Difference between revisions of "BigFix"

From RiceFamily Wiki
Jump to: navigation, search
(Interesting items)
(Interesting items)
 
(208 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
= What is BigFix =
 +
== Short Answer ==
 +
BigFix is a "Agent Based" system used to securely manage computers without needing to constantly visit each computer.
 +
 +
== Long Answer ==
 +
BigFix is a "Client/Server" based system of managing remote computers.
 +
Member computers need to be connected to the network, and can be managed anywhere in the world as long as they are actively connected to a network where they can reach a Relay or the BigFix server. 
 +
The Server and Clients use Relays as "store and forward" devices to allow a huge amount of computers to be managed by a single BigFix implementation.
 +
Console Operators can deploy software to remote computers, including OS Patches and Software installation packages.
 +
Authorized Console Operators can create custom Fixlets and Tasks to perform any task on remote computers that can be scripted.
 +
Management of Computers can be distributed between multiple "Console Operators" and different levels of access can be assigned via the Role objects.
 +
 +
== Components ==
 +
* BigFix Servers
 +
* Console Operators
 +
* Roles
 +
* Sites
 +
* Relays
 +
* Clients
 +
* WebUI Server
 +
* Web Report Server
 +
* Fixlets/Tasks
 +
* Analyses
 +
* Actions
 +
 +
= HCL Content =
 +
HCL Recently bought BigFix from IBM.  This means most all of the links below will need to change. (!!)  Perfect time to clean things up and re-organize the collection!
 +
 +
These links are [https://forum.bigfix.com/t/release-announcement-hcl-bigfix-9-5-product-documentation/31919 from a recent posting on the Forums] and should be a good starting point to fixing the rest of the links.
 +
* [https://help.hcltechsw.com/bigfix/9.5/platform/welcome/BigFix_Platform_welcome.html Platform]
 +
* [https://help.hcltechsw.com/bigfix/9.5/patch/welcome/BigFix_Patch_welcome.html Patch]
 +
* [https://help.hcltechsw.com/bigfix/9.5/lifecycle/welcome/BigFix_Lifecycle_welcome.html Lifecycle]
 +
* [https://help.hcltechsw.com/bigfix/9.5/inventory/welcome/BigFix_Inventory_welcome.html Inventory]
 +
* [https://help.hcltechsw.com/bigfix/9.5/compliance/welcome/BigFix_Compliance_welcome.html Compliance]
 +
* [https://help.hcltechsw.com/bigfix/9.5/webui/welcome/BigFix_WebUI_welcome.html WebUI]
 +
 +
* [https://bigfix-ideas.hcltechsw.com/ HCL BigFix Idea Center]
 +
 +
According to the Forum post, Internet Explorer is NOT supported at the above links.
 +
 +
According to HCL, they are working on providing updated PDF forms of the documentation.
 +
 +
HCL BigFix Technology Partner information can be found [https://www.hcltechsw.com/bigfix/partners HERE]
 +
 +
= V10 Cloud Functions =
 +
* [[BigFix v10 Cloud Functionality]]
 +
* [https://help.hcltechsw.com/bigfix/10.0/platform/Platform/Config/c_pluginportal.html The Plugin Portal]
 +
 
= Sites =
 
= Sites =
 +
* [https://www.itcentralstation.com/products/ibm-bigfix-reviews IBM BigFix Review]
 
* [http://Developer.bigfix.com Developer Site]
 
* [http://Developer.bigfix.com Developer Site]
 
* [http://bigfix.me BigFix.Me]
 
* [http://bigfix.me BigFix.Me]
 
* [http://forum.bigfix.com Forums]
 
* [http://forum.bigfix.com Forums]
 +
** [https://forum.bigfix.com/t/bigfix-documentation-resources/12540 Documentation Thread in Forums]
 
* [[BigFix Inventory]]
 
