The IEA Enterprise Suite gives Premium subscribers a complete, resilient endpoint management platform — from profile-evaluated patch compatibility to enterprise compliance reporting, all in a secure OT-friendly architecture.
The Enterprise Suite integrates every layer of the patch lifecycle — from compatibility evaluation to deployment tracking and compliance evidence generation.
Every Windows security update is evaluated against your software profiles before deployment. Compatibility verdicts are computed per-KB, per-endpoint class — not guessed.
Generate audit-ready reports that demonstrate patch currency, remediation timelines, and compliance posture across your entire OT fleet — per site, per asset class, or globally.
Bidirectional integration with ServiceNow's OT Vulnerability Response module — planned for delivery in the next release. Patch findings flow directly into your existing ITSM workflow.
The Site Relay Server (SRS) is a self-contained Windows service that caches and proxies patch content on your OT LAN. No internet dependency. No single point of failure.
Granular RBAC with Admin, Contributor, Site Administrator, and Read-Only roles. Enforce least-privilege across both the CrowdCompatibility portal and the on-premise suite.
Premium users receive API key access to the IEA Agent API — enabling custom integrations, automated fleet queries, and programmatic patch orchestration.
The suite is architected with OT network constraints and security requirements as first-class design constraints — not afterthoughts.
IEA's compatibility findings will flow directly into ServiceNow's OT VR module — closing the loop between patch intelligence and your enterprise ITSM change management workflow. No manual CSV exports. No spreadsheet reconciliation.
IEA findings create VR records automatically. Remediation status reflects back to the dashboard in real-time.
Approved patches trigger OT change requests with pre-populated compatibility evidence attached.
SLAs are configured per OT risk class — critical infrastructure endpoints get tighter remediation windows.
Each KB is mapped to addressed CVEs, giving VR records full vulnerability context for risk prioritisation.
The IEA Suite enforces end-to-end encryption using TLS 1.3. To establish trust without external CA dependencies, we provide a dedicated Root CA management workflow.
In isolated OT environments, endpoints cannot verify certificates against public authorities. IEA solves this by using a dedicated Root CA for your deployment.
Without a trusted Root CA, agents would have to use "insecure" or "ignore-certificate" modes — leaving your OT network vulnerable to man-in-the-middle attacks. By installing our Root CA, you enable Full Validation Mode, ensuring every command and patch comes from your authorized infrastructure.
Stop building compliance evidence manually. The dashboard generates it continuously as your fleet is managed.
Live view of KB age per profile, colour-coded to configurable thresholds (yellow / red). One glance shows which machine classes are lagging — and by how many days.
Export the full per-profile KB compatibility matrix as structured CSV — ready for import into GRC platforms, audit workpapers, or insurance questionnaires.
Every patch deployment, agent check-in, and compatibility verdict is timestamped and retained. Provides a defensible audit trail for ICS-CERT findings and NIS2 obligations.
Multi-site deployments produce per-site compliance snapshots, ensuring that cross-site data leakage is architecturally prevented and independently verifiable per location.
Premium subscribers can download the full CES + SRS bundle directly from the dashboard. No internet dependency on your OT endpoints — ever.
Requires an active Premium subscription. Download links are signed and expire after 15 minutes.