Years ago, when BigFix was a new entry in the market, it was thought of as a patch management product. Over time the system has evolved into a suite of products that BigFix characterizes as enabling “organizations to see, change and enforce the IT policies of computing devices in real-time at global scale.”
BigFix uses a policy-based approach that allows querying the infrastructure in real time instead of querying a database that may or may not be up to date. Policies can be snapped in easily, so updating or adding policies is no more difficult than updating your TV’s cable box.
This leads to the driving BigFix vision: any device, anywhere, any time. Instead of using a client-server architecture, BigFix pushes the agents to the endpoints. Querying those agents gives a near real time operational view of the network.
The suite is based on a common platform framework. That framework enables security for the enterprise, as well as allowing the management of disparate technologies, all of which are subject to the same set of policies. The single platform manages desktop and server management, IT policy enforcement and anti-threat tools, such as anti-virus, spyware, firewall, etc. The discovery engine is especially robust. Typically, the BigFix discovery engine will identify 50 percent-plus more devices on the enterprise than other similar products.
Some of the functions available with the BigFix suite are vulnerability assessment, data leak prevention, patch distribution, power management, asset discovery, security configuration management and anti-malware. All policies are written in a human-readable policy language and that simplifies managing policies considerably.
AT A GLANCE
What it is: Policy management suite
Vendor: BigFix, Inc. – www.bigfix.com
Innovation: Pervasive presence across the enterprise
What we liked: The “any device, anywhere, any time” approach that allows rapid, simple policy management