Ivanti Security Controls Reviews

We use Ivanti Security Controls for mainly two purposes. One is for scanning vulnerability and the other one is for patch management. The process involves scanning all servers. Once they are scanned, we start deploying patches based on the vulnerability, as well as based on the missing patches. That is how Ivanti Security Controls works.

Ivanti Security Controls is an agentless tool which means we do not need to install any agent on the server or endpoint. Through agentless capabilities, it can install software, install patches, and control over the server, including asset management. It is a very good tool feature that we appreciate for organizing our patch management as well as asset management. These are the two main features we are using in Security Controls.

Ivanti Security Controls has mainly categorized into two different types when it comes to patching: agent and agentless. With agentless, we scan the server based on scan results to get output. Once we receive all results from the server, we immediately schedule a patch. We may have different environments that require DevOps, development, pre-production and production environment where we scan initially and start deploying patches. Once deployment is completed, we check stability. Based on the results, we proceed with production. We schedule it all together, and it has capability of running PowerShell scripts where special handling is required for servers. Based on requirements, we provide pre-required PowerShell scripts to run, such as stopping a service before rebooting.

The main capability of Ivanti Security Controls is being agentless, which is the key aspect everyone uses. The second part is its capability of running scripts in the back end. If something goes wrong in any machine and we need to stop or add any registry, it has capability of running scripts as well as scanning the complete machine. It provides output of all applications and OS security, giving a clear picture of all vulnerabilities.

This solution does not have capability of managing applications. It is only used for asset management and patch management.

Regarding analytics for Ivanti Security Controls, it does not have extensive capabilities. It is a basic tool from Ivanti for scanning and deploying. It does not have analytics features such as EDR or security tools available in the market. It only has capability to check missing patches, find them, and deploy them.

When it comes to reports, compliance reports or similar types of reports are not user-friendly. Expertise is required for handling these aspects.

The asset management in Ivanti Security Controls needs more visibility. Additionally, it can be improved to handle in-house applications, which currently cannot be installed. It can only handle existing applications, unlike Ivanti's Endpoint Manager. It should have additional features in this area that need improvement.

I have been working with Ivanti Security Controls for the past six years. Before, the name was different, but the tool was the same.

It is highly stable, which I can guarantee. It uses its local SQL server and stores minimal database. When we have a proper structure with backups, it is much more stable compared to other tools.

It is not highly scalable, but it works well for mid-sized companies with 1,000 to 2,000 nodes. It is not recommended for large scale deployments with 10,000 to 20,000 nodes.

We encounter issues while upgrading or sometimes face different errors which can be difficult to identify and resolve. Their technical team is very responsive and supportive. Their support is top-notch.

Neutral

The main issue we faced initially with Ivanti Security Controls relates to its vast features. During initial installation, networking team and multiple other teams must be involved. This is one drawback because with agentless deployment, certain ports must be enabled by the networking team to analyze and complete tasks. The agent version is not as capable, so we planned using agentless. Multiple teams have to be involved in initial installation. Once everything is familiar, it becomes the best tool for patch management.

For mid and large enterprises, the pricing of Ivanti Security Controls is reasonable compared to other patching tools. However, for small enterprises, it will be very expensive.

Based on requirements and costing, people decide on Ivanti Security Controls. If companies want vast features, they will choose a different tool. However, if they want only patch management, they will choose Ivanti Security Controls based on pricing and user-friendly aspects. While it requires expertise, this tool can achieve much more compared to other products.

In AWS and Azure or any applications where servers are present, minimum testing typically uses two core and 4 GB of RAM for basics. If any agent is installed, not only for Ivanti but for any patching tool, it will consume CPU. Therefore, people plan using agentless to avoid agent installation and consumption. It is suitable for small organizations or light servers with 1,000, 2,000, or 3,000 servers who do not want to invest heavily in hardware.

My rating for Ivanti Security Controls is 9 out of 10.

We are using Ivanti Security Controls for deploying Windows updates to Windows servers.

The management of credentials is a specific feature that stands out for me in Ivanti Security Controls.

