cores at 2 GHz or faster recommended for larger deployments (500-10000+ seat licenses).
  • Endpoint Agent: Minimum 2 CPU cores recommended for optimal performance during intensive operations like updates or antivirus scans.
• Storage:
  • Server: 50 GB or more for the application, with 10 GB minimum and 100 GB or more recommended for the patch repository. RAID 1 disk array and 7200 RPM drive speed are recommended for the server.
  • Endpoint Agent: 50 MB for the client.
• Display: Minimum 1024 x 768 screen resolution; 1280 x 1024 or higher recommended for the console.
• Ports:
  • Server: Various ports are required for proper functionality, including those for SQL communication, IIS settings, and specific Ivanti services.
  • Endpoint Agent: Port 80 for module downloads, Port 443 for policy download and general communication, and ephemeral ports (49152-65535) for Notification Manager connection requests (Patch and Remediation).
• Operating System:
  • Server: Windows Server 2025, 2022, 2019, 2016 families.
  • Endpoint Agent: Windows 11, Windows 10, macOS, Linux, UNIX.

Analysis of Technical Requirements: The server requirements for Ivanti Endpoint Security scale significantly with the number of managed endpoints, emphasizing the need for robust processing power, ample RAM, and fast storage, especially for larger enterprise deployments. The endpoint agent is designed to be relatively lightweight, ensuring minimal impact on user productivity, but still requires sufficient resources for effective real-time protection and scanning. Network connectivity is crucial for communication between agents and the server, as well as for patch and definition downloads.

Support & Compatibility

Ivanti Endpoint Security offers broad compatibility across various operating systems and provides ongoing support through its product lifecycle.

• Latest Version: Ivanti Endpoint Security 2025.3.
• OS Support:
  • Windows: Comprehensive support for Windows 10, Windows 11, and Windows Server 2016, 2019, 2022, and 2025 families. Support for Windows 10 & 11 ARM architecture is available in x86 emulation mode, with native Arm64 OS patch detection for Windows 11 Arm64 devices.
  • macOS: Supported via a dedicated agent.
  • Linux/UNIX: Supported via a dedicated agent, primarily for Patch and Remediation functionality.
  • Mobile: Android and iOS are supported, especially when integrated with Ivanti Unified Endpoint Manager.
• End of Support Date: General support for Ivanti Endpoint Security versions typically lasts for a defined period (e.g., 18 months from release for full support, followed by extended support and self-support phases). For instance, Ivanti Endpoint Security 2023.1 (8.6 U6) general support ended January 17, 2025.
• Localization: The Ivanti Endpoint Security Agent is localized and internationalized for various languages, including English (Australia, Belize, Canada), Chinese (Simplified, Traditional), French, German, Japanese, Korean, and Spanish. The user interface can be displayed in supported languages, and administrators can configure localized user experiences.
• Available Drivers: Not directly applicable as it is software. However, it ensures compatibility with various hardware components and their drivers through its broad OS support.

Analysis of Overall Support & Compatibility Status: Ivanti Endpoint Security demonstrates strong compatibility across major desktop and server operating systems, including recent Windows versions and support for macOS and Linux. The commitment to regular updates and localization ensures its applicability in diverse global environments. However, users sometimes note that patching for non-Windows systems could be improved. The product lifecycle policy clearly defines support phases, allowing organizations to plan upgrades and maintenance.

Security Status

Ivanti Endpoint Security provides a multi-layered defense against a wide array of cyber threats, focusing on prevention, detection, and remediation.

