Softcat Limited

Ivanti Neurons (Service Management ITSM with AI, IT Asset Management and Experience Management DEX)

Our integrated IT Service and Asset Management (ITSM, ESM and ITAM) approach helps increase staff productivity, data quality and service delivery for IT and beyond. With AI, integration platform as a service(iPaaS), low-code architecture, makes it easier to consolidate vendors and tool instances as your organisations maturity requirements evolve.

Features

• ITIL Service Management Solution - PinkVerify for 11 ITILv4 Practices

Benefits

• High availability integrated SaaS Based Service and Asset management solution

£72.67 to £30,790 a licence

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psitq@softcat.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

518514046891477

Contact

Charles Harrison
01628 403403
psitq@softcat.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Ivanti Security Controls (Patching) Ivanti Environment Manager (profile management) Ivanti Unified Endpoint Management Ivanti MDM Ivanti Application Control (application whitelisting & privilege management) Ivanti Neurons Platform (Self Heal, realtime analysis,Remote Control, Discovery) Ivanti Risk Based Vulnerability Management Ivanti External Attack Surface Management AI/Chatbot functionality. https://www.ivanti.co.uk/resources/free-trials
• Cloud deployment model: Public cloud
• Service constraints: Upgrades are performed automatically by Ivanti Software where you will have access to upgraded functionality. Upgrades as part of the new version will not affect any configuration changes done within your environment and you will have the option of turning on or keeping the product enhancement features off as part of the new release. Versions are in-line with Year with quarterly upgrades. Notifications are issued well in advance by email and issued on user login to the Ivanti platform of any major release as part of the standard agreement.
• System requirements:
  • Ivanti Neurons for ITSM is delivered over the internet
  • Ivanti Neurons for ITSM and Asset Manager are browser based
  • Native Mobile Apps require iOS /Android, others use browser app
  • All modern browsers supported(IE, Edge, Chrome, FireFox, Safari)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Please refer to our online support terms for a current view (Clause V) - https://www.ivanti.co.uk/company/legal/support-terms
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Please refer to our online support terms for a current view (Clause V) - https://www.ivanti.co.uk/company/legal/support-terms As standard, all our license subscription include support, with three levels of support available; standard, enhanced and premium. Clause II of the online terms (link above) provides full details. All levels include access to the Cloud Care Team, which includes a team of technical engineers, online assistance, and phone help. Other support functions include: Ivanti Community - Troubleshoot, search knowledge base articles, access white papers, and join our discussion forums. Product Advice - The Advice Center provides a centralized search through knowledge base articles, forums, and product documentation. Manuals, installation guides, and support documents can be found on all Ivanti solutions. Ivanti products are constantly updated to meet the needs of rapidly changing IT environments. As new products are released, previous versions are supported and maintained for a certain amount of time, then retired. Finally, a Technical Resource Manager (TRM) service is also available as an option with the terms again available online via the link at the top of this section. Many of the principles of WCAG are supported.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The Ivanti Global Training Academy subscription is the most common approach to training, although classroom and on-site training is also available. The Academy marries training content and services to provide a more effective and engaging learning experience. Live Online Training = Short (30- to 120-minute) courses taught by one of our certified instructors via WebEx Training Centre. They’re scheduled repeatedly throughout the week so you can fit the ones you’d like to attend into your schedule. eLearning Modules = Short, concise, and interactive computer-based training modules. They focus on the content necessary to achieve a specific set of learning objectives. Informational Videos = View commentary or watch a feature demo from within an eLearning Module. Reference Materials = Further explore the topic at hand via a convenient link. Downloadable Content = Student guides and lab guides for each of the Live Online Training courses, quick reference guides, course brochures, and more. Please access the Ivanti Global Academy to see full list of courses https://advantagelearning.ivanti.com/ Note - User documentation is also available via online Help
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of the contract the customer is given an extract of the SQL database containing their data. Once the customer has confirmed receipt of data and successful restore then all data is removed from our system.
• End-of-contract process: An extract of the database is provided to the customer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No functional differences, apart from mobile interfaces can be configured suitably for tablet and smartphone interfaces.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: End User Self Service is available upon desktop and mobile interfaces. Mobile Self Service is available over dedicated apps for iOS and Android and browser based apps for all other devices. Desktop Service access is available for analysts and managers through browser only platforms. Mobile apps are also available for analysts.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Independent accessibility tools have been used internally among the Ivanti engineering team as part of the accessibility testing of the solution. As it resides fully within the browser page, Zoom in/out is supported and all text labels and content convert consistently from text to speech. Contrasting colours are supported throughout and these can be altered for all or purposely for visually impaired personnel. Low alternate Flash indication can draw attention. 'As you type' suggested content is provided to the user on search fields and extensive use of validated fields are utilised. In our latest release in April 2024 , new controls in the Analyst interface have been added to the accessibility list to ensure on-screen elements have alternative text in order to be read by assistant technologies. Some of the important controls are mentioned below: •Change Role •User panel •Home screen Side Nav •View/Edit forms •Date time control •Search and others Further ongoing improvements to support improved accessibility measures are planned Q2 2024 to Q4 2024.
• API: Yes
• What users can and can't do using the API: The Ivanti Neurons for ITSM(IN4ITSM) API can be adopted to CREATE/UPDATE and DELETE tickets (Incidents/Requests/Problem etc.). Actions can also be called to automate activity/instruction such as issuing emails or updates. The API can obtain information out of IN4ITSM into third party solutions such as to feed web sites of User/Ticket History/Asset details.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Ivanti Neurons for ITSM(IN4ITSM) and Asset Manager provide a codeless development platform. New Business Objects(Tables), Forms, Fields, Reports and automated actions can be configured. All configurations are supported. Configurations can be recorded onto packages and exported/Imported from Development/Test to Production environments to mitigate risk of manual development steps. IN4ITSM utilises a Role based access model. Templates, Quick actions(automations) and dashboard development can be carried out by "Super users" whilst Administrators are able to reconfigure business objects and/or create new objects.