* [[BigFix Inventory]]
 +
* [[IBM License Metric Tool]]
 +
* [https://github.com/jgstew/tools JGStew's Tools]
 +
 +
= Subjects =
 +
* [[IBM BigFix Environment Management]]
 +
* [[IBM Server Automation]]
 +
* [[IBM BigFix Basics]]
 +
* [[BigFix Service Now Integration]]
 +
* [[Configuring SSL Certs for BigFix Components]]
 +
 +
= Items to Remember =
 +
* RITM2586103 - New Project request so I can get a new VM for the BigFix Test environment.  Freaking stupid that I have to request a whole project just to get a new VM for the Test Environment of a FUNCTIONAL system.
 +
* [https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910/entry/How_will_IBM_BigFix_Patch_address_new_servicing_models_for_Windows_7_and_8_1?lang=en How will IBM BigFix Patch address new servicing models for Windows 7 and 8.1?] (Broken)
 +
* KB0024021
 +
* TASK1728858 - Relay Refresh with X3250 and RS140's.
 +
* RITM1309391 - Decommission request for DEMO & CON1
 +
* [[BigFix WebUI]]
 +
* RITM1518487 - New DMZ Relay
 +
* RITM1518488 - New DMZ Relay
 +
* [https://forum.bigfix.com/t/root-server-hardware-specs/21188/2 Root Server Hardware Specs] - Discussion about running in a VM
 +
* TASK2593699 - Requesting Service Account for WebUI DB access.
 +
* TASK2597919 - Requesting Service Account SQL access required for WebUI functionality based on documentation from IBM.
 +
* RITM2013089 - SSL Request for Test Environment
 +
* RITM2118451 - Restore Firewall rule for Relays in DMZ (restoring access from Internet on port 52311)
 +
* [https://bigfix.me/fixlet/details/25507 7Zip 18.05 x64 Update]
 +
* PRJ0064377 - Relay Project
 +
* KB0029526 - DHTS Work Instructions on Clearing/Resetting a BigFix Relay
 +
* RITM2240495 - Technical Bridge request for DNS change as part of the switch from Physical to Virtual BigFix servers.
 +
* [[Using DSA to replace a BigFix Server]]
 +
* KB0030524 - Procedure to generate and install an SSL Cert for the Web Reports server.
 +
* RITM2589542 - New Cert for ILMT Server
 +
* PRJ0080342 - Rebuild BigFix Test Environment
 +
* RITM2638250 - Decommission VML-TEM-ILMT and VML-TEM-DB2
 +
* RITM2688193 - Request new PACE Relay
 +
* RITM2688192 - Request new PACE Relay
 +
* RITM2759511 - Firewall request to allow Server communications into the dc-dhts-non-clinical VRF
 +
* INC2496211 - Problem adding Group Manager Groups to Local Administrator Groups via Command Line NET LOCALGROUP commands and Power Shell.
 +
* RITM3374423 - Requested SQL Server be installed on the new SCA server.
 +
* RITM3380791 - New Project Request for Microsoft SCCM POC
 +
* RITM3405803 - Decommission two DMZ Relay servers
 +
* CHG0184584 - Change to Remove BigFix Inventory from Production Environment
 +
* TASK3771248 - Task to create a "Universal" Encryption property in BigFix for reporting purposes.
 +
* RITM3835378 - F5 VIP Request for BF-Core
 +
* [https://docs.microsoft.com/en-us/windows/deployment/update/windows-update-resources Microsoft Windows Update Resources]
 +
* CS0295243 - HCL ticket about systems cycling between Evaluating, Pending Download, and not Relevant.
 +
* RITM4462525 - New ILMT SSL Cert Requested
 +
* RITM4512395 - New WebUI SSL Cert Requested
 +
* RITM5054521 - New WebUI SSL Cert Requested (2023)
 +
* RITM5503316 - Decommissioning 4 Remote Relay Servers running 2012R2
 +
* RITM5523128 - New WebReports SSL Cert Requested (2024/01/10)
 +
* RITM5687282 - New ILMT SSL Cert Request (2024/03/07)
 +
* RITM5913381 - Firewall Requests for ILMT
 +
 +
= Active Issues =
 +
* [[BigFix Server Client Report Ingestion Stalls at Midnight]]
 +
 +
= Tutorials and Training Material =
 +
* [https://www.securitylearningacademy.com IBM Security Learning Academy]
 +
 +
= Items to investigate further =
 +
* https://github.com/jgstew/tools/blob/master/CMD/install_bigfix_universal.bat
 +
* https://forum.bigfix.com/t/using-and-understanding-the-inspector-guides/17850
 +
* https://forum.bigfix.com/t/9-5-2-problem-with-detecting-restart/17643/13
 +
* [https://forum.bigfix.com/t/cve-dashboard-available/17887 CVE Dashboard]
 +
* [https://forum.bigfix.com/t/one-computer-list-of-its-properties/18151 One Computer - List of its Properties]
 +
* [https://forum.bigfix.com/t/permissions-to-cancel-actions/18144/8 Permissions to cancel an Action] - RESTAPI to stop an action.
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Managing%20Pending%20Restart%20and%20automatic%20restart%20of%20endpoints Managing Pending Restart and Automatic Restart of Endpoints]
 +
* [[Advanced Server Configuration Items]]
 +
** Password Restictions
 +
 +
= Integrations =
 +
* [http://www.systemsmanaged.com/upgrading-your-tws-agents-using-ibm-endpoint-manager-2/ BigFix Integration with IBM Workload Scheduler (IWS)]
 +
* [https://exchange.xforce.ibmcloud.com/hub/extension/IBMBigFix:CVEDashboard BigFix CVE Dashboard]
 +
* [[BigFix Command Line]]
 +
* [[BigFix and Microsoft SCOM]]
 +
 +
= Diagnostics =
 +
* http://www.ibm.com/support/knowledgecenter/SS6MER_9.2.0/com.ibm.tivoli.tem.doc_9.2/Platform/Web_Reports/c_adding_a_datasource.html?cp=SS6MER_9.2.0&lang=en
 +
* http://www.ibm.com/support/knowledgecenter/SS6MER_9.2.0/com.ibm.tivoli.tem.doc_9.2/Platform/Web_Reports/c_deploy_standaloneWR.html
 +
* http://www.ibm.com/support/knowledgecenter/SS6MER_9.2.0/com.ibm.tivoli.tem.doc_9.2/Platform/Web_Reports/c_configuring_AD_web_reports.html
 +
* http://www.ibm.com/support/knowledgecenter/SS6MER_9.2.0/com.ibm.tivoli.tem.doc_9.2/Platform/Web_Reports/c_post_LDAP_upgrade_steps.html
 +
 +
= Current Issues =
 +
* [https://forum.bigfix.com/t/wmi-use-a-where-clause-with-select/14377 WMI Select with a Where clause]
 +
* [[BigFix on Embedded Windows Devices]]
 +
* [[ILMT Needs to be upgraded]]
 +
* [https://forum.bigfix.com/t/making-an-aciton-relevant-after-a-particular-day-of-week/19484/7 Making an Action Relevant after a particular day of week]
 +
* [[IBM BigFix Inventory]]
 +
* [[Microsoft Windows Patching]]
 +
* [[IBM BigFix Software Distribution|Software Distribtuion]]
 +
* [[IBM BigFix Relay Maintenance]]
 +
* [[Linux Based Relays Going Off-Line]]
 +
* [https://forum.bigfix.com/t/microsoft-delta-updates-optional/26157 Microsoft Delta Updates]
 +
* https://forum.bigfix.com/t/autopkg-integration-for-mac-os-x/11590
  
 
= Remote Site Relay Hardware =
 
= Remote Site Relay Hardware =
Line 13: Line 157:
 
Our Facilities Manager doesn't like them because they don't have Dual Power Supplies.  My thought is "that's fine", I plan to use them in an N+1 configuration for each location anyway.  If there is even dual power available at a location, we can always connect the even numbered units to one leg of power and the odd numbered units to the other leg of power.  If power fails at a site, my guess is most of the workstations will go with it, and there won't be a huge need for the Relays ANYWAY.
 
