Welcome
Installation Guide
Learn the system requirements, licensing and installation instructions, and how to configure and maintain BigFix.
Installing on Linux systems
After understanding the terms and the administrative roles, you are ready to actually get authorized and install the programs.

BigFix Documentation Homepage
BigFix 10 Platform Documentation
Welcome to the BigFix Platform documentation, where you can find information about how to install, maintain, and use BigFix.
Detailed system requirements
The content of this page has moved to the HCL Support site. You will be redirected shortly. If the auto-redirect fails for some reason, use this link: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0087327.
Platform guides in PDF format
Following is a list of links to the BigFix Platform user guides in PDF format:
Common Criteria Certification
BigFix 10.0.1.41 complies with the requirements of the standard ISO/IEC 15408 (Common Criteria) v. 3.1 for the assurance level: EAL2
Getting Started
Use this section to become familiar with BigFix infrastructure and key concepts necessary to understand how it works.
HTTPS across BigFix applications
This topic describes how the SSL/HTTPS communication works in BigFix applications and links the tasks on how to configure it.
Installation Guide
Learn the system requirements, licensing and installation instructions, and how to configure and maintain BigFix.
- Introduction
  BigFix aims to solve the increasingly complex problem of keeping your critical systems updated, compatible, and free of security issues. It uses patented Fixlet technology to identify vulnerable computers in your enterprise. With just a few mouse-clicks you can remediate them across your entire network from a central console.
- BigFix Platform Unicode Support Overview
  BigFix Platform V10 gathers data from BigFix clients deployed with different code pages and languages, encode the data into UTF-8 format, and report it back to the BigFix server.
- Sample deployment scenarios
  The following deployment scenarios illustrate some basic configurations taken from actual case studies.
- Requirements and assumptions
  BigFix runs efficiently using minimal server, network, and client resources.
- Types of installation
  Before you install the product, decide if you want to do an evaluation or production installation.
- Managing licenses
  You must obtain a license key before you can install and use BigFix.
- Before installing
  Before running the installation make sure that you read the following topics and run the requested activities if needed.
- Installing on Windows systems
  Now that you understand the terms and the administrative roles, you are ready to get authorized and install the programs.
- Installing on Linux systems
  After understanding the terms and the administrative roles, you are ready to actually get authorized and install the programs.
  - Installing and configuring DB2
    Depending on which version of DB2 you want to install, you install DB2 either before installing the BigFix server or at the same time.
  - Downloading BigFix
    Download BigFix from HCL License & Delivery Portal (Flexnet).
  - Performing an evaluation installation
    To install a BigFix server with an evaluation license on Linux, perform the following steps:
  - Installation Command Options
    You can run the Production or Evaluation installation in interactive or silent mode.
  - Installing the components
  - Installation Folder Structure
    After the BigFix installation, you can see the following folder structure.
  - Configuration, Masthead, and Log Files
    At the end of the installation you can find the following BigFix files containing the settings of the installed components and the installation messages.
  - Managing the BigFix Services
    Procedure to manage the services.
  - Changing the DB2 port
  - Removing the BigFix components from Linux
    You can have one or more BigFix components installed on a local system and you can decide to remove one or all of them at the same time.
  - DSA on Linux
- Installing the clients
  Install the BigFix client on every computer in your network that you want to administer, including the computer that is running the console.
- BigFix Administration Tool
  The BigFix Administration Tool, also called BESAdmin, is the tool we use to perform configuration changes and maintenance operations.
- Post-installation configuration steps
  After having run the installation, make sure that you read the following topics and run the requested activities if needed.
- Managing relays
  Relays can significantly improve the performance of your installation.
- Introduction to Tiny Core Linux - BigFix Virtual Relay
  Follow the step-by-step sequence of operations needed to build the virtual machine, from the downloading of the ISO image to the complete setup and configuration of the BigFix Virtual Relay.
- Setting up a proxy connection
  If your enterprise uses a proxy to access the Internet, your BigFix environment can use that communication path to gather content from sites.
- Running backup and restore
  You can schedule periodic backups (typically nightly) of the BigFix server and database files, to reduce the risk of losing productivity or data when a problem occurs by restoring the latest backup.
- Upgrading
  The steps to upgrade the BigFix Platform.
- SQL Server parallelism optimization
  The performance of an SQL Server database instance can often be improved by small tweaks. Performance might also be hindered by simple oversights. In fact, some SQL Server parallelism settings have suboptimal default values. Moreover, they have to be re-tuned after an hardware upgrade. Other issues might arise from inadvertent hardware configurations, especially when SQL Server is hosted on a virtual machine (VM).
- Known limitations and workarounds
  This section describes the known limitations and possible workarounds.
- Logging
  This section describes the log files associated with the BigFix components.
- Uninstalling the BigFix client
  To uninstall the BigFix client installed on the various operating systems, see the following sections.
Configuration Guide
Learn how to configure BigFix according to your needs.
Console Operator's Guide
Learn how to work with the BigFix Console.
Asset Discovery User's Guide
Learn how BigFix Asset Discovery works.
Web Reports Guide
Learn how the Web Reports feature extends the power of BigFix.
WebUI User's Guide
Read this guide for an introduction to the WebUI tools, concepts, and terminology.
WebUI Administration Guide
Read this guide for information about installing and administering the WebUI.
Glossary
This glossary provides terms and definitions for the Modern Client Management for BigFix software and products.

Installing on Linux systems

After understanding the terms and the administrative roles, you are ready to actually get authorized and install the programs.

Because BigFix is powerful, you might want to limit access to trusted, authorized personnel only. The program depends on a central repository of Fixlet actions called the Action site, which uses public/private key encryption to protect against spoofing and other unauthorized usage. To get started, you need authorization from HCL by getting a License Authorization file, which will have a name like CompanyName.BESLicenseAuthorization.

Note: If you run a fresh installation of BigFix V9.5.6 or later using the License Authorization file, be aware that limitations apply in managing Clients earlier than V9.0 and in using Relays earlier than V9.5.6. This is due to the introduction of two security enforcement services that are enabled, in this specific scenario, by default. You can change this behavior after the installation completes by changing the values assigned to minimumSupportedClient and minumumSupportedRelay as described in BESAdmin Linux Command Line.

The installation program collects further information about your deployment and then creates a file called the action site masthead. This file establishes a chain of authority from the BigFix root all the way down to the Console operators in your organization. The masthead combines configuration information (IP addresses, ports, and so on) and license information (how many Clients are authorized and for how long) together with a public key used to verify the digital signatures.