Architectural components overview
The BigFix system has the following main components:
- BigFix agents:
They are installed on every computer that you want to manage using BigFix. A computer on which the BigFix agent is installed, is also referred to as client. Clients access a collection of Fixlets that detects security exposures, incorrect configurations, and other vulnerabilities. The client can implement corrective actions received from the console through the server. The BigFix client runs undetected by users and uses a minimum of system resources.
BigFix also allows the administrator to respond to screen prompts for those actions that require user input. BigFix clients can encrypt their upstream communications, protecting sensitive information. BigFix client software can run in Windows, Linux, Solaris, HP-UX, AIX, and Macintosh operating systems.
- BigFix servers:
- Offer a collection of interacting services, including application
services, a web server, and a database server, forming the heart of
the BigFix system.
They coordinate the flow of information to and from individual computers
and store the results in the BigFix database.
The BigFix server
components operate quietly in the background, without any direct intervention
from the administrator. BigFix servers
also include a built-in Web Reporting module
to allow authorized users to connect through a web browser to view
all the information about computers, vulnerabilities, actions, and
more. BigFix supports
multiple servers, adding a robust redundancy to the system.Note: On Windows the BigFix V9.2 server and Web Reports components support only 64 bit architecture. For information about the complete list of operating systems supported, see IBM Endpoint Manager for Lifecycle Management 9.2.
- BigFix relays:
- Increase the efficiency of the system. Instead of forcing each networked computer to directly access the BigFix server, relays spread the load. Hundreds to thousands of BigFix clients can point to a single BigFix relay for downloads, which in turn makes only a single request to the server. BigFix relays can connect also to other relays, further increasing efficiency. A BigFix relay need not be a dedicated computer; the software can be installed on any Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Red Hat Enterprise Linux 4,5,6,7, or Solaris 10, computer with the BigFix agent installed. As soon as you install a BigFix relay, the clients in your network can automatically discover and connect to them.
- BigFix consoles:
- Join all these components together to provide a system-wide view
of all the computers in your network, along with their vulnerabilities
and suggested remedies. The BigFix console
allows an authorized user to quickly and simply distribute fixes to
each computer that needs them without impacting any other computers
in the network. You can run the BigFix console
on any Windows Vista 64-bit, Windows Server 2008 64-bit, Windows 7
64 bit, Windows Server 2008 R2 64-bit, Windows 8 64-bit, Windows 8.1
64-bit, Windows Server 2012 64-bit, Windows Server 2012 R2 64-bit computer that has network access
to the BigFix server.
Consoles for large deployments are often hosted from Terminal Servers
or Citrix Servers.Note: On Windows, the BigFix V9.2 console component supports only the 64 bit architecture.