Our Facilities Manager doesn't like them because they don't have Dual Power Supplies.  My thought is "that's fine", I plan to use them in an N+1 configuration for each location anyway.  If there is even dual power available at a location, we can always connect the even numbered units to one leg of power and the odd numbered units to the other leg of power.  If power fails at a site, my guess is most of the workstations will go with it, and there won't be a huge need for the Relays ANYWAY.
  
So now begins the search for inexpensive rackable computers with Dual Power Supplies until I can convince someone it's a bad idea.
+
== The Solutions ==
 +
It looks like it's going to be a combination of both the RS140 and the X3250 from Lenovo.
 +
* [http://shop.lenovo.com/us/en/systems/servers/racks/thinkserver/rs140/ Lenovo RS140]
 +
** Low Cost
 +
** Mountable in 2 post rack systems (TelComm Racks)
 +
** Single Power Supply
 +
* [http://shop.lenovo.com/lv/lv/systems/servers/racks/x3250-m5/ Lenovo X3250-m5]
 +
** Low Cost
 +
** Mountable in standard server racks
 +
** Dual Power Supplies available as an option
 +
 
 +
= History =
 +
The search for inexpensive rackable computers with Dual Power Supplies until I can convince someone it's a bad idea.
 
* [http://www.dell.com/downloads/global/products/pedge/r420_spec_sheet.pdf Dell PowerEdge R420] (Cannot locate on Dell's Web Site)
 
* [http://www.dell.com/downloads/global/products/pedge/r420_spec_sheet.pdf Dell PowerEdge R420] (Cannot locate on Dell's Web Site)
 
* [http://www.dell.com/us/business/p/poweredge-r330/pd?oc=pe_r330_1065&model_id=poweredge-r330&l=en&s=bsd Dell PowerEdge R330] - $1,385.40 - Configured with No OS, No RAID, 500GB SATA Drive, Dual Power Supplies and 8GB RAM.
 
* [http://www.dell.com/us/business/p/poweredge-r330/pd?oc=pe_r330_1065&model_id=poweredge-r330&l=en&s=bsd Dell PowerEdge R330] - $1,385.40 - Configured with No OS, No RAID, 500GB SATA Drive, Dual Power Supplies and 8GB RAM.
Line 20: Line 176:
 
* [http://www.abmx.com/4u-rackmount ABMX Rack mountable servers]
 
* [http://www.abmx.com/4u-rackmount ABMX Rack mountable servers]
 
* [https://www.cdw.com/shop/products/StarTech.com-4U-Vertical-Wall-Mount-Equipment-Rack-Bracket-125.3-lbs/1792054.aspx Wall Mount Rack]
 
* [https://www.cdw.com/shop/products/StarTech.com-4U-Vertical-Wall-Mount-Equipment-Rack-Bracket-125.3-lbs/1792054.aspx Wall Mount Rack]
 +
 +
= Relevance =
 +
* [https://forum.bigfix.com/t/relevance-question-list-out-all-relevant-fixlets-for-a-computer-group/16692 Relevance Question: List out all relevant fixlets for a Computer Group]
 +
* [https://forum.bigfix.com/t/action-parameter-to-define-ip-address/16739/7 Action Parameter to define IP Address]
 +
* string values of selects "MediaLoaded from Win32_CDROMDrive" of wmi
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Property%20%26%20Relevance%20Examples Examples of Relevance From IBM]
 +
* [[IBM BigFix Session Relevance]]
  
 
= I Want to ... =
 
= I Want to ... =
 +
* [[Enable SAML 2.0 under BigFix]]
 +
* [[Improve Performance]]
 +
* [[Uninstall software that's not being used]]
 +
* [[Ensure that the BigFix client and Communications are secure]]
 +
* [[Efficiently use BigFix to patch a brand new Computer]]
 
* Know [[How BigFix works]]
 
* Know [[How BigFix works]]
 +
* [http://www-01.ibm.com/support/docview.wss?uid=swg21505741 Change where the BigFix Console stores it's Cache data]
 
* [[View information about BigFix managed computers]]
 
* [[View information about BigFix managed computers]]
 
* [[Install the BigFix client on Windows]]
 
* [[Install the BigFix client on Windows]]
* [[Install the BigFix clinet on Windows from the DMZ or Outside the Network]]
+
* [[Install the BigFix client on Windows from the DMZ or Outside the Network]]
 
* [[Install the BigFix client on OS X]]
 
* [[Install the BigFix client on OS X]]
 
* [[Install the BigFix clinet on OS X from the DMZ or Outside the Network]]
 
* [[Install the BigFix clinet on OS X from the DMZ or Outside the Network]]
Line 32: Line 201:
 
* [[Create a Patching Baseline for the Citrix Servers]]
 
* [[Create a Patching Baseline for the Citrix Servers]]
 
* [[Create a Patching Baseline for the Monthly Microsoft patches]]
 
