Ivanti User Workspace Manager
Ivanti User Workspace Manager simplifies desktop configuration, cuts IT costs and secures user sessions while optimizing the user experience.
Protecting Deakin University’s 4,000 employees and 50,000 students in an increasingly virtual environment from of cyberthreats is a significant and persistent challenge for its IT team. Rising to that challenge, Deakin implemented a new security program called “Deakin Shield” in 2017 to increase the university’s security posture and address several security gaps.
According to Craig Warren, Executive Director of ICT Infrastructure Services at Deakin, “We determined the Australian Signals Directorate’s [ASD’s] recommended cybersecurity controls would help us implement the strongest defence against a cyber-attack. After looking at various market solutions, we selected Ivanti’s due to our positive experience with previous products and its best-in-class solutions for addressing the Top 4 of the ASD Essential 8 strategies.” The Top 4 strategies—deploying application whitelisting, patching operating systems and applications, and minimizing administrative privileges — help mitigate at least 85% of targeted cyberintrusions.1
Upgrading their licence from Ivanti Environment Manager to the full Ivanti User Workspace Manager suite meant Deakin now had access to Ivanti Application Control and its dynamic whitelisting and granular privilege management features. They also chose to deploy Ivanti Patch for SCCM to patch not only the Windows OS but an extensive catalogue of third-party applications—automatically—from within the Microsoft System Center Configuration Manager (SCCM) console.
Without Ivanti’s native plug-in, SCCM provides only basic, manual tools to update third-party software. The labor-intensive process meant countless hours of research, creation, testing, deployment, and troubleshooting for Deakin IT’s team. Deploying Ivanti Patch for SCCM has enabled the team to automate the deployment of patches to applications not natively patched by SCCM whilst simultaneously proving realtime insight in the patch status of applications in their environment.
For its part, Ivanti Application Control automatically prevents the execution of any code, even unknown, that a non-trusted owner (a typical user account, for example) introduces. This means Deakin’s IT team is spared the pain of maintaining and updating application whitelists.
To round out the Top 4 controls, Application Control also makes it simple for Deakin to give users just the privileges they need to fulfill their roles — no more, no less. IT can take someone with full admin privileges back down to a regular user and still provide automatic escalation of privileges where and when needed, based on policy—from allowing them to access to install applications, install a printer, use PowerShell, or whatever the user may need, but providing no more control than what he/she should have.
“Ivanti Application Control has also greatly reduced reimage requests, because the quality of apps installed is a lot higher,” Warren says. “Prior to installation, we would receive an average of 12 reimaging requests per week— all of which involved a time-staking physical visit. The time we’re saving allows us to focus on other aspects of system security instead.”
Finally, Ivanti Xtraction, integrated into both Ivanti products, helps Deakin monitor its security posture in near real time. Having up-to-the-minute reporting on the patch status of the entire network provides actionable insights to protect the environment as well as peace of mind. Deakin IT knows the patches have deployed successfully. And given its integration with Application Control, Xtraction also provides visibility into the attempted execution of malicious code as well as elevation requests from users.
When you’re one of the world’s top-rated universities, selecting an IT security vendor to partner with is no easy choice. Committed to delivering world-class education, start-of-the-art facilities, and round-the-clock support, Deakin looked for an organization that shared its commitment to excellence. It selected Ivanti not only for the capabilities of its solutions, but for its service excellence as well.
1. Top 4 Strategies to Mitigate Targeted Cyber Intrusions: Mandatory Requirements Explained, Australian Signals Directorate, July 2013 https://www.asd.gov.au/infosec/top-mitigations/top-4-strategiesexplained.htm
Note: A customer’s results are specific to its total environment/experience, of which Ivanti is a part. Individual results may vary based on each customer’s unique environment.