Welcome
Remote Control
BigFix Remote Control application helps to communicate between different components, clients, and endpoints within BigFix environment.
Remote Control Installation Guide
By using Remote Control you can remotely support and control thousands of PCs and servers, on an enterprise scale, from a central location or directly, in peer to peer mode.
Federal information processing standard (FIPS 140-2) compliance in Remote Control
The US Federal information processing standard 140-2 (FIPS 140-2) is a cryptographic function validation program that defines security standards for cryptographic modules that are used in IT software.
Enabling FIPS compliance on the controller
The Remote Control controller is a Java™ application that requires a FIPS certified cryptographic provider when FIPS compliance is enabled. In FIPS-compliant mode the Remote Control controller supports the BC-FJA (Bouncy Castle FIPS Java API) with the IBM Semeru Runtime Open Edition JRE on Windows, Linux and MacOS.

BigFix Documentation Homepage
BigFix 11 Lifecycle Documentation
Welcome to the BigFix Lifecycle documentation, where you can find information about how to install, maintain, and use BigFix Lifecycle.
BigFix Platform
BigFix Query
Lifecycle overview
BigFix Lifecycle is single-agent, single-console technology that provides near real-time visibility into the state of endpoints.
Lifecycle guides in PDF format
Following is a list of links to the BigFix Lifecycle guides in PDF format:
Software Distribution
Use the BigFix Software Distribution applications to deploy software to endpoints across your network from a single location. Maintain control and visibility into software delivery and installation. Device owners can use the Self Service Application to manage software and other BigFix actions that are deployed to them as offers.
OS Deployment
BigFix OS Deployment, which is part of the BigFix Lifecycle Management suite, provides a consolidated, comprehensive solution to quickly deploy new workstations and servers throughout a network from a single, centralized location. This solution saves time and money, enforces a standardized and approved image, and reduces risks associated with non-compliant or insecure configurations.
Remote Control
BigFix Remote Control application helps to communicate between different components, clients, and endpoints within BigFix environment.
- Release notes
  A summary of changed or new features and enhancements included in BigFix Remote Control.
- Remote Control Installation Guide
  By using Remote Control you can remotely support and control thousands of PCs and servers, on an enterprise scale, from a central location or directly, in peer to peer mode.
  - Audience
  - Versions
  - Terms used in this guide
  - Overview of the Remote Control system
  - Get started
    Now that you understand the terms and components available in Remote Control, you can identify which components you need to install:
  - Install the Remote Control components
    The Remote Control components can be installed in two ways. If you have access to the BigFix® console, use a deployment fixlet to install the components.
  - Utility for extracting the component installation files
    Remote Control provides a utility that you can use to extract the installation files that are required for each component.
  - Enable secure target registration
    To prevent unauthorized targets from registering with the Remote Control server, you can enable the secure registration feature and use tokens to authenticate the target.
  - Install the driver for smart card authentication
    The BigFix® Remote Control Target provides an installation option to install a virtual smart card reader driver. You can also install the driver by running a fixlet in the BigFix console.
  - Manage the component services
    After you install the Remote Control components, if you change their configuration, you can stop, start, or restart the component services.
  - Enabling email
  - Configure LDAP
  - Configure TLSv1.3
  - Federal information processing standard (FIPS 140-2) compliance in Remote Control
    The US Federal information processing standard 140-2 (FIPS 140-2) is a cryptographic function validation program that defines security standards for cryptographic modules that are used in IT software.
    - Enable FIPS compliance on the server
    - Enabling FIPS compliance on the controller
      The Remote Control controller is a Java™ application that requires a FIPS certified cryptographic provider when FIPS compliance is enabled. In FIPS-compliant mode the Remote Control controller supports the BC-FJA (Bouncy Castle FIPS Java API) with the IBM Semeru Runtime Open Edition JRE on Windows, Linux and MacOS.
    - Enable FIPS compliance on the target
    - Enabling FIPS compliance on the gateway
      You can enable FIPS compliance on the gateway component by editing the gateway configuration file that is created when you install gateway support.
    - Enabling FIPS compliance on the broker
      You can enable FIPS compliance on the broker component by editing the broker configuration file that is created when you install broker support.
  - NIST SP800-131A compliance in Remote Control
    Remote Control version 10.0.0 components can be configured for NIST SP800-131A compliance.
  - Verifying the server installation
  - Recover from installation errors
  - Uninstall the components
  - Upgrade from previous versions
  - Maintaining the target installation
  - Properties that can be set in the target configuration
    You can configure target properties either during or after installation. The operating system on the target system determines which properties can be configured. The target properties determine the actions that can be carried out during a peer-to-peer session. If you set a server URL and set the Managed property to Yes, the actions are determined by the policies that are set on the Remote Control server.
- Remote Control Administrators Guide
  This guide is for users who want to administer Remote Control.
- Remote Control Console User Guide
- BigFix Remote Control Controller Users Guide
- Remote Control Target Users Guide
- Remote Control On-demand Target Guide
  Use Remote Control to start remote control sessions over the internet with targets that do not have the target software installed.
- Remote Control V10 Readme
Power Management
Use Power Management to control, monitor, and manage conservation policies in your deployment.
Server Automation
Server Automation provides powerful automation. You can use it to sequence automation actions in steps across multiple endpoints.
Profile Management
Profile Management is a WebUI-based feature of BigFix Lifecycle. It provides Security Administrators the capability to define and deploy security policies to Windows 10 and macOS devices.
CVE Search dashboard
BigFix CVE Search dashboard and Web Report are available as part of the CyberFOCUS site.
BigFix Remediate
BigFix MCM

Enabling FIPS compliance on the controller

The Remote Control controller is a Java™ application that requires a FIPS certified cryptographic provider when FIPS compliance is enabled. In FIPS-compliant mode the Remote Control controller supports the BC-FJA (Bouncy Castle FIPS Java API) with the IBM Semeru Runtime Open Edition JRE on Windows, Linux and MacOS.

About this task

Starting from Remote Control Version 10.0 0 Update 6 (Build number 0612 or higher), the controller installation packages include the BC-FJA (Bouncy Castle FIPS Java API) FIPS certified cryptographic provider with the IBM® Semeru Runtime Open Edition JRE. When the controller is started from the Server Managed on OnDemand mode the FIPS compliance is controlled by a setting in the .trcjws start file.

Note: Only required if you are running the controller locally for establishing peer-to-peer sessions.

To set FIPS compliance on the Controller when operating in peer to peer mode update the local configuration as follows:

Edit the trc_controller.cfg file on the system that the controller is installed on.

Windows® systems: [controller install dir]\trc_controller.cfg
Where [controller install dir] is the installation directory that is chosen when you install the controller.
Linux® / UNIX® systems: /opt/bigfix/trc/controller/trc_controller.cfg

Set the fips.compliance property to True and save the file.

Results

Check to see whether the controller is configured for FIPS by completing the following step during a remote control session.

Click Controller tools > Show session information in the controller window.