* [[Create a Patching Baseline for the Monthly Microsoft patches]]
* [Change the Owner property for the BigFix Client]]
+
* [[Change the Owner property for the BigFix Client]]
 +
* [https://forum.bigfix.com/t/csv-regular-expression-and-tuple-string-items/16259 Parse CSV with Regular Expressions and Tuples]
 +
* [[Deploy the BigFix Client to a number of remote computers]]
 +
* [[Determine how the BES Client knows there is something to do?]]
 +
* [[Determine how long a Computer has been in BigFix]]
 +
* [[Determine what the 'external' IP address of a computer is]]
 +
* [https://forum.bigfix.com/t/getting-data-from-both-native-and-wow6432-registry-branches/18308 Read data from both branches of a 64bit Windows system]
 +
* [https://forum.bigfix.com/t/win2012-r2-core-post-action-restart/17947/5 Restart a Win2012r2 Core server]
 +
* [https://forum.bigfix.com/t/bigfix-relay-functional-test/19610 Monitor BES Relays]
 +
* [[How to disable NotBIOS on Windows computers]]
 +
* [[Generate Random Numbers]]
 +
* [[Stagger Action Start Times AND Content Downloads in BigFix]]
 +
* [[Run PowerShell Scripts from BigFix]]
 +
* [[Work with Windows Scheduled Tasks from BigFix]]
 +
* [[Install SSL Certs on the WebUI Server]]
 +
* [[Improve BigFix Server Performance]]
 +
* [[Deploy an Action the user can trigger or that will start on a schedule]]
 +
* [http://www-01.ibm.com/support/docview.wss?uid=swg21636385 Best Practices for Managing Baselines]
 +
* [http://www-01.ibm.com/support/docview.wss?uid=swg21506002 How does BigFix determine if a reboot is required (Windows)]
 +
* [[Detect Apple OS X WDE Encryption Status]]
 +
* [https://forum.bigfix.com/t/number-of-times-and-action-has-run-on-a-client Track number of times a user logs into a computer to install/uninstall software]
  
 
= Content =
 
= Content =
 +
== Utilities ==
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Utilities Utilities Download Page]
 +
* [https://forum.bigfix.com/t/identify-what-web-sites-all-the-fixlets-need-access-to/12176/5 Identify which Web Sites all the Fixlets need access to]
 +
 
== Documentation ==
 
== Documentation ==
* [http://www-01.ibm.com/support/docview.wss?uid=swg21976373 List of All Client and Server Settings]
+
=== Videos ===
* [http://www-01.ibm.com/support/docview.wss?uid=swg21978419 List of all current Client Settings as of 2/27/2016] Version <= 9.5
+
* [https://www.youtube.com/channel/UCtoLTyln5per0JYzw1phGiQ/videos YouTube BigFix Tech Advisor Channel]
 +
* [https://www.youtube.com/watch?v=6VMGt0Ml-wA BigFix Beyond the Perimeter Considerations when leveraging a DMZ relay]
 +
* [https://www.youtube.com/watch?v=tXRX3zlw1aQ BigFix PeerNest Introduction]
 +
 
 +
=== Links ===
 +
* [[List of most helpful BigFix links]]
 +
* [https://www.ibm.com/support/knowledgecenter/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_list_of_advanced_options.html Advanced Configuration Options]
 +
* [https://www.ibm.com/support/knowledgecenter/en/SSTK87_9.5.0/com.ibm.bigfix.webui.doc/WebUI/Admin_Guide/c_server_settings_definitions.html WebUI Server Settings Definitions]
 +
* [[IBM BigFix Relay Optimization in Large Environments]]
 +
* [http://support.bigfix.com/bes/install/quickreference-production.html BigFix Quick Reference Page]
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/The%20Basics BigFix Bare Metal OS Deployment]
 +
* [https://forum.bigfix.com/t/create-content-to-install-windows-software-from-scratch How to create a Windows Software Install Fixlet from scratch]
 +
* [https://developer.bigfix.com/ Developer BigFix Documentation]
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Server%20Automation Server Automation]
 +
* [http://www-01.ibm.com/support/docview.wss?uid=swg21616676&myns=swgtiv&mynp=OCSSBQVS&mync=E&cm_sp=swgtiv-_-OCSSBQVS-_-E IBM BigFix Videos]
 +
* [http://www.ibm.com/support/knowledgecenter/SSKLLW_9.5.0/com.ibm.bigfix.inventory.doc/Inventory/admin/t_managing_virtual_machine.html BigFix Inventory - Managing VM managers]
 
* [http://www-01.ibm.com/support/docview.wss?uid=swg21616676 Videos related to IBM BigFix]
 
* [http://www-01.ibm.com/support/docview.wss?uid=swg21616676 Videos related to IBM BigFix]
 
* [http://www-01.ibm.com/support/knowledgecenter/SS8JFY_9.2.0/com.ibm.lmt.doc_9.2/com.ibm.license.mgmt.doc/admin/t_managing_virtual_machine.html Managing VM managers]
 
* [http://www-01.ibm.com/support/knowledgecenter/SS8JFY_9.2.0/com.ibm.lmt.doc_9.2/com.ibm.license.mgmt.doc/admin/t_managing_virtual_machine.html Managing VM managers]
 
* [http://www-01.ibm.com/support/docview.wss?uid=swg21974540 DSA replication is failing with named instance databases]
 
