Fixlet Streams

Fixlet Streams help to automate the process of remediating endpoint vulnerabilities, such as patch and update deployments, while offering flexibility for manual intervention when critical issues arise. The feature ensures routine security and compliance tasks are handled efficiently, freeing up IT teams to focus on strategic initiatives. Additionally, it allows for ad-hoc remediation, enabling swift responses to urgent issues like zero-day vulnerabilities.

It offers a unique blend of routine automation and emergency flexibility, which is not fully available in existing BigFix features. It adds real-time response capabilities, more efficient emergency patch handling, and enhanced time-saving measures, making it a powerful tool for modern IT and security teams.

Key Benefits

  • Increased Efficiency: Automates routine patch and update deployments, reducing the manual effort required and allowing IT teams to focus on higher-priority tasks.
  • Faster Response to Emergencies: Provides the flexibility to deploy critical patches and updates immediately in response to urgent threats, such as zero-day vulnerabilities.
  • Improved Security and Compliance: Ensures endpoints are consistently updated with the latest security patches, reducing the risk of vulnerabilities being exploited.
  • Strategic Focus: By handling the majority of remediation tasks automatically, IT teams can dedicate more time and resources to strategic initiatives that add value to the organization.
  • Reduced Risk of Human Error: Automation reduces the likelihood of manual errors in patch deployment, ensuring consistency and reliability across the organization’s endpoints.

Setting Up Automated Remediation

The Fixlet Stream feature allows users to automate patch and update deployments across devices by utilizing pre-built or custom Fixlet streams. The Fixlet steams are displayed as cards showing the stream’s name, status (Active/Inactive), and a brief description.
Fixlet Streams

You need to Subscribe Devices to a Fixlet Stream. This is done by creating dynamic filters that continuously match devices based on defined criteria. You can group devices by specifying conditions based on attributes, such as OS or software version, and then applying or resetting these conditions. Once applied, devices are subscribed to the stream, and you can proceed to Create automation for deployment. Throughout the process, you'll also be able to monitor Fixlet compliance and Deployment progress for the active stream. For step-by-step information, read Setting up Fixlet Streams.

Key Notes:

  • Dynamic Filters: Filters will continuously evaluate device subscriptions, ensuring that newly added devices meeting the criteria are included in the deployment automatically.

  • