BigFix Patch Management 7.2
March 01, 2010
c£3.60 subscription per seat
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Many useful technical features
- Weaknesses: Steep learning curve. Repeated prompts for authentication when making significant changes
- Verdict: Overall a solid product for organisations that are drawn to a high degree of flexibility and control
BigFix Patch Management is a client-server patching solution that integrates with a company's asset discovery, configuration management, endpoint protection and vulnerability management technologies to help manage endpoints in the enterprise.
Installed on a single Windows-based machine, the solution comprises a console, server, client agents and relays. It can analyse and deploy patches for several different operating systems, including Windows, Linux, Unix, Mac, ESX and Windows mobile.
Product installation is fairly straightforward, but several security-driven steps are needed to create licence and certificate files. The goal of the security measures during component initialisation is to ensure actions taken against the hosts are valid. Expect several password prompts, both when installing the solution, and when executing any actions that require significant changes to the target hosts.
BigFix definitely does not have the most user-friendly interface and some may find it challenging to learn. However, it provides a large number of technical features. There is extensive support for managing assets and patch rules for operating systems and apps.
The technology is driven by Fixlet messages, which are tasks where administrators determine what is important to act on or not. Messages can cover administering the solution itself, to reports from the endpoints regarding what patches might be missing and configuration of how to administer deployment.
Patch management is driven by a series of external subscriptions to BigFix for each OS or configuration supported. The architecture of the solution has redundancy and performance in mind, as agents report to various relays, leaving the console to run extremely lightweight, without much processor utilisation.
The bane of the solution is its complexity. There is a much steeper learning curve than for most solutions, as it takes quite a bit of time to become acclimatised to the very technical interface. Managing hosts to particular baselines, configuration standards, deploying patches and running reports are all top notch.
Documentation for the solution is solid, including some guides and task enumeration to help administrators through the inevitable learning curve. BigFix's support site contains a customer form and knowledgebase.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- The information security implications of M&A deals
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime