BigFix 11 Compliance Documentation
Welcome to the BigFix Compliance documentation, where you can find information about how to install, maintain, and use BigFix Compliance.
Compliance Overview
BigFix Compliance helps support endpoint security throughout your organization.
Compliance Guides in PDF format
Following is a list of links to the BigFix Compliance user guides in PDF format:
SCM Checklists Guide
This SCM Checklists page provides information about the compliance checklists supported by BigFix Compliance, including frameworks, supported platforms, and checklist versions.
Compliance Setup Guide and User Guide
BigFix Compliance Analytics is a web-based application designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
BigFix Compliance Analytics User Guide
BigFix Compliance Analytics is a component of BigFix Compliance, that includes technical controls and tools that are based on industry practices and standards for endpoint and server security configuration.
Configuration Management (SCM)
BigFix Compliance Configuration Management (SCM) includes configurable content such as checks and checklists, which assess and manage devices to ensure compliance standards are met.
Configuration Management for Console User Guide
Configuration management (SCM) is used to manage the security configuration of devices using checklists, which includes creating custom checklists, customizing individual checks, synchronizing, and deploying checklists to devices.
Security Configuration Management for WebUI User Guide
Security Configuration Management (SCM) App in WebUI continuously assesses and manages the device for security misconfiguration and deviation, which enables operators to deploy remediation actions to ensure the device meets compliance standards.
Client Manager for Endpoint Protection
BigFix Compliance CMEP is an effective tool to monitor the deployment and health status of various Endpoint Protection products and provide quick remediation actions to recover needed endpoint protection.
Client Manager for Endpoint Protection (CMEP) for Console User Guide
BigFix CMEP allows administrators to centrally manage and monitor supported third-party endpoint protection products.
Client Manager for Endpoint Protection (CMEP) Application in WebUI User Guide
With the CMEP Application in WebUI, you can manage endpoint security clients from third-party vendors. Refer to the Compliance/CMEP_WebUI_Users_Guide/c_cmepwebui_sysreqandprereq.html for vendor products.
BigFix Client Compliance
This guide describes the BigFix Client Compliance and its solutions (BigFix Client Compliance Configuration and BigFix Client Compliance Windows (IPSec Framework)) which helps in maintaining the compliance status of the computers.
BigFix Client Compliance Configuration
BigFix Client Compliance Configuration allows you to deploy client compliance document to a set of computers. You can also create a new policy document using BigFix Client Compliance Configuration Wizard.
BigFix Client Compliance Windows (IPSec Framework)
The BigFix Client Compliance Windows (IPSec Framework) Fixlet site provides self-quarantine capabilities using the BigFix Client Compliance extension. In this solution, the BES Client restricts or enables inbound and outbound network connectivity based on the compliance status of the computer (but still passing BES network traffic to allow management of the computer through BES).
Middleware Application Patching
Middleware Application Patching is an important process for organizations to ensure their systems are secure and up to date. By applying the appropriate patches and security updates, organizations can minimize the risk of malicious attacks and potential data loss. BigFix users can enjoy unified patch management by using a single platform for deploying database and middleware patches.
Overview
BigFix provides a comprehensive view of patching activities, helping administrators manage middleware updates efficiently. Middleware Application Patching provides a view of Fixlet fields, offering key insights into available patches and security updates.
Updates for Linux applications - middleware
With Updates for Linux applications - middleware content site, customer can deploy updates to a vast number of third-party middleware applications.
Updates for Windows applications - middleware
With Updates for Windows applications - middleware content site, customer can deploy updates to a vast number of third-party middleware applications.
Multiple Instance Patching Support in Middleware
Managing multiple instances of the Middleware applications requires a structured approach to ensure seamless patching.
Middleware scanner integration
Managing multiple instances of Middleware applications requires a dedicated scanner mechanism to ensure seamless patching. This chapter explains how scanner and patching work, prerequisites, required tasks, scanner operation, configuration management, and removal.
Manual caching
Manual caching refers to manually storing and managing data in a cache. Users can organize patch files in a folder structure or cache them manually.
Using Middleware download plug-in
Middleware plug-in is an executable program that downloads a specific patch from the website of the patch vendors. To make caching easier, Fixlets have a built-in protocol that uses the download plug-in.
Oracle Weblogic
Oracle Weblogic Server is a unified and extensible platform for developing, deploying, and running enterprise applications. Oracle Weblogic Server is a software application that runs on a middleware tier, between back-end databases and related applications and browser-based thin clients.
Oracle Database
An Oracle Database is a collection of data treated as a unit. A database stores and retrieves related information. Oracle DB is widely used and known for its reliability, scalability, and extensive features.
RBI Compliance User Guide
Discover how the RBI Compliance Report provides a centralized and automated reporting solution for monitoring device and Fixlet compliance.
RBI Compliance Report User Guide
The RBI Compliance Report in BigFix is designed to track, assess, and report the organization's adherence to RBI's mandated IT security baselines and audit requirements.
RBI Compliance Scheduler User Guide
Discover how the RBI Scheduler automates the process of refreshing and updating compliance data for RBI reporting. It ensures that the latest compliance results are always available in the RBI Compliance Report, reducing manual intervention, and maintaining audit readiness.
Technical References
Find technical reference material for BigFix® Compliance components. The topics in this section cover release notes, tool specifications, and version details for Compliance components, including Security Configuration Automation Protocol (SCAP), Security Compliance Analytics (SCA), and related tools.
SCAP Release Notes
Use this page to find information about the releases of BigFix® Compliance Security Configuration Automation Protocol (SCAP) tools, including certification details, new features, bug fixes, and SHA256 checksums for released files.
SCA Release Notes
Use this page to find information about the releases of BigFix® Compliance Security Compliance Analytics (SCA), including new features, enhancements, fixed issues, and upgrade instructions.
Glossary
This glossary provides terms and definitions for the BigFix® Compliance software and products.