Ivanti Pulse Endpoint Security Assessment Plug In 4.0.1 User Guide
- October 30, 2023
- Ivanti
Table of Contents
Ivanti Pulse Endpoint Security Assessment Plug In 4.0.1
Product Information
The Pulse Endpoint Security Assessment Plug-in is a software tool designed to assess and evaluate the security status of endpoints. It is compatible with various endpoint security applications and supports both Windows and macOS operating systems.
The current version of the plug-in is 4.0.1 and it comes with the following software development kits (SDK) and adapter versions:
- V3 SDK Version: Windows 3.6.11667.2, Mac 3.6.11667.2
- V4 SDK Version: Windows 4.3.2925.0, Mac 4.3.2534.0
- V3V4 Adapter Version: Windows 4.3.1874.0, Mac 4.3.1832.0
Note: The embedded SDK in this ESAP version has been extensively tested and qualified to work with a wide range of endpoint security applications listed in the supported products list.
Copyright Notice
This document is provided strictly as a guide. No guarantees can be provided or expected. This document contains the confidential information and/or proprietary property of Ivanti, Inc. and its affiliates (referred to collectively as “Ivanti”) and may not be disclosed or copied without prior written consent of Ivanti.
Ivanti retains the right to make changes to this document or related product
specifications and descriptions, at any time, without notice. Ivanti makes no
warranty for the use of this document and assumes no responsibility for any
errors that can appear in the document, nor does it make a commitment to
update the information contained herein. For the most current product
information, please visit www.Ivanti.com.
Copyright © 2022, Ivanti, Inc. All rights reserved.
Protected by patents, see https://www.ivanti.com/patents.
Introduction
- V3 SDK Version: Mac and Windows 3.6.11667.2
- V4 SDK Version: Windows 4.3.2925.0 Mac 4.3.2534.0
- V3V4 Adapter Version: Windows 4.3.1874.0 Mac 4.3.1832.0
Note: The SDK embedded in this ESAP version has been tested and qualified to interoperate with an extensive list of endpoint security applications covering most products listed in the supported products list.
Interoperability and Supported Platforms
- Please refer to the ESAP Supported Platforms Guide for supported versions of browsers and operating systems in this release.
Noteworthy Changes
- Ivanti introduced support for consuming the latest OPSWAT SDK Version 4 in 8.2R5 ICS and IPS 5.3 R5 IPS release.
- OPSWAT SDKs are bundled within our Endpoint Security Assessment Plugin (ESAP). From ESAP 3.0.3 onwards, OPSWAT V4 SDK for Windows and Mac are packaged alongside existing V2 and V3 SDKs
- Uploading ESAP 3.0.3 or later on PCS 8.2R5 PCS or PPS 5.3R5 releases, we will install OPSWAT V4 SDK version along with V2 and V3 SDKs.
- On the PCS 8.2R5 and PPS 5.3R5 Admin UI, Administrators have a choice to select whether OPSWAT V3 or V4 SDK will be consumed on the device running PCS 8.2R5 or PPS 5.3R5. Please refer to the section “Activating the OPSWAT SDK Version” in the PCS 8.2R5 and PPS 5.3R5 Administration Guide available on Techpubs website for more information.
- Endpoint Security Assessment Plug-In (ESAP) provides support for predefined checks on Windows and MAC platforms. ESAP package contains V2, V3 and V4 OPSWAT SDK versions. Support for V2 and V3 OPSWAT SDK is ended. Hence, this ESAP release has only OPSWAT V4 version updated in ESAP package. Refer to KB article http://kb.pulsesecure.net/articles/Pulse_Technical_Bulletin/TSB41055 on Pulse Secure site for more details.
- OPSWAT SDKs are bundled within our Endpoint Security Assessment Plugin (ESAP). From ESAP 3.3.5 onwards, OPSWAT V4 SDK for Windows and Mac are packaged alongside existing V3 SDKs.
ESAP 4.0.1 and Ivanti Connect Secure/Ivanti Policy Secure
Compatibility Chart
This ESAP package can be installed on the following Ivanti Connect Secure/ Ivanti Policy Secure software versions.
- ICS 9.1RX
- PCS 9.0RX
- PCS 8.3Rx
- PCS 8.2Rx
- PCS 8.1Rx
- IPS 9.1RX
- PPS 9.0RX
- PPS 5.4Rx
- PPS 5.3Rx
- PPS 5.2Rx
- PPS 5.1Rx
Note
- The ESAP package may install and function without any errors on older releases. However, as the install has not been tested, we recommend that it be used only on the above versions of software releases.
