Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    BigFix Finds, Fixes Flaws Across Nets

    By
    Andrew Garcia
    -
    March 8, 2004
    Share
    Facebook
    Twitter
    Linkedin

      With BigFix Enterprise Suite 4.0, BigFix Inc. builds on its extensive patch management experience to present a well-designed, all-encompassing vulnerability identification and remediation platform. Administrators who require a multiplatform patching solution that can also track and maintain anti-virus software and security-related registry settings will find BES 4.0 well worth a look.

      At the heart of the updated suite, which shipped last month, is BigFix Patch Manager, an outstanding patch remediation solution for Windows and various other operating systems. Version 4.0 offers a greatly improved reporting mechanism and increased scalability through an easily deployed relay architecture.

      BES uses client agents to identify and install missing patches. These agents dig deep into the client and report hardware, registry and file system information to the server, enabling a powerful mechanism that groups computers according to a slew of attributes.

      BES remediates problems via Fixlets—chunks of code that are specific to a particular patch or vulnerability. Fixlets provide client agents with the intelligence to identify vulnerabilities and missing patches; serve descriptive information regarding the patch and vulnerability for the administrator; and activate scripts that download the appropriate files (if necessary), verify their authenticity and install them according to administrator-defined behaviors.

      BES 4.0s price is based on the volume of client licenses and the services needed. For a network using only the base module, BigFix Patch Manager, pricing is $21.50 per Windows client per year, and $58 per non-Windows client. A network with 5,000 managed agents can expect to pay $16.50 per Windows agent per year for Windows clients and $44.50 for each non-Windows machine.

      We installed the BES Server and BES Console components on a Windows 2000 server running IIS (Internet Information Services) 5.0, using the included MSDE (Microsoft SQL Server 2000 Desktop Engine) database. Companies that need greater scalability or multiple simultaneous console sessions are advised to use their own installed version of SQL Server instead.

      Installing a BigFix agent on our Windows 2000 and XP clients was a snap. The agent deployment tool can target individual host names or Active Directory organizational units for centralized distribution from the console.

      One of BES 4.0s greatest strengths is its multiplatform support, although the price difference makes BES a more feasible solution for servers over desktops. BigFix provides client agents and Fixlets for Sun Microsystems Inc.s Solaris Versions 7, 8 and 9; Red Hat Inc.s Red Hat Linux 7.1 and 8.0; and SuSE Linuxs SuSE Linux 8.0. Support for Hewlett-Packard Co.s HP-UX and IBMs AIX is in the works, officials said.

      Client distribution to our Red Hat Linux 8.0 clients was not as smooth as to Windows clients, however, requiring several calls to BigFixs tech support, which eventually provided us with an updated version of the Agent Installation RPM. Wed like to see BigFix beef up its online support Web site, which is not as comprehensive as PatchLink Corp.s and provides next to no information for Linux deployments.

      In tests, we quickly identified Windows 2000 machines that were missing MS04-007 and MS03-039 patches. We then scheduled a job that installed both patches, ran Microsofts QChain to resolve any DLL mismatches and rebooted the machines. We updated only the SSH (Secure Shell) package on our Linux machines, but many more Fixlets are available for non-Windows machines.

      BES 4.0 allows the administrator to tag Fixlets so that they automatically install to new clients as they join the network. This is done on a per-Fixlet basis. Wed like to see BigFix improve on this ability, further allowing administrators to create templates spanning multiple patches or vulnerabilities that can be assigned as a single object to a group of computers. Competitive products from PatchLink offer this capability.

      BES Console provided excellent real-time reporting on the status of each job, letting us know where each client stood. We also liked the ease with which we could specify whether the patch should be automatically redeployed if a machine fell out of compliance again.

      However, the way the console links between screens as the administrator moves around leaves a mess of windows open in the background, making it somewhat difficult to retrace steps.

      BES Console also provides access to a wealth of Web-based reports. This separate application uses BES Servers IIS 5.0 Web server to distribute reports that range from high-level executive overviews to granular updates on individual machine status.

      We liked how BES 4.0 obviates deploying multiple BES servers by using relays to increase scalability throughout the enterprise. From the console, administrators can easily designate any client as a relay, which automatically mirrors all patches cached on BES Server. Clients can then be manually directed to a specific relay or to find the closest relay, thereby easing bandwidth concerns over slow WAN links.

      Through the optional VIR (Vulnerability Identification and Remediation) Manager (up to an additional $5 per agent annually), BigFix moves beyond basic patch management to the larger realm of vulnerability management and application deployment. VIR Manager activates Fixlets that identify and address The SANS Institutes Top 10 Vulnerabilities to Windows Systems and many other registry-based weaknesses.

      Using VIR Manager, we quickly identified Windows 2000 machines with POSIX and OS/2 subsystems still enabled and removed the subsystems.

      VIR Manager includes BigFix Client Manager for Anti-Virus, which ensures clients are running anti-virus software from major players Symantec Corp., McAfee Security, Trend Micro Inc. or Computer Associates International Inc., but Panda Software Inc. and Sophos plc. products are notably unsupported. When BES Console detected that one of our clients was missing anti-virus software, we could quickly deploy an installation script to the offending machine.

      For managers seeking to deploy their own fixes and packages, BES 4.0 offers BigFix Configuration Manager (which we did not test). This option provides an authoring tool and development environment, allowing managers to create their own Fixlets.

      Technical Analyst Andrew Garcia can be reached at andrew_garcia@ziffdavis.com.

      Andrew Garcia
      Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for eWEEK.com, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at agarcia@eweek.com.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×