BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Use BigFix Compliance Analytics (formerly known as Security and Compliance Analytics or SCA) to navigate and explore security configuration check results.
This section shows how you can view the results of PCI DSS compliance at a checklist, checks, and check results levels.
Welcome to the BigFix Compliance documentation, where you can find information about how to install, maintain, and use BigFix Compliance.
BigFix Compliance helps support endpoint security throughout your organization.
Following is a list of links to the BigFix Compliance user guides in PDF format:
BigFix Compliance CMEP is an effective tool to monitor the deployment and health status of various Endpoint Protection products and provide quick remediation actions to recover needed endpoint protection.
BigFix Compliance Configuration Management (SCM) includes configurable content that is checks and checklists, which assess and manages the devices to ensure compliance standards are met.
HCL BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based on the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Complete configuration steps to access the PCI DSS checklists and checks and ensure accurate relevance evaluation on the endpoints.
The check Fixlets in Configuration Management checklists assess an endpoint against a configuration standard. Many check Fixlets have a corresponding analysis, sometimes referred to as measured values, that report the value of the element that the check Fixlet evaluates.
Use any of the supported web browsers to open the web-based application.
Depending on your configuration, the Extract Transform and Load (ETL) process that computes the compliance status of each check and checklist could take a long time. To ensure that you are viewing the latest reports, verify that the imports are configured to run automatically and that a recent import has completed successfully.
BigFix Compliance Analytics displays reports that contain the compliance status of your deployment. Each PCI DSS checklist and its checks are exported periodically into Compliance Analytics.
BigFix Compliance PCI Add-on provides additional reports to show a cumulative compliance state of your endpoints based on the PCI DSS Requirements.
BigFix Compliance PCI Add-on provides additional reports to show a cumulative compliance state of your endpoints based on the PCI DSS Milestones.
Use the Saved Reports feature to retain a specific format for the report without creating the same settings for future use. The displayed columns and filters you used to customize the view are also saved.
You can file for the endpoint to be excluded from the PCI DSS checks if some endpoints require compliance to older policies or standards.
You can find more information about Security Configuration Management and PCI DSS in the following resources.
Security and Compliance Analytics (SCA) is a web-based application designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
QRadar® provides security intelligence for protecting assets and information from advanced threats. BigFix provides a dashboard that is integrated with QRadar®. This dashboard is called the Manage Vulnerable Computers dashboard and is located within the Endpoint Protection domain in BigFix. From this dashboard, you can view enriched vulnerability and risk data, from which you can quickly identify the computers that are most at risk. You can remediate the vulnerabilities that are detected by QRadar® and you can also quarantine or un-quarantine computers.
This guide describes the BigFix Client Compliance and its solutions (BigFix Client Compliance Configuration and BigFix Client Compliance Windows (IPSec Framework)) which helps in maintaining the compliance status of the computers.
The HCL BigFix and Carbon Black integration allows administrators to deploy a full endpoint security solution to detect, contain, investigate, and remediate security threats and attacks on endpoints across the enterprise. The following sections provide useful information and links to the resources available for the solution.