* [http://www-01.ibm.com/support/docview.wss?uid=swg21974540 DSA replication is failing with named instance databases]
 +
* [https://forum.bigfix.com/t/bigfix-9-5-documentation-is-now-available-at-the-ibm-knowledge-center/16542 IBM BigFix 9.5 Documents in PDF]
 +
* [[Strings from BESRelay.exe that look like settings]]
 +
* [[Strings from BESClient.exe that look like settings]]
 +
* [https://www.ibm.com/support/knowledgecenter/SSKLLW_9.2.1/com.ibm.bigfix.inventory.doc/Inventory/com.ibm.bigfix.inventory.doc/integration/c_rest_api.html BFI RESTAPI Documentation]
 +
* [http://www.ibm.com/support/knowledgecenter/#!/SSKLLW_9.2.1/com.ibm.bigfix.inventory.doc/Inventory/com.ibm.bigfix.inventory.doc/bfi_pdf_guides.html BigFix Docs in PDF]
 +
* [https://en.wikipedia.org/wiki/List_of_Unicode_characters#Latin_script List of Unicode Characters in Latin Script]
 +
* [http://www-01.ibm.com/support/docview.wss?uid=swg21506197 Unmanaged Assett Scan Importer]
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Asset%20Discovery Unmanaged Asset Scanner Documentation]
 +
* [https://developer.ibm.com/answers/questions/285289/what-does-the-send-refresh-on-the-right-click-menu/ What does the Send Refresh on the right click menu of a computer do in the BigFix Console?]
 +
* [https://forum.bigfix.com/t/common-relevance-error-messages/12985 Common Relevance Error Messgaes]
 +
* [http://www-01.ibm.com/support/docview.wss?uid=swg21616676&myns=swgtiv&mynp=OCSSBQVS&mync=E&cm_sp=swgtiv-_-OCSSBQVS-_-E IBM BigFix Product Videos]
 +
* [[Replacement for use of (now) in Action Scripts]]
 +
* [https://www.ibm.com/support/knowledgecenter/SSKLLW_9.5.0/com.ibm.bigfix.inventory.doc/Inventory/admin/t_configuring_server_settings.html BigFix Inventory - Advanced Server Configuration Settings]
 +
* [http://www.ibm.com/support/knowledgecenter/SS2TKN_9.5.0/com.ibm.bigfix.doc/Platform/Action/c_dynamic_downloading.html Dynamic Downloads]
 +
* [https://forum.bigfix.com/t/pipe-character-in-relevance/18962 Use of the PIPE character in relevance]
 +
* [https://developer.bigfix.com/action-script/reference/execution/override.html?cm_mc_uid=53326115818414110123250&cm_mc_sid_50200000=1493600088 Override Action Script Command]
 +
* [https://forum.bigfix.com/t/disable-webui-session-timeout/22379/2 Disable WebUI Session Timeout]
 +
* [https://www.youtube.com/watch?v=Fy4JWW5qLaY&list=PLQoa632FcODTQk-mpZ9HYwzoEoms1zGaG YouTube Videos about BigFix]
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli+Endpoint+Manager/page/Autoselection+Failsafe+Controls Autoselection Failsafe Controls]
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Server%20Migration Server Migration]
  
 
== Diagnostics ==
 
== Diagnostics ==
 
* [https://forum.bigfix.com/t/why-does-a-bigfix-client-sometimes-take-a-long-time-to-do-its-thing/15944 Why does a BigFix client sometimes take a long time to do its thing]
 
* [https://forum.bigfix.com/t/why-does-a-bigfix-client-sometimes-take-a-long-time-to-do-its-thing/15944 Why does a BigFix client sometimes take a long time to do its thing]
 +
 +
== DSA Server ==
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli+Endpoint+Manager/page/Distributed+Server+Architecture Distributed Server Architecture]
 +
* [http://blog.viftech.com/ibm-bigfix-distributed-server-architecture-dsa-installation-and-configuration/ IBM BigFix Distributed Server Architecture DSA Installation and Configuration]
 +
* [https://forum.bigfix.com/t/adding-dsa-server/7728 Adding DSA server]
 +
* [[DSA Configuration Considerations]]
 +
* [[Switching the Master Server (Windows)]]
 +
* [https://www.ibm.com/support/knowledgecenter/en/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_recovery_dsa_windows.html DSA Recovery - Windows]
 +
* [[Using DSA to replace a BigFix Server]]
 +
* [[BigFix Server Migration]]
 +
 +
== SCM & SCA Server ==
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/SCM%20and%20SCA SCM and SCA]
 +
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#/wiki/Tivoli%20Endpoint%20Manager/page/Synchronize%20Custom%20Checks%20wizard Synchronize Checks Wizard]
 +
* Create the check lists using the Wizards and then as the checklists are updated, there are other wizards that can be used to keep them updated.
 +
 +
== Performance ==
 +
* [http://www.ibm.com/support/knowledgecenter/SS63NW_9.5.0/com.ibm.bigfix.doc/Platform/Config/c_filldb_batch_rate.html Configure FillDB Batch Rate]
 +
* [https://forum.bigfix.com/t/filldb-buffer-directory-size-need-to-increase/18263/3 Forum Discussion on FillDB Performance]
  
 
== Utilities ==
 
== Utilities ==
Line 50: Line 297:
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Relays.dat%20Parser Relays.dat Parser]
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Relays.dat%20Parser Relays.dat Parser]
 
* [https://github.com/google/macops-planb/blob/master/README.md Mac Ops Plan B]
 
* [https://github.com/google/macops-planb/blob/master/README.md Mac Ops Plan B]
 +
* [https://www.ibm.com/support/knowledgecenter/SS63NW_9.5.0/com.ibm.bigfix.lifecycle.doc/Lifecycle/SWD_Users_Guide/c_migrate_software_repositories.html Migrate Software Repositories]
  
 
== Logging Documentation ==
 
== Logging Documentation ==
* [http://www-01.ibm.com/support/docview.wss?uid=swg21505914 Enable Web Report Logging]
+
* [https://help.hcltechsw.com/bigfix/9.5/platform/Platform/Web_Reports/c_logging_web_reports.html Enable Web Report Logging]
 +
 
 +
== Client ==
 +
* [[Client Settings]]
  
