Sponsored Links
-->

Wednesday, January 10, 2018

Installation Procedure
src: www.ibm.com

IBM BigFix formerly IBM Endpoint Manager, Tivoli Endpoint Manager (TEM) and before that, BigFix, is a systems-management software product developed by IBM for managing large groups of computers running Windows, Mac OS X, VMware ESX, Linux or UNIX, as well as various mobile operating systems such as Windows Phone, Symbian, iOS and Android. IBM BigFix provides system administrators with remote control, patch management, software distribution, operating system deployment, network access protection and hardware and software inventory functionality.



Video IBM BigFix



History

The software is the result of the integration of assets acquired from BigFix into the IBM portfolio, and extends IBM's capabilities to manage the security and compliance of servers, desktops, roaming laptops, and point-of-sale devices, such as ATMs and self-service kiosks. The software combines endpoint and security management into a single solution and enables organizations to see and manage physical and virtual endpoints.


Maps IBM BigFix



Capabilities

IBM BigFix has the following capabilities:

  • Single agent for endpoint self-assessment and policy enforcement
  • Utilize a single network port, TCP/UDP port 52311, for all server, relay, and client communication
  • Near real-time visibility and control from a single management console
  • Manage hundreds of thousands of endpoints regardless of location, connection type or status
  • Target specific actions to an exact type of endpoint configuration or user type
  • Provide patch management, software distribution, OS deployment
  • Support heterogeneous platforms
  • Provide Mobile Device Management
  • Automatically assess endpoints and remediate vulnerabilities according to National Institute of Standards and Technology (NIST) standards
  • Provide real-time protection from malware and other vulnerabilities.

Interrogate endpoints with IBM BigFix Query - YouTube
src: i.ytimg.com


Fixlets

IBM BigFix, Fixlet messages are the method by which software, patches, and configurations are deployed to managed clients. Fixlet messages use an IBM BigFix-specific query language called the Relevance Language to apply only to computers that meet an administrator-defined criterion. If a client is found to meet that criterion then another part of the Fixlet message called the Action Script determines what change is made to the client as a result of its failing to meet applicability criteria.

Relevance Language

The Relevance Language is a query language created by BigFix, Inc. prior to being purchased by IBM, and is used by the BigFix platform. The purpose of the relevance language is to provide an interface by which properties of a client (such as cpu, disk space, etc.) could be retrieved. The value of the relevance language is that it, to a certain extent, abstracts away platform-specific query mechanisms like WMI, /Proc, and SIM. This allows an operator to learn one query language that works across all supported platforms. In addition to cross platform compatibility, relevance is an extremely efficient query language, often responding up to hundreds of times faster than native alternatives, such as WMI.

Action Script

The Action Script language is a scripting language created by BigFix, Inc. prior to being purchased by IBM, and is used by the BigFix platform. The purpose of the action script language is to provide an interface by which changes can be made to a client. The value of the action script language is that it, to a certain extent, abstracts away platform-specific scripting differences like directory traversal, script execution and flow control. This allows an operator to learn one scripting language that works across all supported platforms.


Starting BigFix Compliance Analytics
src: www.ibm.com


Platform components

The core IBM BigFix platform can be extended using additional components delivered by IBM:

IBM BigFix for Lifecycle Management includes Patch Management, Remote Control, Software Distribution, and OS Deployment. Patch Management includes patches for Microsoft, UNIX, Linux, and Macintosh operating systems. Remote Control gives you the ability to monitor and control PCs and servers. Software distribution provides a package library and automation toolkit for endpoint administrators. OS Deployment provides imaging and provisioning of operating systems as well as operating system migration capabilities.

IBM BigFix for Patch Management includes vendor patches for Microsoft, UNIX, Linux, and Macintosh operating systems as well as patches for third-party applications by Adobe, Google, and Microsoft.

IBM BigFix for Security and Compliance provides common STIG, CIS, and third-party security baselines, network self quarantine, and removable device control.

IBM BigFix Inventory gathers information about installed software and hardware in a customer's infrastructure. Software Use Analysis tracks application usage on endpoints to determine the number and type of licenses required for licensed software.

IBM BigFix for Server Automation provides hypervisor operations to build and manage virtual machines in a datacenter environment. In addition, the Server Automation component provides the ability to do middleware management tasks to support operating system patching for clustered systems.


IBM BigFix (Endpoint Manager) - Getting Started with Patch ...
src: i.ytimg.com


Architecture

The IBM BigFix system has the following main components:

IBM BigFix Agents are installed on every computer that is managed using IBM BigFix. The agents access collections of content called, "Fixlets" that allow the agent to automatically detect and correct security exposures, incorrect configurations, and other vulnerabilities. IBM BigFix Agent software can run in Windows, Linux, Solaris, HP-UX, AIX, and Macintosh operating systems.

IBM BigFix Relays acts as a cache between IBM BigFix clients and their server. The relays cache patch content for clients to download and the relays aggregate client reports for the IBM BigFix server. IBM BigFix relays do not need to run on dedicated hardware and can run on any number of client and server operating systems. IBM BigFix relays can connect also to other relays allowing for a hierarchy of relays in the environment.

IBM BigFix Servers provide a collection of interacting services, including application services, a web server, and a database server, forming the core of the IBM BigFix system. The server coordinates the flow of information to and from individual computers and store the results in the IBM BigFix database. The IBM BigFix supports multiple servers in a replication topology allowing for high availability and disaster recovery.

IBM BigFix Web Reports is a web-based reporting module that allows authorized users to view all of the information available for managed endpoints including vulnerabilities, actions, and more. A single IBM BigFix Web Reports server can aggregate reporting information from multiple IBM BigFix servers.

IBM BigFix Consoles allow administrators, also called operators, to view and interact with all of the clients and servers in the IBM BigFix environment. The IBM BigFix Console allows an authorized user to quickly and easily distribute software patches and configuration settings. You can run the IBM BigFix console on any modern 64-bit Windows operating system that has network access to the IBM BigFix Server. BigFix also offers a new WebUI for administration via a Web Browser.


Activating the license counting process
src: www.ibm.com


External links

  • http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=897/ENUS213-080
  • http://www.ibm.com/security/bigfix/endpoint-management/
  • https://forum.bigfix.com/
  • http://bigfix.me/
  • http://auditoriadesoftware.com/gestiona-tiempo-real-los-puntos-mas-debiles-una-empresa-bigfix/
  • http://auditoriadesoftware.com/que-es-bigfix/
  • http://auditoriadesoftware.com/caracteristicas/
  • http://auditoriadesoftware.com/arquitectura-2/

What's the Big Deal With the IBM BigFix Culture?
src: static.securityintelligence.com


References

Source of article : Wikipedia