Ivanti Security Controls
  • 13 Aug 2023
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Ivanti Security Controls

  • Dark
    Light
  • PDF

Article Summary

Ivanti Security Controls is a unified IT management platform used for managing and protecting Windows-based machines, Red Hat Enterprise and CentOS Linux machines, and VMware ESXi Hypervisors.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Host Name or IP Address (required) - The hostname or IP address of the Ivanti Security Controls server that Axonius can communicate with via the Required Ports.
  2. Port (required, default: 3121) - Use the default value.
  3. User Name and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets.
  4. Verify SSL - Select whether to verify the SSL certificate offered by the value supplied in Host Name or IP Address. For more details, see SSL Trust & CA Settings.
  5. HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Host Name or IP Address.
  6. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
  7. HTTPS Proxy Password (optional) - The password to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
  8. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

image.png

Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Number of threads to open for installed software fetch (required, default: 15) - Set the number of threads to open when fetching the installed software.

  2. Fetch installed software - Select whether to fetch information about installed software for connected devices.

  3. Fetch machine last seen - Select whether to perform a fetch of all of the patches in the last number of days defined.

  4. Only fetch patch scans with a minimum of x machines (required, default: 10) - Select whether to fetch patch scans that apply to at least the number of machines set here. This setting also fetches installed software.

  5. Fetch all the patches from the last x days (required, default: 90) - Set the number of days back to fetch information about software that was patched in the last X days. This setting also fetches installed software.

  6. Fetch machines - Clear this option if there is an error fetching machines.

Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


APIs

Axonius uses the Ivanti Security Controls REST API.

To use the REST API

  1. From Microsoft Management Console (MMC), go to Certificates - Local Computer > Trusted Root Certification Authorities > Certificates folder.
  2. Right-click ST Root Authority and then select All Tasks > Export.
  3. Convert the ST Root certificate with OpenSSL by exporting as a DER by using:
 openssl x509 -inform der -in certificate.cer -out certificate.pem
  1. Verify the ST Root certificate by using:
openssl x509 -in certificate.crt -text -noout
  1. Enable UAC remote restrictions.
  2. Upload the certificate in Axonius using the Certificate Settings tab under General Settings.

Required Ports

Axonius must be able to communicate with the value supplied in Host Name or IP Address via the following ports:

  • Port 3121

Required Permissions

The value supplied in User Name must have read access to devices.

  • The user must be a local or domain admin.



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.