Scaling

• Independence of resources: The Multi-tenant solution is scaled based on the workflow subjected by each tenant, SQL DB's are unique to each client and not shared. Services are established to automatically deploy additional Virtual Servers in the event of an increase of requirements.

Analytics

• Service usage metrics: Yes
• Metrics types: Availability Statistics, i.e. % availability per month. Provision of planned maintenance downtime. Provision of software upgrade and update schedules.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Ivanti

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users export their data using built in data export quick links or wizards.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • WORD
  • EXCEL
  • TXT
  • HTM
  • PNG
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • EXCEL
  • XML

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Please refer to section 4.1 of the Ivanti Software as a Service terms and conditions found here; https://www.ivanti.com/company/legal/saas
• Approach to resilience: Ivanti resides on the highly resilient cloud platform Microsoft Azure. The Ivanti services architecture adopts production and failover system resident within the UK but can also offer a wider platform in EEC or globally. Azure proactively mitigates potential failures—reducing the failure impact on availability by 50 percent. Using deep fleet telemetry, Microsoft enables failure predictions with machine learning (ML) and ties them to automatic live migration for several types of hardware failure cases, including disk failures, input/output (I/O) latency, and CPU frequency anomalies. As a result, VMs are live migrated off of “at-risk” machines before they ever show signs of failing. This means VMs running on Azure are more reliable than the underlying hardware. Furtehr detaisl can be found here: https://azure.microsoft.com/mediahandler/files/resourcefiles/resilience-in-azure-whitepaper/Resilience%20in%20Azure.pdf Ivanti also complies with many safety framworks upon its platform including SOC2 and ISO27001
• Outage reporting: Ivanti ITSM and Asset Manager solutions do not require systems to be brought offline to perform regular maintenance and system patching. MS Azure's own maintenance and system patching generally do not impact customers.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is restricted by Roles and Groups within the solution to ensure only those authorised can access the system via management interfaces and support channels
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Cadence Assurance, LLC
• ISO/IEC 27001 accreditation date: 02/25/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 11/11/2016
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: N/A
• PCI certification: Yes
• Who accredited the PCI DSS certification: CoalFire Systems, Inc.
• PCI DSS accreditation date: 2010 and July 2016
• What the PCI DSS doesn’t cover: Amazon Web Services (AWS) is a Cloud Service Provider (CSP) that does not directly store, transmit or process any customer cardholder data (CHD). However, AWS customers may create their own card data environment (CDE) that can store, transmit or process cardholder data using AWS products.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • AWS PCI DSS 3.2 Attestation of Compliance (AOC)
  • AWS 2016 PCI DSS 3.2 Responsibility Summary
  • SOC 2 Type 2
  • HIPAA Compliance
  • ISO 27001, ISO 27018
  • SOC 1, SOC 2, SOC3
  • FedRAMP

