Ivanti Pulse Endpoint Security Assessment Plug In 4.0.1 User Guide

Ivanti Pulse Endpoint Security Assessment Plug In 4.0.1

Product Information

The Pulse Endpoint Security Assessment Plug-in is a software tool designed to assess and evaluate the security status of endpoints. It is compatible with various endpoint security applications and supports both Windows and macOS operating systems.

The current version of the plug-in is 4.0.1 and it comes with the following software development kits (SDK) and adapter versions:

• V3 SDK Version: Windows 3.6.11667.2, Mac 3.6.11667.2
• V4 SDK Version: Windows 4.3.2925.0, Mac 4.3.2534.0
• V3V4 Adapter Version: Windows 4.3.1874.0, Mac 4.3.1832.0

Note: The embedded SDK in this ESAP version has been extensively tested and qualified to work with a wide range of endpoint security applications listed in the supported products list.

Copyright Notice

This document is provided strictly as a guide. No guarantees can be provided or expected. This document contains the confidential information and/or proprietary property of Ivanti, Inc. and its affiliates (referred to collectively as “Ivanti”) and may not be disclosed or copied without prior written consent of Ivanti.

Ivanti retains the right to make changes to this document or related product specifications and descriptions, at any time, without notice. Ivanti makes no warranty for the use of this document and assumes no responsibility for any errors that can appear in the document, nor does it make a commitment to update the information contained herein. For the most current product information, please visit www.Ivanti.com.
Copyright © 2022, Ivanti, Inc. All rights reserved.

Protected by patents, see https://www.ivanti.com/patents.

Introduction

• V3 SDK Version: Mac and Windows 3.6.11667.2
• V4 SDK Version: Windows 4.3.2925.0 Mac 4.3.2534.0
• V3V4 Adapter Version: Windows 4.3.1874.0 Mac 4.3.1832.0

Note: The SDK embedded in this ESAP version has been tested and qualified to interoperate with an extensive list of endpoint security applications covering most products listed in the supported products list.

Interoperability and Supported Platforms

• Please refer to the ESAP Supported Platforms Guide for supported versions of browsers and operating systems in this release.

Noteworthy Changes

• Ivanti introduced support for consuming the latest OPSWAT SDK Version 4 in 8.2R5 ICS and IPS 5.3 R5 IPS release.
• OPSWAT SDKs are bundled within our Endpoint Security Assessment Plugin (ESAP). From ESAP 3.0.3 onwards, OPSWAT V4 SDK for Windows and Mac are packaged alongside existing V2 and V3 SDKs
• Uploading ESAP 3.0.3 or later on PCS 8.2R5 PCS or PPS 5.3R5 releases, we will install OPSWAT V4 SDK version along with V2 and V3 SDKs.
• On the PCS 8.2R5 and PPS 5.3R5 Admin UI, Administrators have a choice to select whether OPSWAT V3 or V4 SDK will be consumed on the device running PCS 8.2R5 or PPS 5.3R5. Please refer to the section “Activating the OPSWAT SDK Version” in the PCS 8.2R5 and PPS 5.3R5 Administration Guide available on Techpubs website for more information.
• Endpoint Security Assessment Plug-In (ESAP) provides support for predefined checks on Windows and MAC platforms. ESAP package contains V2, V3 and V4 OPSWAT SDK versions. Support for V2 and V3 OPSWAT SDK is ended. Hence, this ESAP release has only OPSWAT V4 version updated in ESAP package. Refer to KB article http://kb.pulsesecure.net/articles/Pulse_Technical_Bulletin/TSB41055 on Pulse Secure site for more details.
• OPSWAT SDKs are bundled within our Endpoint Security Assessment Plugin (ESAP). From ESAP 3.3.5 onwards, OPSWAT V4 SDK for Windows and Mac are packaged alongside existing V3 SDKs.

ESAP 4.0.1 and Ivanti Connect Secure/Ivanti Policy Secure

Compatibility Chart

This ESAP package can be installed on the following Ivanti Connect Secure/ Ivanti Policy Secure software versions.