 
== Service Now Items of Note ==
 
== Service Now Items of Note ==
* TASK1086082 - Requested access to Server 2012R2 ISO
 
 
* RITM0819411/REQ0812148 - Requested DMZ Server for BigFix/Service-Now Test/Dev
 
* RITM0819411/REQ0812148 - Requested DMZ Server for BigFix/Service-Now Test/Dev
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/TEM%20SOAP%20API Tools to interact with BigFix SOAP API]
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/TEM%20SOAP%20API Tools to interact with BigFix SOAP API]
* [https://forum.bigfix.com/t/servicenow-anyone/2165/10 FOrums.BigFix.com posting about ServiceNow]
+
* [https://forum.bigfix.com/t/servicenow-anyone/2165/10 Forums.BigFix.com posting about ServiceNow]
 +
* [https://forum.bigfix.com/t/bigfix-service-now-integration-to-invoke-tasks/25708 ServiceNow Integration with BigFix]
 +
* [[BigFix Service Now Integration]]
  
 
== OS Deployment ==
 
== OS Deployment ==
 
* [https://forum.bigfix.com/t/windows-10-in-place-upgrade-feature-is-available-for-bigfix-os-deployment-3-9/16004 OSD 3.9 Announcement]
 
* [https://forum.bigfix.com/t/windows-10-in-place-upgrade-feature-is-available-for-bigfix-os-deployment-3-9/16004 OSD 3.9 Announcement]
 +
 +
== SOAP API ==
 +
* [https://www.ibm.com/developerworks/community/blogs/e9d21113-aa93-467e-ac77-a0d20a21eaec/entry/Session_Relevance_Computer_Properties_query_Efficiency?lang=en Session Relevance Computer Propeties query efficiency]
  
 
== REST API Content ==
 
== REST API Content ==
* https://forum.bigfix.com/t/baselines-and-restapi-what-gives/11940
+
* [https://developer.bigfix.com/rest-api/?cm_mc_uid=60572419972114097627739&cm_mc_sid_50200000=1477054178 The BigFix REST API]
* https://forum.bigfix.com/t/example-in-vb-net-soap-api/12051
+
* [https://forum.bigfix.com/t/baselines-and-restapi-what-gives/11940 Baselines and RestAPI, What Gives?]
 +
* [https://forum.bigfix.com/t/example-in-vb-net-soap-api/12051 SOAP API Example in VB]
 +
* [https://forum.bigfix.com/t/need-help-with-a-relevance-statement/16561/2 Relevance to export all properties for all computers]
 +
* [https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910/entry/session_relevance_analyses_results_and_the_rest_api?lang=en Session Relevance, Analyses results and the Rest API]
  
 
== IBM AIX Support in BigFix ==
 
== IBM AIX Support in BigFix ==
Line 76: Line 334:
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Using%20WOW64%20Redirection Using WOW64 Redirection]
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Using%20WOW64%20Redirection Using WOW64 Redirection]
 
* [https://forum.bigfix.com/t/working-to-detect-and-remove-the-edellroot-malicious-root-certificate Detect and Remove malicious eDell root certificate]
 
* [https://forum.bigfix.com/t/working-to-detect-and-remove-the-edellroot-malicious-root-certificate Detect and Remove malicious eDell root certificate]
 +
* [[IBM BigFix Secure Parameters]]
  
 
== Interesting items ==
 
== Interesting items ==
 +
* '(ids of it, values of results of it) of bes properties whose (name of it = "Last Logged on User")'
 
* [[Is today the 2nd Tuesday of the month]]?
 
* [[Is today the 2nd Tuesday of the month]]?
 
* [https://forum.bigfix.com/t/looking-up-information-on-deleted-actions/15041 Undelete Actions via SQL commands]
 
* [https://forum.bigfix.com/t/looking-up-information-on-deleted-actions/15041 Undelete Actions via SQL commands]
Line 90: Line 350:
 
* [[Terminal Services Recommended Settings]]
 
* [[Terminal Services Recommended Settings]]
 
* [http://bigfix.me/analysis/details/2994754 BitLocker Analysis]
 
* [http://bigfix.me/analysis/details/2994754 BitLocker Analysis]
 +
** [https://bigfix-wiki.hcltechsw.com/blogs/bradsexton/entry/Bigfix_Encrypt_your_devices_with_Bitlocker?lang=en_us BigFix - Encryption with Bitlocker is easier now!]
 +
** [https://help.hcltechsw.com/bigfix/10.0/mcm/MCM/Config/c_windows_bitlocker.html Windows BitLocker]
 
* [http://bigfix.me/analysis/details/96 BitLocker Events from Logs]
 
* [http://bigfix.me/analysis/details/96 BitLocker Events from Logs]
 
* [http://bigfix.me/fixlet/details/3959 Adjust Console Timeout settings to prevent Error 28's]
 
* [http://bigfix.me/fixlet/details/3959 Adjust Console Timeout settings to prevent Error 28's]
Line 103: Line 365:
 
* [https://forum.bigfix.com/t/deploying-clients-that-wont-be-able-to-talk-to-the-iem-server/13528/5 Deploying clients that won't be able to talk to the IEM server]
 
* [https://forum.bigfix.com/t/deploying-clients-that-wont-be-able-to-talk-to-the-iem-server/13528/5 Deploying clients that won't be able to talk to the IEM server]
 
* [https://forum.bigfix.com/t/mac-client-install/12642/3 Forum post about Mac Client installation issues]
 
* [https://forum.bigfix.com/t/mac-client-install/12642/3 Forum post about Mac Client installation issues]
 +
* [http://www-01.ibm.com/support/docview.wss?uid=swg21505838 Can I automatically assign a TEM Client a particular relay at installation time?]
  
