My main use case for Ivanti Connect Secure is zero trust connectivity. The main feature I have been using is geolocation and source IP restrictions, ensuring security, advanced proxy support, and enhanced integrity rechecks. For this, I have to rely on the tool, and it is mainly used for secure remote access using SLS and VPN, and also for Zero Trust Network Access, alongside secure multicloud connectivity with Ivanti Connect Secure.

The best features I use more include granular zero trust access, the host checker, which I find important, and Ivanti Nervous integration, alongside robust clientless access, which I consider a good feature.

Ivanti Connect Secure has a very deep impact on my organization. Its main benefit is supporting modern hybrid work and high-level security compliance. It provides agility and aggressive security patches, leading to regular updates, with a significant operational impact from VPN to zero trust. The self-healing endpoint feature allows the system to detect if security software has crashed and fix it before the user attempts to log in, making it a standout feature.

The biggest friction point I have encountered with Ivanti Connect Secure is related to compliance. When the host checker is configured too strictly, it can conflict with ensuring 100% security. If the IT department sets a policy requiring a specific Windows update that an engineer's laptop has not downloaded, Ivanti Connect Secure will block their connection, preventing the engineer from working with the IT team. This creates an impact on collaboration between the security and data engineering teams. Additionally, management complexity exists.

I wish Ivanti Connect Secure would have features for auto-update for Windows.

The one change I would request is for Ivanti Connect Secure to have a modern administrative management console, along with a LogicFirst unified interface featuring authenticator server, user roles, user realms, and resource policies. I would appreciate it if these names were changed for clearer understanding.

I have been familiar with Ivanti Connect Secure for nearly one year.

Before I landed on Ivanti Connect Secure, I was using the Citrix tool for remote desktop access, and I previously used Pulse Connect Secure and Netscreen, which are older tools.

When I first implemented Ivanti Connect Secure, it did not take me a lot of time. Basically, it took one to two hours to run it, with deployment taking approximately fifteen to thirty minutes, and the initial setup requiring around thirty minutes along with licensing taking nearly ten to fifteen minutes.

The scope of using Ivanti Connect Secure is something I am mostly running on my own. It is not a team-wide scope.

By keeping numbers in mind, I can say we have reduced implementation times, resulting in over 300% ROI, with a payback period of less than six months, alongside a software spend reduction of approximately 25 to 30%. Additionally, we are saving approximately eight hours a week, with subscription costs per user around $80 to $150 per year, indicating significant cost reductions.

During the evaluation process, I considered other tools including Pulse Connect, alongside big three firewall competitors including Palo Alto, GlobalProtect, and Cisco Secure Connect. For cloud-native needs, I looked at Zscaler Private Access, Cloudflare One, and Microsoft Entra Private Access.

The main reason I chose Ivanti Connect Secure over those alternatives is its strengths such as hybrid visibility and endpoint control, along with superior endpoint integration. While the VPN can check if the antivirus is on, Ivanti Connect Secure's host checker is significantly more granular. It checks the logic for the data team handling personally identifiable information and blocks access unless a device complies exactly with corporate policies, which is often difficult to check for Zscaler and GlobalProtect. Additionally, Ivanti Connect Secure also offers deep legacy protocol support and clientless browser-based access, which influenced my choice.

When I open Ivanti Connect Secure, the first thing I do is check the host by entering the proper host name. Ivanti Connect Secure silently checks for the host name, then the antivirus status and OS patches, and also checks for firewall instructions. After that, the primary authentication is there where I need to put my username and password, and single sign-on is present, along with multifactor authentication, before I land on the homepage.

My team does not need formal training for the basic use case, but I can say it is quite intuitive to pick up. I would recommend that formal training should be provided. The adoption of Ivanti Connect Secure is quite good, as people are using the tool.

Ivanti Connect Secure is used by some of the team's candidates and by some people only. The whole company does not use it. During implementation, we discovered features including multicloud management and accelerated networking that we are not using.

The way my team works together has changed. Collaboration has increased, making it easier to keep an eye on things.

My advice for someone considering Ivanti Connect Secure with a similar workflow is to adopt a two-arm deployment strategy. I recommend not settling for a one-arm setup. Using a two-arm configuration with distinct internal and external ports physically separates public-facing traffic from sensitive backend data, allowing different network security groups to be applied to each interface, thereby providing cleaner and more audit-friendly security boundaries. I would rate this review a 9 out of 10.

The solution is useful for connecting with roaming users outside the office locations.

We use Ivanti Connect Secure to enable roaming access to our office resources. It offers robust features such as two-factor authentication and host checking, making it a wonderful product.

Some vulnerability issues have led to a high alert in the US and other countries. We've had to initiate a reset of all systems, including Factory and DC, and refresh the configurations.

I have been using Ivanti Connect Secure for ten years.

I rate the solution’s stability an eight out of ten.

3,000 users are using this solution.

I rate the solution’s scalability an eight out of ten.

Most of the time, we resolve issues ourselves. Our Internet team is also quite competent and well-versed. There are usually no issues. I do encounter some technical delays

The initial setup is simple.

The product costs around 2000 rupees per year.

It is easy to integrate other solutions with Connect Secure.

We are currently using Ivanti Connect Secure with client-based connectivity. Implementing clientless connectivity enable us to connect without the need for any client software. This allow us to access office resources such as URL-based or SAP SaaS-based systems. Additionally, Ivanti is working on enhancing this feature, which is a positive development. In terms of competition, backups from other providers like Cisco AnyConnect and Fortinet are also considered.

I've worked with Cisco Connect and FortiGate, which are relatively easy to work with. FortiGate does have quite a few bugs, making some applications not visible, which can cause discomfort during implementation. The only concern arises from the vulnerabilities that are found.

Ivanti Connect Secure's security is a priority, since they're operating on a legacy OS platform. Approximately 22,000 Ivanti users have transitioned from Juniper to Pulse Secure and then to Ivanti. I strongly recommend avoiding the use of any legacy platforms for security reasons. It's advisable to utilize the latest platforms equipped with comprehensive security management features.

Overall, I rate the solution an eight out of ten.