• Security Features:
  • Anti-malware and Antivirus: Detects and prevents malware, viruses, and ransomware.
  • Host Intrusion Prevention System (HIPS): Protects against zero-day attacks and malicious behaviors.
  • Ivanti Firewall: Controls network connections.
  • Device Control: Monitors and restricts access to managed devices through I/O devices (e.g., USB, ports, wireless connections).
  • Application Control: Guards against zero-day exploits and unauthorized applications.
  • Patch Management: Automates discovery, inventory, and deployment of patches for operating systems and third-party software.
  • Ransomware Protection: Catches, kills, and blocks ransomware from running.
  • Data Protection: Prevents malicious software from encrypting files.
  • Vulnerability Management: Scans for known platform-specific vulnerabilities and system configuration threats.
  • Remote Control and Remediation: Allows isolation, investigation, and remediation of infected systems remotely.
  • Threat Detection: Collects and curates data insights into system performance and health.
• Known Vulnerabilities: Ivanti products, including Endpoint Manager, have faced several high-severity vulnerabilities. Recent examples include:
  • CVE-2025-9712 and CVE-2025-9872: High-severity flaws (CVSS 8.8) in Endpoint Manager (versions before 2024 SU3 and 2022 SU8 SU2) related to insufficient filename validation, allowing remote unauthenticated code execution with user interaction.
  • CVE-2024-13159, CVE-2024-13160, CVE-2024-13161: Critical absolute path-traversal vulnerabilities (CVSS 9.8) in Ivanti Endpoint Manager, exploited in the wild, allowing credential coercion.
  • CVE-2025-6995, CVE-2025-6996, CVE-2025-7037: High-severity vulnerabilities in Endpoint Manager (versions before 2024 SU3 and 2022 SU8 SU1) including improper encryption (allowing local authenticated attackers to decrypt passwords) and SQL injection (allowing remote authenticated attackers with admin privileges to read arbitrary data).
  • CVE-2025-4427 and CVE-2025-4428: Medium and high-severity vulnerabilities in Ivanti Endpoint Mobile Manager (EPMM) that, when chained, can lead to authentication bypass and remote code execution. These have been actively exploited.
• Blacklist Status: Not applicable to the product itself, but its features include blacklisting of unauthorized applications and devices.
• Certifications: Supports Federal Desktop Core Configuration (FDCC) standards compliance.
• Encryption Support: Integrates with encryption for secure communication. However, past vulnerabilities related to improper encryption have been identified and patched.
• Authentication Methods: Supports various authentication methods for console access and agent communication. Specific details on multi-factor authentication (MFA) or advanced methods are not explicitly detailed in the provided snippets for Endpoint Security itself, but Ivanti's broader product ecosystem supports them.
• General Recommendations: Apply updates immediately, restrict internet access to Ivanti Endpoint Manager interfaces, use VPN and IP whitelisting, apply least privilege principles, review audit logs, and implement WAF/reverse proxies for input validation.

Analysis of Overall Security Rating: Ivanti Endpoint Security offers robust, multi-layered security features, including advanced threat prevention, application control, and comprehensive patch management. It is designed to protect against modern threats like ransomware and zero-day exploits. However, the product has a history of critical vulnerabilities, some of which have been actively exploited in the wild. This necessitates diligent and timely application of security updates and adherence to Ivanti's recommended security practices to maintain a strong security posture. The frequent discovery of high-severity flaws indicates a need for continuous vigilance and prompt patching by administrators.

Performance & Benchmarks

Specific, independent benchmark scores for Ivanti Endpoint Security are not readily available in the provided information. However, user feedback and product descriptions offer insights into its performance characteristics.

• Benchmark Scores: Not explicitly detailed in the provided search results.
• Real-world Performance Metrics:
  • Impact on System Resources: The endpoint agent is designed to be lightweight, aiming for minimal impact on user productivity. However, some users report that intensive operations like Discover Applicable Updates (DAU) or AntiVirus scans can be CPU-intensive, recommending a minimum of 2 CPU cores for optimal performance.
  • Efficiency: Ivanti Endpoint Security for Endpoint Manager is noted for its seamless integration and strong patch management, contributing to streamlined protection and optimal endpoint performance.
• Power Consumption: Not specifically detailed for the software. Its impact on power consumption would be related to its CPU and RAM usage during active processes.
• Carbon Footprint: Not typically a measured metric for software solutions.
• Comparison with Similar Assets:
  • Strengths: Ivanti is often praised for its competitive pricing, user-friendly management, seamless integration, strong patch management, and comprehensive threat prevention. It is noted for managing mobile, laptop, Windows, and Linux devices from a single console.
  • Weaknesses: Some alternatives like Symantec offer more advanced features and robust threat detection, while others like Cisco Secure Endpoint excel in advanced threat detection and faster remediation. Ivanti's setup cost can be higher than some competitors like Bitdefender.
  • Competitors: Datto RMM, Cisco Anyconnect Secure Mobility Client, BlackBerry UEM, Acronis Cyber Protect, ManageEngine Endpoint Central, NinjaOne, Symantec End-user Endpoint Security, Webroot Business Endpoint Protection, Carbon Black, Vipre EDR, Microsoft Defender for Endpoint, Eset Endpoint Protection Advanced, Bitdefender GravityZone Business Security, F-Secure Elements, Sophos Intercept X Endpoint Protection.

