BigFix Enterprise Suite v7.2
Strengths: Completeness of endpoint management capabilities
Weaknesses: May have to dedicate distributed relays in a large environment to maintain performance
Verdict: Great level of detail and reporting available for endpoint
BigFix Enterprise Suite v7.2 provides security configuration and vulnerability management, and allows for broad policy enforcement in the enterprise, with real-time visibility and control of policies enabled from a central management console. BigFix provides real-time granular assessment of endpoint state, enforcement of policies against that state, and the ability to remediate and confirm remediation of devices that are out of compliance with policies.
BigFix allows for continuous distributed scanning for discovery of IP-enabled devices on the network. Once the agent is deployed, devices are managed, on or off the corporate network.
Management capabilities include: asset discovery and inventory; software distribution; patch, power, security configuration and vulnerability management; endpoint protection; and network access control. High-level dashboard views into the enterprise deployment allow an IT administrator to drill down into problem areas.
BigFix does deploy agents to the managed endpoints. It is a single agent and is designed to be very light, using up to two per cent of the CPU in the worst case. Agents can be configured to run as relays, which adds to scalability and allows for the regular scan updates for vulnerability and inventory information.
Scanning thousands of endpoints across multiple VLANS in an enterprise can be time-consuming. This capability, although it may add overhead to the "relay" endpoints, can greatly reduce the time necessary to keep up-to-date vulnerability data on every system. BigFix uses an integrated NMAP scanner and the Oval standard for vulnerability assessments.
The hardware and software inventories were very detailed. There were policy templates for managing compliance. These could be easily customised. Email alerting for policy violations was available. Reporting was strong, with good executive-level overview display and drill-down to technical details. You can even make remediation changes from the report screens as you continue to drill down.
Support for most operating systems, features and ease of use make this a good solution for endpoint management.