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
  • Other
• Other security governance standards: SOC2
• Information security policies and processes: Control Objectives for Information and related Technology (COBIT) framework and have effectively integrated the ISO 27001 certifiable framework based on ISO 27002 controls, American Institute of Certified Public Accountants (AICPA) Trust Services Principles, the PCI DSS v2.0, and the National Institute of Standards and Technology (NIST) Publication 800-53 Rev 3 (Recommended Security Controls for Federal Information Systems).

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: In alignment with ISO 27001 standards, MS Azure Hardware assets are assigned an owner, tracked and monitored by the MS Azure personnel with Azure proprietary inventory management tools. MS Azure procurement and supply chain team maintain relationships with all MS Azure suppliers. Refer to ISO 27001 standards; Annex A, domain 7.1 for additional details. MS Azure has been validated and certified by an independent auditor to confirm alignment with ISO 27001 certification standard.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Ms Azure patches systems supporting the delivery of service to customers, such as the hypervisor and networking services. This is done as required per MS Azure policy and in accordance with ISO 27001, NIST, and PCI requirements. MS Azure Security regularly scans all Internet facing service endpoint IP addresses for vulnerabilities (these scans do not include customer instances). MS Azure Security notifies the appropriate parties to remediate any identified vulnerabilities. In addition, external vulnerability threat assessments are performed regularly by independent security firms. Findings and recommendations resulting from these assessments are categorized and delivered to MS Azure leadership.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: MS Azure's program, processes and procedures to managing antivirus / malicious software is in alignment with ISO 27001 standards. Refer to MS Azure's SOC 2 Type II report provides further details. In addition, refer to ISO 27001 standard, Annex A, domain 10.4 for additional details. MS Azure has been validated and certified by an independent auditor to confirm alignment with ISO 27001 and SOC2 Type 2 certification standards and others.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: MS Azure's and Ivanti's incident response program, plans and procedures have been developed in alignment with ISO 27001 standard. The MS Azure's SOC 2 Type II report provides details on the specific control activities executed by Microsoft. Please also refer to Ivanti security and incident management policies here: https://www.ivanti.com/resources/security-compliance

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Softcat are dedicated to reducing our environmental impact and actively promoting sustainability. Our commitment to sustainability is a core aspect of our business strategy, driving us to innovate and lead in the creation of a more sustainable future for our company and the communities we serve. This commitment is embedded in our policies, operating procedures, and training programs.; ; We are proud to be the first FTSE 250 company to be awarded 5-star status in relation to the United Nations Sustainable Development Goals. ; ; We aim to achieve a Carbon Net-Zero Value Circle by 2040 by prioritising renewable energy, reducing natural resource use, minimising waste, and safeguarding biodiversity in compliance with environmental legislation.; ; At Softcat, we have taken significant steps towards securing renewable energy across our organisation, reducing our scope 1 & 2 emissions. We had the target of using 100% Renewable Energy across all our locations by 2024. We successfully delivered against this target ~2 years early.; ; In May 2023 we took delivery of 15 electric vehicles, replacing all existing fossil-fuelled company cars used by employees for business means. The implementation of the EV pool fleet will see a saving of over 80 tons of CO2e per year. A huge impact on our Net Zero targets.