 
=== Client Configuration Content ===
 
=== Client Configuration Content ===
Line 154: Line 417:
  
 
== Documentation ==
 
== Documentation ==
 +
* [[List of most helpful BigFix links]]
 +
* [https://www.ibm.com/support/knowledgecenter/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_list_of_advanced_options.html List of Advanced Configuration Options]
 +
* [https://www.ibm.com/support/knowledgecenter/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Config/c_config_stngs_overview.html Client Configuration Settings]
 +
* [[IBM BigFix Relay Optimization in Large Environments]]
 
* [ftp://public.dhe.ibm.com/software/tivoli/IEM/9.2/ FTP Server with the BigFix 9.2 Documentation in PDF format]
 
* [ftp://public.dhe.ibm.com/software/tivoli/IEM/9.2/ FTP Server with the BigFix 9.2 Documentation in PDF format]
 
* [https://forum.bigfix.com/t/bigfix-documentation-resources/12540 JGStew keeps a page with Documentation links on it]
 
* [https://forum.bigfix.com/t/bigfix-documentation-resources/12540 JGStew keeps a page with Documentation links on it]
Line 179: Line 446:
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Relays.dat%20Parser Relays.dat Parser]
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Relays.dat%20Parser Relays.dat Parser]
 
* [https://forum.bigfix.com/t/relay-server-linux-redhat-or-windows-server-2012-r2/15507 FORUM: Windows or Linux Relay]
 
* [https://forum.bigfix.com/t/relay-server-linux-redhat-or-windows-server-2012-r2/15507 FORUM: Windows or Linux Relay]
 +
* [https://www.ibm.com/support/knowledgecenter/en/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_list_of_advanced_options.html List of Advanced Options]
 +
 +
== WebUI Documentation ==
 +
* [https://www.ibm.com/support/knowledgecenter/SSTK87_9.5.0/com.ibm.bigfix.webui.doc/WebUI/Admin_Guide/WebUI_admin_guide.html WebUI Administration Guide]
 +
* [https://www.ibm.com/support/knowledgecenter/SSTK87_9.5.0/com.ibm.bigfix.webui.doc/WebUI/Users_Guide/WebUI_users_guide.html WebUI Users Guide]
 +
* [https://www.ibm.com/support/knowledgecenter/SS63NW_9.5.0/com.ibm.bigfix.lifecycle.doc/ssa_install.htmlSelf Service Application Installation & Configuration Guide]
 +
* [https://www.ibm.com/support/knowledgecenter/SS63NW_9.5.0/com.ibm.bigfix.lifecycle.doc/Lifecycle/Self_Service_Application/SSA_Device_Owners_Guide/c__intro_to_ssa_for_device_owners.html Managing BigFix Offers on Your Device]
 +
* [https://www.ibm.com/support/knowledgecenter/SSTK87_9.5.0/com.ibm.bigfix.webui.doc/WebUI/Users_Guide/c_get_started_with_patches.html Automatic Patching]
  
 
== IEM Component Articles ==
 
== IEM Component Articles ==
Line 194: Line 469:
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Creating%20a%20Null%20Session%20Share Null Session Shares] (not a good idea!)
 
* [https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Creating%20a%20Null%20Session%20Share Null Session Shares] (not a good idea!)
 
* [https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910/entry/A_quick_look_at_the_IBM_Endpoint_Security_Strategy?lang=en A quick look at the IBM Endpoint Security Strategy]
 
* [https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910/entry/A_quick_look_at_the_IBM_Endpoint_Security_Strategy?lang=en A quick look at the IBM Endpoint Security Strategy]
 +
* [https://developer.ibm.com/answers/questions/368491/how-can-i-clean-out-and-reset-my-bigfix-relay/ How can I clean out and reset my BigFix Relays]
 +
* [[Clean and Reset IBM BigFix Relays]]
 +
* [[IBM BigFix Custom Repositories]]
  
 
= Projects =
 
= Projects =
Line 203: Line 481:
 
* [http://www-03.ibm.com/certify/tests/eduC2150-521.shtml IBM BigFix Certification]
 
* [http://www-03.ibm.com/certify/tests/eduC2150-521.shtml IBM BigFix Certification]
  
[[Category:IBM Endpoint Manager]]
+
== Blogs ==
 +
* [https://www.ibm.com/developerworks/community/blogs/e9d21113-aa93-467e-ac77-a0d20a21eaec BigFix Relevance musings]
 +
* [https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910 BigFix]
 +
 
 +
= Notes =
 +
* https://forum.bigfix.com/t/add-custom-property-to-relevance-query/26111
 +
 
 
[[Category:BigFix]]
 
[[Category:BigFix]]
 +
[[Category:Tivoli Endpoint Manager]]
 +
[[Category:IBM Endpoint Manager]]
 +
[[Category:IBM BigFix]]
 +
[[Category:Work]]

Latest revision as of 16:12, 19 August 2024

What is BigFix

Short Answer

BigFix is a "Agent Based" system used to securely manage computers without needing to constantly visit each computer.

Long Answer

BigFix is a "Client/Server" based system of managing remote computers. Member computers need to be connected to the network, and can be managed anywhere in the world as long as they are actively connected to a network where they can reach a Relay or the BigFix server. The Server and Clients use Relays as "store and forward" devices to allow a huge amount of computers to be managed by a single BigFix implementation. Console Operators can deploy software to remote computers, including OS Patches and Software installation packages. Authorized Console Operators can create custom Fixlets and Tasks to perform any task on remote computers that can be scripted. Management of Computers can be distributed between multiple "Console Operators" and different levels of access can be assigned via the Role objects.

