our solutions

HCL BigFix

HCL BigFix

The Industry’s leading Endpoint Management Platform

BigFix is a powerful endpoint management solution widely used by organizations of various sizes to ensure endpoints are continuously patched, compliant and secure. For each endpoint, BigFix is able to collect a wealth of data including device attributes, patch status, deployment progress, etc. which is collected and stored centrally.


You can further consolidate tools, reduce the number of endpoint agents, and lower your management costs by extending your investment in BigFix Compliance to include other modules in the BigFix family. It allows you to increase your control over with 3 capabilities:

1. BigFix Compliance, continuously enforces configuration compliance with thousands of out-of-the-box security checks aligned with industry-standard security benchmarks. Plus, it delivers advanced vulnerability posture reporting for remediation prioritization.

  • Security Configuration Management, ensure continuous endpoint configuration compliance with effective remediation of configuration drifts. Supports security benchmarks published by CIS, DISA STIG, USGCB, and PCI DSS.
  • Patch Management, deploy patches to distributed and virtual endpoints using Windows, UNIX, Linux and MacOS operating systems and third-party vendors, including Adobe, Mozilla, Apple, and Oracle – regardless of location, connection type or status.
  • Device Discovery, Scan your entire network to identify all IP-addressable devices for pervasive visibility and control with minimal network impact.
  • Compliance Analytics and Reporting, Collect, aggregate, and report on security configuration, patch and vulnerability compliance status of all endpoints against deployed policies. Track vulnerabilities, status and trends to identify security exposures and prioritize remediation.

2. BigFix Lifecycle, IT and Security Operations teams can quickly discover, secure, and manage hundreds of thousands of endpoints within hours or minutes. BigFix Lifecycle delivers the core “must have” endpoint management capabilities that these teams need daily. Lifecycle provides an automated, simplified, patch process that achieves greater than 98% first-pass patch success rates across Windows, UNIX, Linux, MacOS, AWS, Azure, VMware instances, located on and o the enterprise network. All automation and content streams are curated and tested, and once deployed, they are validated. Additionally, BigFix Lifecycle includes OS provisioning, software deployment, remote control, task sequence automation, and PC & Mac power management.

3. BigFix Inventory, This software enables users to discover and analyze applications installed on desktops, laptops, and servers. Drill-down information about software publishers, titles, and applications—down to the version level—also includes aggregated statistics and usage information. BigFix Inventory ddramatically reduce the time required to conduct a comprehensive software asset inventory for license reconciliation or compliance purposes. It provides valuable insight into what the organization owns—and what it has installed but does not own—along with how often the software is being used.

FIX More with Less Effort, with BigFix Modern Client Management.

  1. Most MDMs look the same; BigFix offers a single view for all your managed devices across all management methods.
  2. Dive deeper by viewing your co- managed devices alongside your classic devices.
  3. Combined with Insights BigFix Modern Client Management offers you more automation possibilities

Device Enrollment: Enroll devices via the browser with a link to the enrollment page

  • Welcome email with link.
  • End user supplies their corp credentials.
  • Laptop enrolled in BigFix MCM, (optionally)
  • BigFix traditional agent is pushed.
  • Required corp software is installed, patches are updated, device compliance is established and maintained.

Device Inventory: Whether you’re working in the cloud or on-premises, get a single, comprehensive view of all your endpoints

  • Represents Cloud endpoints
  • Device managed with BigFix Modern
  • Client Management
  • Device managed with the traditional BigFix agent

MDM Policies: You can create, edit, and manage MDM policies on modern endpoints

  • Kernel Extensions
  • Configuring Inactivity Timeout and Passcode settings
  • OSX Activation Lock
  • Configuring Full Disk Access for BigFix Traditional Agent

MDM Actions: You can deploy a set of actions to manage Modern Endpoints

  • Lock Device
  • Wipe Device
  • Restart
  • Shutdown
  • Remove Policy
  • Deploy the traditional BigFix Agent agents

BigFix is built on a unique, highly scalable infrastructure that distributes decision making out to the endpoints. This provides extraordinary functional and performance benefits across the entire BigFix family while reducing the cost of endpoint management and infrastructure complexity. BigFix features:

A single intelligent agent

The BigFix Agent performs multiple functions, including continuous self-assessment and policy enforcement, with minimal impact on system performance. The BigFix Agent initiates actions in an intelligent manner, sending messages upstream to the central management server and pulling patches, configurations, or other information, to the endpoint in real-time. The BigFix Agent runs on more than 90 operating systems across Microsoft Windows, Linux, UNIX, and MacOS.