Analysis of Overall Performance Status: Ivanti Endpoint Security aims for efficient operation with a focus on comprehensive protection without severely impacting endpoint performance. Its strength lies in unified management and automated patch deployment, which can improve overall IT efficiency. While designed to be lightweight, resource usage during intensive tasks like scans can be noticeable, suggesting that endpoint hardware should meet or exceed recommended specifications for optimal user experience. Its competitive standing often highlights ease of use and integration, though some competitors may offer more specialized or advanced threat detection capabilities.

User Reviews & Feedback

User reviews for Ivanti Endpoint Security for Endpoint Manager highlight several strengths and weaknesses, often emphasizing its management capabilities and areas for improvement.

• Strengths:
  • Unified Management: Users appreciate the ability to manage diverse devices (mobile, laptops, Windows, Linux) from a single console, which is seen as a key differentiator.
  • Patch Management: Frequently cited as a strong and valuable feature, simplifying the process of updating operating systems and third-party applications.
  • Device Control: Effective in monitoring and restricting access to I/O devices, helping maintain security and compliance.
  • Security Features: Provides robust protection against malware, viruses, ransomware, and zero-day threats.
  • Inventory Management: Offers good visibility into networked devices and software.
  • Low-code Service Management: Some users find its low-code solution builders with drag-and-drop capabilities beneficial for service management.
  • Stability: Generally considered stable for deployment.
• Weaknesses:
  • Reporting: Users desire more functionality, granularity, and customization in reporting features.
  • Vendor Support: Feedback indicates that support provided by Ivanti could be improved.
  • Non-Windows Patching: Patching for non-Windows operating systems (e.g., Linux, Ubuntu) is an area identified for improvement.
  • Integration Challenges: Integration with other technologies and adapting to updates can be challenging.
  • Complexity: The solution's complexity can make staff training difficult.
  • Remote Control Performance: Remoting into computers can sometimes be slow or experience resolution problems.
• Recommended Use Cases:
  • Organizations needing a unified platform for managing and securing a diverse range of endpoints (Windows, macOS, Linux, mobile).
  • Environments prioritizing automated patch management and strong device control to maintain compliance and reduce attack surface.
  • Enterprises looking for comprehensive threat prevention, including anti-malware, HIPS, and application control.
  • Companies seeking to streamline IT operations by consolidating endpoint management and security tools.

Summary

Ivanti Endpoint Security is a robust and comprehensive enterprise asset management solution designed to provide multi-layered protection and unified control over a wide array of endpoints. Its core strength lies in its ability to integrate security functionalities like anti-malware, host intrusion prevention, firewall, device control, and application control with powerful patch management capabilities, all managed from a single console. This unified approach extends across Windows, macOS, Linux, and mobile operating systems, offering a significant advantage for organizations with diverse IT environments.

Key strengths include its effective patch management, which automates vulnerability remediation, and its granular device control features that help enforce security policies and prevent data exfiltration. Users often praise its ability to manage various endpoint types from a single pane of glass and its overall stability. The product also offers extensive localization support, making it suitable for global deployments.

However, Ivanti Endpoint Security is not without its weaknesses. Recurring high-severity vulnerabilities, some of which have been actively exploited, necessitate continuous vigilance and prompt patching by administrators. Users have also pointed out areas for improvement in reporting capabilities, the quality of vendor support, and the effectiveness of patching for non-Windows systems. The solution's complexity can also pose challenges for staff training and integration with other IT systems.

Overall, Ivanti Endpoint Security is a powerful tool for organizations seeking to consolidate endpoint security and management. Its comprehensive feature set and cross-platform compatibility make it a strong contender for enterprises aiming to reduce their attack surface and streamline IT operations. However, potential adopters must be prepared for diligent patch management and consider the reported challenges in support and reporting. For optimal security, adherence to Ivanti's recommended best practices and timely application of all security updates are crucial. The information provided is based on publicly available data and may vary depending on specific device configurations; for up-to-date information, please consult official manufacturer resources.