Action Required: Important Ivanti Neurons TLS Configuration Update to Avoid Service Interruptions
Incident
Report for Ivanti Cloud
Investigating
Important Ivanti Neurons TLS Configuration Update to Avoid Service Interruptions
Today, we want to inform you of an important action you may need to take before January 2025. This action relates to an update for the TLS 1.2 configuration for Ivanti Neurons environments. The updates are designed to strengthen our collective security posture and ensure compliance with the latest security industry standards.
Affected Products
· Ivanti Neurons Platform
· Ivanti Neurons for Healing
· Ivanti Neurons Workspace
· Ivanti Neurons for Spend Intelligence
· Ivanti Neurons for Discovery
· Ivanti Neurons for Patch Management
· Ivanti Neurons Patch for Intune
· Ivanti Neurons for Digital Experience
Required Action to Avoid Service Interruptions
If you are using Ivanti Neurons Agents, verify, no later than January 20, 2025, that the following Cipher Suites are set up in your environment.
TLS 1.2 approved Cipher Suites
· TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) (needed for Windows 10 and Windows Server 2012 support)
· TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA384 (0xc02b) (needed for Windows 10 and Windows Server 2012 support)
· TLS_ECDHE_RSA_AES128_GCM_SHA256 (0xc02f)
· TLS_ECDHE_RSA_AES256_GCM_SHA384 (0xc030)
· TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
· TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
Taking this action will maintain the security and functionality of your Ivanti Neurons products.
For more information about your necessary actions, please review this FAQ.
If you have questions or require assistance, you can log a case and/or request a call in the Success Portal. Thank you for your trust in Ivanti.
This incident affects: Ivanti Neurons Platform (Ivanti Neurons Platform (MLU), Ivanti Neurons Platform (NVU), Ivanti Neurons Platform (UKU), Ivanti Neurons Platform (FRU), Ivanti Neurons Platform (TTU), Ivanti Neurons Platform (TKU)).