BigFix Fixlets

BigFix Fixlets are small units of automation that allow IT Teams to simplify their daily operations and focus on more complex operations. BigFix provides more than 500,000 Fixlets out of the box. The BigFix team is continuously updating the Fixlet library, with over 130 content updates a month. BigFix users, business partners, and developers can leverage Fixlets to create custom policies and services for endpoints managed by BigFix. A community library of Fixlets is available on BigFix.me.

Highly scalable architecture.

A single BigFix Management Server can manage up to 250,000 physical and virtual computers, over private or public networks. Managed endpoints may include servers, desktops, roaming laptops, and specialized devices such as Point-Of-Sale (POS) devices, ATMs, and self-service kiosks.

Do More with Multicloud

Cloud endpoints can be easily discovered and viewed alongside traditional endpoints, in a single user interface, with BigFix 10. Knowing what you have is half the battle, and BigFix 10 allows you to go a step further and deploy the BigFix Agent for complete visibility, control, and security of these endpoints. It allows you to manage endpoints running in multiple cloud environments simultaneously – such as Amazon Web Services (AWS), Microsoft Azure, and VMWare – alongside physical and other on-premise endpoints.
BigFix minimizes the cost, time and efford required to discover, manage and secure endpoints in real-time

A single, comprehensive view of all your endpoints, whether they are running in the cloud or on premise

  • Extend BigFix capabilities to the leading cloud providers: Amazon, Azure, Vmware
  • Provide visibility and control for all your endpoints
  • Simplify cloud visibility with native API support
  • Automation to add the BigFix agent to perform patch, compliance, and inventory workflows

Quickly visualize risk while easily finding the endpoint issues that matter most

  1. A new analytic tools for deeper insight into risk and operational efficiency
  2. Powerful Data Repository to ingest data from all BigFix data sources
  3. Integrates data from leading vulnerability and incident response solutions worldwide

Out of the box reports

To demonstrate the benefits of all data consolidated to a single data repository and provide business value out of the box, BigFix Insights leverages Tableau Software® to provide four reports for several important endpoint management areas that many organizations constantly focus on: Patch Rhythm, Device Inventory, OS Migration, and Deployment Progress.

Patch Rhythm, Top down visuals that allow you to assess at-a-glance how well you are protecting the business

  • Patch Rhythm addressing 4 key areas; Patch Exposure with timeline, Patch Exposure by Severity/Age, Exposures by Category, Exposures by Vendor
  • High level and insightful data summaries, grouped by different criteria
  • Quick drill-down to specific areas with filtering directly on the criteria
  • Concise view of your exposure to vulnerabilities as a multiple of endpoints and applicable patches

Device Inventory, Provide a view of all devices so that you can prioritize migrations from soon to be out of support operating systems

  • Reports addressing 4 key areas; Device Overview, Last Report Time by Device Type, Groups Overview, OS by Version
  • Device types by server vs workstation, hardware vs cloud/virtual, mobile vs stationary
  • Drill down to level of detail desired/required
  • Understand where your investment is regarding OS vendors

Operating System Migrations, Provide a clear view of OS migration efforts

  • Reports addressing 3 key areas; OS Migrations, Groups Overview, OS Overview
  • Clear understanding of the volume of effort to date and effort needed to complete migration

Deployment Progress, Provide a measure of success for patch or software upgrade efforts with an enterprise view for executives

  • Addresses 4 key areas; Successful Deployment Over Time, Success Rate, By Group, Application Type