Great video on the Ivanti exploit and the importance of baselining.

The issue of mass exploiting Ivanti VPN zero-days can be resolved by applying mitigation measures provided by the vendor on all ICS VPNs on the network, running Ivanti's Integrity Checker Tool, and considering all data on the ICS VPN appliance as compromised if signs of a breach are found. Additionally, admins should follow the mitigation guidance provided by Ivanti, apply patches as soon as they are released, and stay updated on security advisories to protect against further exploitation.

which network tool good for baselining ?