Jump to main content
BigFix Add-ons
BigFix Documentation Homepage
BigFix AEX
Welcome to the BigFix AEX (Advanced Endpoint Management) documentation.
BigFix AEX
Welcome to the BigFix AEX (Advanced Endpoint Management) documentation.
Release notes
This page provides information about application updates released for HCL BigFix AEX.
AEX Architectural Overview
AEX Developer Guide
AEX Admin Guide
AEX Agent Assist User Guide
AEX Low Code Developer Guide
AEX Mobile App Guide
AEX Providers Global Admin Console Guide
AEX_Super_Users_Global_Admin_Console_Guide
AEX Self-Heal Guide
AEX_Troubleshooting_Guide
AEX Use Case Design Console Guide
Runbook AI (Add-on)
The Runbook AI (Add-on) is designed for both BigFix Runbook AI administrators and end users who are working towards the resolution of IT support tickets. Its primary purpose is to help BigFix administrators to easily monitor the health of their servers and initiate well-informed recovery actions with specialized Runbooks AI.
Introduction
This guide provides you with an overview of BigFix Runbook AI and its features and benefits. It also provides an architectural overview and talks about various configurations and end user activities in brief.
Pre-requisites guide
This guide provides instructions to install the prerequisites required for BigFix Runbook AI. This includes the installation of MongoDB and Solr for both HA (High Availability) and non-HA modes as well as generation of certificates for authentication and authorization purposes.
Installation Guide
This guide provides instructions to install BigFix Runbook AI. It includes the pre-installation and the installation procedures for BigFix Runbook AI. This guide also provides summary material about additional servers and optional post- installations and references to the other documents for detailed information.
Configuration Guide
This guide instructs on how to install and configure BigFix Runbook AI. These instructions also include the configuration procedures for the product.
User Guide
This guide introduces you to the key concepts of BigFix Runbook AI and describes how to use the product. It provides an overview of the end-user interface and instructions to perform different tasks. This guide is intended for the BigFix Runbook AI end-users working towards resolution of IT support tickets.
API Guide
BigFix Runbook AI API guide provides documentation and instructions on how to use its application programming interface (API), including details on the functions, parameters, and endpoints available for developers to interact with the API.
Fixlet Repository Guide
This document provides detailed list of out-of-box fixlets available within BigFix Runbook AI. This information is intended for administrators and users authorized for configuring use cases / fixlets within BigFix Runbook AI, which works in conjunction with HCL Bigfix engine.
Integration Guide
This guide provides instructions to enable integrations with various ITSM and Runbook Automation tools, while configuring BigFix Runbook AI.
Lab Manual
This lab manual provides infrastructure administrators, installation and configuration administrators, and end users with detailed instructions on how to install, configure, and use BigFix Runbook AI. It is divided into modules, each containing an introduction and lab exercises. The manual also references additional servers, post-installation steps, and other documents for more information.
Troubleshooting Guide
This guide provides instructions to troubleshoot some of the commonly occurring issues along with the resolution steps. This information is intended for administrators responsible for installing, configuring, and supporting BigFix Runbook AI product.
Abbreviations
A list of abbreviations and their expansions.
CISA Known Exploited Vulnerabilities (KEV): Overview
The Known Exploited Vulnerabilities (KEV) Content Pack is available as an add-on for BigFix. It is a collection of BigFix Fixlets that is derived from extensive research of the CISA KEV catalog, NVD, and Vendor Advisories. This KEV Content Pack provides BigFix operators with the ability to quickly identify endpoints with vulnerabilities that are high-risk and time-sensitive given that they are known to have been exploited or are actively being exploited.
CISA Known Exploited Vulnerabilities (KEV): Overview
The Known Exploited Vulnerabilities (KEV) Content Pack is available as an add-on for BigFix. It is a collection of BigFix Fixlets that is derived from extensive research of the CISA KEV catalog, NVD, and Vendor Advisories. This KEV Content Pack provides BigFix operators with the ability to quickly identify endpoints with vulnerabilities that are high-risk and time-sensitive given that they are known to have been exploited or are actively being exploited.
Enable BigFix KEV Content Pack Site
This topic provides instructions on how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the site.
KEV Scanner Policy Action Management
BigFix provides four utility tasks to facilitate the deployment, execution, and configuration of the Known Exploited Vulnerabilities (KEV) Scanner. The KEV Scanner is necessary to identify certain CVEs (for more details on which CVEs require the KEV Scanner, refer to BigFix Wiki at BigFix Known Exploited Vulnerabilities (KEV) Content Pack).
Payment Card Industry (PCI) Add-on User Guide
The BigFix PCI DSS Add-On is a premium component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Overview
HCL BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based on the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Setup
Complete configuration steps to access the PCI DSS checklists and checks and ensure accurate relevance evaluation on the endpoints.
Using checks and checklists
The check Fixlets in Configuration Management checklists assess an endpoint against a configuration standard. Many check Fixlets have a corresponding analysis, sometimes referred to as measured values, that report the value of the element that the check Fixlet evaluates.
Understanding the results in BigFix Compliance Analytics
Use BigFix Compliance Analytics (formerly known as Security and Compliance Analytics or SCA) to navigate and explore security configuration check results.
Resources
You can find more information about Security Configuration Management and PCI DSS in the following resources.
RHEL ESU Add-On User's Guide
BigFix content supporting Red Hat’s Extended Update Support (EUS) and Extended LifeCycle Support (ELS) patching program is available as an add-on to the BigFix Patch, BigFix Lifecycle and BigFix Compliance products.
Understanding RHEL patch add-ons
This topic gives you a brief introduction about Red Hat Enterprise Linux (RHEL) Patch Add-Ons.
Enabling EUS patch functionality
This topic describes how to enable BigFix EUS Patch functionality in BigFix.
Deploying extended support patches with BigFix
You can apply Extended Support (EUS and ELS) patch Fixlets the same way you have been applying all your RHEL patches with BigFix.
Frequently Asked Questions
Learn the answers to frequently asked questions about BigFix EUS/ELS Patch Add-Ons for Red Hat Enterprise Linux 5, 6, 7 and 8.
Service Graph Connector Integration
The Service Graph Connector is available as an add-on for integrating BigFix Inventory with your CMDB. The connector is designed to support common use cases and requires additional customizations to meet your specific business process requirements. Successful implementation of the connector requires thorough assessment and due diligence, and could involve modifications to input fields or the implementation of specialized reconciliation processes to align with your internal workflows.
Service Graph Connector Integration
The Service Graph Connector allows you to integrate the BigFix Inventory with the CMDB. The connector is designed to support common use cases and requires additional customizations to meet your specific business process requirements. Successful implementation of the connector requires thorough assessment and due diligence, and could involve modifications to input fields or the implementation of specialized reconciliation processes to align with your internal workflows.
Guide in PDF format
Windows ESU Patch Add-On User's Guide
BigFix content supporting the Extended Support Updates (ESU) patching program from Microsoft® is available as an add-on to BigFix Patch, BigFix Lifecycle and BigFix Compliance.
Enabling Windows ESU Patch functionality
Before you can start using the Windows ESU add-on, you should first enable it.
Preparing endpoints to accept Windows ESU patches
After subscribing the endpoints in your deployment to a BigFix Extended Security Updates (ESU) patch site, you can use the content in the site to prepare the endpoints to accept the ESU patches.
Testing Windows ESU Patch Delivery
Using Minimize WMI usage feature
Know more about the optional feature, Minimize WMI usage feature.
Frequently Asked Questions
Learn the answers to frequently asked questions about ESU patching with BigFix.
To add feedback about this topic, select the following checkbox: