Review: BigFix Enterprise Suite Patch Manager

By

This product is part of a larger management system, the BigFix Enterprise Suite (BES).

The patch management system is an arrangement of agents running on the clients. The agents are designed to minimize bandwidth usage and report to the main server, which contains patches downloaded from the Microsoft, McAfee and Symantec websites.


This product is part of a larger management system, the BigFix Enterprise Suite (BES). The installation needs a dedicated server with Internet Information Services running on it. BigFix claims that one server can support up to 75,000 clients.

The core database can be Microsoft SQL Server Desktop Edition (MSDE) 2000 or SQL Server 2000. MSDE is suitable for small deployments. Networks of more than 500 clients would benefit from a SQL Server database. This would be mandatory for dispersed systems where replication facilities are required.

Setup should be approached carefully and methodically and has a series of screens to follow. The Client Deploy Tool is supplied for networks where no suitable deployment engine can roll out the client agents. Once this is done, the server can be allowed to contact the Fixlet Server over the internet to start downloading "fixlet" messages. To avoid scams, this process is policed by a system that digitally signs all messages.

Based on the agent information, patches for each client or grouping are set up in a series of queues for the administrator to monitor. The initial updating of the clients is probably the most intensive patching activity the network will experience. It is good to see facilities for throttling the traffic and scheduling deployment in stages.

Patch Manager handles laptops as well as desktop systems, and policy enforcement removes unsanctioned software applications.

The management console shows details of each patch (downloaded from Microsoft's TechNet website), and reports have graphs to show the state of the network's populace. BigFix Patch Manager supports Sun Solaris and Red Hat Linux.

For:

: Can throttle network traffic and schedule patch deployment in stages.


Against:

: Needs SQL Server for big deployments.


Verdict:

: Can manage patching across a range of operating systems.

Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Sportsbet recruits 'security champions' in shift-left strategy

Sportsbet recruits 'security champions' in shift-left strategy

Log In

  |  Forgot your password?