• ICS 9.1RX
• PCS 9.0RX
• PCS 8.3Rx
• PCS 8.2Rx
• PCS 8.1Rx
• IPS 9.1RX
• PPS 9.0RX
• PPS 5.4Rx
• PPS 5.3Rx
• PPS 5.2Rx
• PPS 5.1Rx

Note

• The ESAP package may install and function without any errors on older releases. However, as the install has not been tested, we recommend that it be used only on the above versions of software releases.
• This ESAP package contains V3 and V4 versions of OPSWAT SDK. From the above compatibility chart V4 is applicable only for release above 8.2R5 and 5.3R5.

Support Has Been Added for the Following Products in ESAP 4.0.1

V4 List of Supported Products

Windows OS

Antivirus Products

• Asiainfo OfficeScan Agent (16.x)
• Cybereason ActiveProbe (22.x)
• Cybereason ActiveProbe Antimalware (22.x)
• Malwarebytes Anti-Malware Premium (4.5.x)
• Stormshield Endpoint Security Evolution Agent (2.x)
• VIPRE Business (10.x)
• WithSecure Elements EPP for Computers Premium (3.x)

Antispyware Products

• Asiainfo OfficeScan Agent (16.x)
• Cybereason ActiveProbe (22.x)
• Cybereason ActiveProbe Antimalware (22.x)
• Malwarebytes Anti-Malware Premium (4.5.x)
• Stormshield Endpoint Security Evolution Agent (2.x)
• VIPRE Business (10.x)
• WithSecure Elements EPP for Computers Premium (3.x)
• Anshin Net Security (20.x)

Firewall Products

• Asiainfo OfficeScan Agent (16.x)
• Anshin Net Security (20.x)

macOSX

Antivirus Products

• Cybereason ActiveProbe (22.x)
• F-Secure SAFE (18.x)

Fixed Issues

The following customer support issues have been resolved in this release:

checker via browser.
PRS-402699| Bitdefender Endpoint Security Tools 7.2.1.72 antivirus is failing on virus definitions with latest ESAP version
PRS-407516| Hostchecker is failing for Carbon Black Cloud Sensor 3.x for RTP check via browser

Known Issues/Limitations

The following table lists known issues/limitations in in this release:

administrative privileges and UAC should be turned off.
502783| Endpoint Protection 11.x/12.x is not performed when UAC is enabled or if the scan logs have been deleted or if system scans has never been performed.
495041| The password protection option in the Sunbelt Kerio Firewall product is not supported.
---|---
950123| Signatures cannot be downloaded with Trend Micro Office scan Client 10.5 and 10.6. Therefore, the remediation functionality for failing the virus definition check is not supported for Trend Micro Office scan Client 10.5 and 10.6. This is because the executable required to support this functionality is not bundled as part of the TrendMicro

product.

PRS-357241| Hostchecker is failing to detect Bitlocker HD encryption 10.x in Windows 10 via browser, but detects with Pulse.
PRS-380100| Host Checker stopped working after Upgrading ESAP from 3.3.5 to 3.4.4 or 3.4.5 in Mac OS Mojave 10.14.5 and 10.14.6.
PRS-387410| Windows Update Agent (7.x) takes long time to gather missing patch information on Windows 7 platform
PRS-395662| Using ESAP3.7.1 upgrade/downgrade fail on all macosx platform and need restart system/service (KB44643)
PRS-396891| ESAP can’t be upgrade/downgrade on Windows Platform (KB44787)
PRS-397371| Using new ESAP3.7.2 observing dsaccessService and Hostcheck process crash on all macOS platform (KB44643)
PRS-403500| Big Sur OS Host Checker rule with Ignore versions passes the compliance check on MAC Monterey OS(macOS12)
PRS- 409374| OPSWAT removed Jamf/Casper Suite Patch management support from macOSX
PRS-409295| ESAP Downgrade fails on Windows platform due to unable delete/copy wa_3rd_party_host_32.exe

Copyright © 2022, Ivanti, Inc. All Rights Reserved. Terms of Use

References

• Ivanti Community
• Ivanti - Everywhere Work. Elevated.
• Ivanti - Everywhere Work. Elevated.
• Privacy & Legal Information | Ivanti
• Patents - Privacy & Legal | Ivanti
• Software & Technical Documentation | Ivanti

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>