  Tackling economic inequality

  As a value-add reseller, Softcat outsources the products, services, and solutions through our extensive network of partners, to best suit the needs of our broad client base. We always consider and promote SMEs and local providers where appropriate, particularly for the products and services we offer via the G Cloud framework.; ; We remain dedicated to improving employability and educational awareness across schools, colleges, and universities to help break down the barriers to joining technology organisations.; ; We work collaboratively with many schools that are close in proximity to our offices, to ensure we are actively supporting the community as well as schools from lower socio-economic backgrounds. ; ; We visit the schools to talk about the IT sector and the roles in our organisation, as well as promoting work-experience opportunities during the summer. In particular, we actively encourage students from diverse backgrounds to engage in work experience to appreciate the roles available in our sector.; ; For ambitious school and college leavers, a Softcat Apprenticeship is a great first step into the world of work, with 94% of our apprentices offered a permanent position at Softcat post apprenticeships, which goes to show the amazing opportunity available with us.; ; We were ranked 1st in IT & Consultancy, and 10th overall in by RateMyApprenticeship.com - Best 100 Apprenticeship Employers 2023-2024 list.; ; Softcat now also offer 12 month paid internships to University students looking to complete a year in industry as part of their undergraduate studies.

  Equal opportunity

  Our approach to diversity and inclusion is introduced first during our induction training, as part of our Softcat values, outlining responsibility to uphold our principles. This message is reinforced by our process and policies, networks, Allyship Training and Inclusion Awareness campaigns.; ; Softcat supports diversity and inclusion through various networks including:; - Supporting Women in Business (SWIB); - The Ethnic and Cultural Network; - The Pride Network; - The Family Network; - The Empowering Disability and Neurodiversity Network (EDN); - The Faith at Work Network; - Armed Forces & Veterans Network; These networks aim to create a supportive and inclusive work environment for all employees, regardless of gender, ethnicity, sexual orientation, disability, or family commitments.; ; Our allyship programme, Stronger Together, is a mixture of event and workshop-based training available to all staff. Programme topics include, bias, power, privilege, and being a greater ally. ; ; Inclusion Awareness campaigns include race, disability, sexual orientation, gender, faith, and caring responsibilities. These sessions highlight and celebrate minority groups, through panel sessions, Q&A sessions and training, providing an opportunity to discuss and understand ways to be more inclusive. ; ; Our efforts to improve diversity and inclusion have been incredibly successful. Since 2020, the number of female employees below management level has increased to 35%, and the number of ethnic minority employees rose to 17%.

  Wellbeing

  At Softcat, all employees are provided with access to our multidimensional wellbeing programme which includes flexible work arrangements, free nutritious breakfast, mental health support, employee benefits scheme, health and wellbeing week activities, and online workshops.; ; Giving back to the community is an innate part of who we are as a company. All Softcat employees are therefore given two volunteer days per year to support a charitable or community cause. ; ; Each of our 10 regional offices also support local charities through fundraising, donations and events. For example, our Manchester office has raised over £30,000 for the WeLoveMCR charity. This funding has supported young, disadvantaged Manchester citizens in gaining qualifications to broaden their work opportunities and supporting local groups in delivering indispensable services that enable community cohesion.

Pricing

• Price: £72.67 to £30,790 a licence
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We welcome organisations to try our 30 day free trial of Ivanti Neurons for ITSMr. Please go to: https://www.ivanti.com/en-gb/lp/itsm/trials/ivanti-neurons-for-itsm
• Link to free trial: https://www.ivanti.com/en-gb/lp/itsm/trials/ivanti-neurons-for-itsm

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psitq@softcat.com. Tell them what format you need. It will help if you say what assistive technology you use.