A piece of work I'm hoping to start quite soon with Ivanti Security Controls involves reviewing reports. The current reports we have configured may not be giving us the relevant information we need, and I need to review their configuration to see if that can be improved. I can see that the overall feature set for reporting is quite comprehensive with many features and templates providing extensive detail, but I've yet to master that.

I have yet to investigate whether the reports currently configured in Ivanti Security Controls are default reports that came preconfigured or if somebody implemented them in an intelligent way.

Ivanti Security Controls is a powerful product, but it has quite a steep learning curve. There is quite a lot to learn, though it proves to be very powerful if you put in the time to learn how to use it.

There needs to be more resources available, such as documentation or videos, regarding best practices, methods, or templates for optimal system implementation and usage. While the documentation is detailed in general, more guidance-type information would be beneficial.

I have been using Ivanti Security Controls for about eight months.

I think Ivanti Security Controls is very stable.

We haven't had a need to scale up the infrastructure for Ivanti Security Controls, and it runs fine with just one application server at that scale in our medium organization of 500 servers. There are options for scaling it out and those appear to be well provided from what I've read.

I have dealt with SCCM in the past and WSUS on its own. WSUS is far too basic a product to do the job effectively. SCCM is very difficult to use, or certainly was when I was using it. I know it has become easier over the years, but I still read that SCCM is a very difficult product to use and requires subject matter expert staff to manage it properly. Ivanti Security Controls is a better solution than SCCM.

I am currently working with Ivanti Security Controls as a customer.

I think Ivanti Security Controls is an effective product for this purpose.

I would give tech support for Ivanti Security Controls an eight out of ten.

I would not want to be referred to as an expert with Ivanti Security Controls so I may become a reference for Ivanti.

Overall rating: 8 out of 10.

I've used the solution for patch management and some fixing after other scanning and testing. We try to do the fixing from a single console under a single patch to improve efficiency.

It can provide good snapshots. 

With other products, I have to write my own scripts. With this solution, I do not have to. 

The setup is straightforward.

It is stable and reliable.

Technical support is helpful and responsive. 

It's very useful for data centers.

We'd like the solution to be moved to the cloud. 

We'd like to have better logging so people can see what I have done on the console. 

It should be more scalable. 

We've used the solution in the past and are now in the process of making a comparison before we agree to review the license. We've used it for a few years.

The solution is stable and reliable. I'd rate the stability eight out of ten. There are no bugs or glitches. 

I'd rate the scalability six out of ten. To scale require additional costs. It could be easier to scale. 

We host the service. It's hard to calculate the number of users. 

We've used technical support. They have been good overall. The response time was fast. 

Positive

We have used other solutions in the past, including BigFix and Automox. Ivanti offers pretty good pricing in comparison and fits our requirements. 

It is easy to implement the solution. It only takes 30 minutes. You simply follow the guide. It's easy. What needs to be done depends on the requirements. 

We had five to six people handling the initial setup. They were engineers. 

We handled the implementation ourselves.

I have yet to witness any ROI. 

I'm not sure of the exact licensing costs. 

We are currently comparing this with other solutions in order to see if it is still the best option for us. 

I am not sure which version of the solution we were using. 

I'd rate the solution seven out of ten. We were mostly happy with its capabilities.

We use this solution to push Microsoft and non-Microsoft updates, and recently, we also use it to push Windows upgrades to workstations. We are a team of five that use this solution. 

What has been most valuable is the ability to manage, restore and install upgrades and applications. We scan PCs and server and receive results.

For the Windows upgrade, the errors we experience are not clear. We see a time out error but do not know the reason. We would like to know the root cause. 

In the next release, we want to be able to mix servers and to manage the admin of the servers. We want to have a tool that our customers can use to install and restore servers and not need to refer to us. 

I have been using this solution for three years. 

This is a stable solution. I would rate it a ten out of ten for stability. 

This is a scalable solution. I would rate it a ten out of ten for scalability.

I would rate the support for this solution a five out of ten because when contacting them, you deal with multiple support consultants. 

Neutral

We have other product from Microsoft SCCM, but we prefer Ivanti as it is easier to use.

The initial setup is easy and straightforward. I would rate it a ten out of ten. 

We implemented this solution on our own with the support of Ivanti. 

I would rate this solution a ten out of ten.