Components

  • BigFix Servers
  • Console Operators
  • Roles
  • Sites
  • Relays
  • Clients
  • WebUI Server
  • Web Report Server
  • Fixlets/Tasks
  • Analyses
  • Actions

HCL Content

HCL Recently bought BigFix from IBM. This means most all of the links below will need to change. (!!) Perfect time to clean things up and re-organize the collection!

These links are from a recent posting on the Forums and should be a good starting point to fixing the rest of the links.

According to the Forum post, Internet Explorer is NOT supported at the above links.

According to HCL, they are working on providing updated PDF forms of the documentation.

HCL BigFix Technology Partner information can be found HERE

V10 Cloud Functions

Sites

Subjects

Items to Remember

  • RITM2586103 - New Project request so I can get a new VM for the BigFix Test environment. Freaking stupid that I have to request a whole project just to get a new VM for the Test Environment of a FUNCTIONAL system.
  • How will IBM BigFix Patch address new servicing models for Windows 7 and 8.1? (Broken)
  • KB0024021
  • TASK1728858 - Relay Refresh with X3250 and RS140's.
  • RITM1309391 - Decommission request for DEMO & CON1
  • BigFix WebUI
  • RITM1518487 - New DMZ Relay
  • RITM1518488 - New DMZ Relay
  • Root Server Hardware Specs - Discussion about running in a VM
  • TASK2593699 - Requesting Service Account for WebUI DB access.
  • TASK2597919 - Requesting Service Account SQL access required for WebUI functionality based on documentation from IBM.
  • RITM2013089 - SSL Request for Test Environment
  • RITM2118451 - Restore Firewall rule for Relays in DMZ (restoring access from Internet on port 52311)
  • 7Zip 18.05 x64 Update
  • PRJ0064377 - Relay Project
  • KB0029526 - DHTS Work Instructions on Clearing/Resetting a BigFix Relay
  • RITM2240495 - Technical Bridge request for DNS change as part of the switch from Physical to Virtual BigFix servers.
  • Using DSA to replace a BigFix Server
  • KB0030524 - Procedure to generate and install an SSL Cert for the Web Reports server.
  • RITM2589542 - New Cert for ILMT Server
  • PRJ0080342 - Rebuild BigFix Test Environment
  • RITM2638250 - Decommission VML-TEM-ILMT and VML-TEM-DB2
  • RITM2688193 - Request new PACE Relay
  • RITM2688192 - Request new PACE Relay
  • RITM2759511 - Firewall request to allow Server communications into the dc-dhts-non-clinical VRF
  • INC2496211 - Problem adding Group Manager Groups to Local Administrator Groups via Command Line NET LOCALGROUP commands and Power Shell.
  • RITM3374423 - Requested SQL Server be installed on the new SCA server.
  • RITM3380791 - New Project Request for Microsoft SCCM POC
  • RITM3405803 - Decommission two DMZ Relay servers
  • CHG0184584 - Change to Remove BigFix Inventory from Production Environment
  • TASK3771248 - Task to create a "Universal" Encryption property in BigFix for reporting purposes.
  • RITM3835378 - F5 VIP Request for BF-Core
  • Microsoft Windows Update Resources
  • CS0295243 - HCL ticket about systems cycling between Evaluating, Pending Download, and not Relevant.
  • RITM4462525 - New ILMT SSL Cert Requested
  • RITM4512395 - New WebUI SSL Cert Requested
  • RITM5054521 - New WebUI SSL Cert Requested (2023)
  • RITM5503316 - Decommissioning 4 Remote Relay Servers running 2012R2
  • RITM5523128 - New WebReports SSL Cert Requested (2024/01/10)
  • RITM5687282 - New ILMT SSL Cert Request (2024/03/07)
  • RITM5913381 - Firewall Requests for ILMT

Active Issues

Tutorials and Training Material

Items to investigate further

Integrations

Diagnostics

Current Issues

Remote Site Relay Hardware

I need to spec out hardware for Relays to place at "Remote" locations. These systems don't need to have massive processors or tons of RAM, they just need a decent network connection, and they need to be cheap.

After a little Googling I found these systems ...

Our Facilities Manager doesn't like them because they don't have Dual Power Supplies. My thought is "that's fine", I plan to use them in an N+1 configuration for each location anyway. If there is even dual power available at a location, we can always connect the even numbered units to one leg of power and the odd numbered units to the other leg of power. If power fails at a site, my guess is most of the workstations will go with it, and there won't be a huge need for the Relays ANYWAY.

The Solutions

It looks like it's going to be a combination of both the RS140 and the X3250 from Lenovo.

  • Lenovo RS140
    • Low Cost
    • Mountable in 2 post rack systems (TelComm Racks)
    • Single Power Supply
  • Lenovo X3250-m5
    • Low Cost
    • Mountable in standard server racks
    • Dual Power Supplies available as an option

History

The search for inexpensive rackable computers with Dual Power Supplies until I can convince someone it's a bad idea.

Relevance

I Want to ...

Content

Utilities

Documentation

Videos

Links

Diagnostics

DSA Server

SCM & SCA Server

  • SCM and SCA
  • Synchronize Checks Wizard
  • Create the check lists using the Wizards and then as the checklists are updated, there are other wizards that can be used to keep them updated.

Performance

Utilities

Logging Documentation

Client

Service Now Items of Note

OS Deployment

SOAP API

REST API Content

IBM AIX Support in BigFix

Custom Content Creation

Interesting items

Client Installation Information

Client Configuration Content

Creating Custom Content

  • exists keys "HKEY_LOCAL_MACHINE\SOFTWARE\Sassafras\Install\KeyAccess" of (x64 registries; x32 registries)

Documentation

WebUI Documentation

IEM Component Articles

Tools that might be useful

Pages about odd information

Projects

Support Links

Blogs

Notes