- This ESAP package contains V3 and V4 versions of OPSWAT SDK. From the above compatibility chart V4 is applicable only for release above 8.2R5 and 5.3R5.
Support Has Been Added for the Following Products in ESAP 4.0.1
V4 List of Supported Products
Windows OS
Antivirus Products
- Asiainfo OfficeScan Agent (16.x)
- Cybereason ActiveProbe (22.x)
- Cybereason ActiveProbe Antimalware (22.x)
- Malwarebytes Anti-Malware Premium (4.5.x)
- Stormshield Endpoint Security Evolution Agent (2.x)
- VIPRE Business (10.x)
- WithSecure Elements EPP for Computers Premium (3.x)
Antispyware Products
- Asiainfo OfficeScan Agent (16.x)
- Cybereason ActiveProbe (22.x)
- Cybereason ActiveProbe Antimalware (22.x)
- Malwarebytes Anti-Malware Premium (4.5.x)
- Stormshield Endpoint Security Evolution Agent (2.x)
- VIPRE Business (10.x)
- WithSecure Elements EPP for Computers Premium (3.x)
- Anshin Net Security (20.x)
Firewall Products
- Asiainfo OfficeScan Agent (16.x)
- Anshin Net Security (20.x)
macOSX
Antivirus Products
- Cybereason ActiveProbe (22.x)
- F-Secure SAFE (18.x)
Fixed Issues
The following customer support issues have been resolved in this release:
| Problem ID | Title |
|---|---|
| PRS-409980 | Compliance fails using “Sophos End point Agent 2.20.x” |
| PRS-410223 | Add Support for Sophos Endpoint Agent 2022.1.0.78 |
| PRS-410635 | ESET Endpoint Antivirus 6.x on MacOS fails to evaluate host |
checker via browser.
PRS-402699| Bitdefender Endpoint Security Tools 7.2.1.72 antivirus is failing
on virus definitions with latest ESAP version
PRS-407516| Hostchecker is failing for Carbon Black Cloud Sensor 3.x for RTP
check via browser
Known Issues/Limitations
The following table lists known issues/limitations in in this release:
| Problem ID | Title |
|---|---|
| 958840, 845980 | Remediation of Windows Firewall 8 in agentless mode requires |
administrative privileges and UAC should be turned off.
502783| Endpoint Protection 11.x/12.x is not performed when UAC is enabled or
if the scan logs have been deleted or if system scans has never been
performed.
495041| The password protection option in the Sunbelt Kerio Firewall product
is not supported.
---|---
950123| Signatures cannot be downloaded with Trend Micro Office scan Client
10.5 and 10.6. Therefore, the remediation functionality for failing the virus
definition check is not supported for Trend Micro Office scan Client 10.5 and
10.6. This is because the executable required to support this functionality is
not bundled as part of the TrendMicro
product.
PRS-357241| Hostchecker is failing to detect Bitlocker HD encryption 10.x in
Windows 10 via browser, but detects with Pulse.
PRS-380100| Host Checker stopped working after Upgrading ESAP from 3.3.5 to
3.4.4 or 3.4.5 in Mac OS Mojave 10.14.5 and 10.14.6.
PRS-387410| Windows Update Agent (7.x) takes long time to gather missing patch
information on Windows 7 platform
PRS-395662| Using ESAP3.7.1 upgrade/downgrade fail on all macosx platform and
need restart system/service (KB44643)
PRS-396891| ESAP can’t be upgrade/downgrade on Windows Platform (KB44787)
PRS-397371| Using new ESAP3.7.2 observing dsaccessService and Hostcheck
process crash on all macOS platform (KB44643)
PRS-403500| Big Sur OS Host Checker rule with Ignore versions passes the
compliance check on MAC Monterey OS(macOS12)
PRS- 409374| OPSWAT removed Jamf/Casper Suite Patch management support from
macOSX
PRS-409295| ESAP Downgrade fails on Windows platform due to unable delete/copy
wa_3rd_party_host_32.exe
Copyright © 2022, Ivanti, Inc. All Rights Reserved. Terms of Use
References
- Ivanti Community
- Ivanti - Everywhere Work. Elevated.
- Ivanti - Everywhere Work. Elevated.
- Privacy & Legal Information | Ivanti
- Patents - Privacy & Legal | Ivanti
- Software & Technical Documentation | Ivanti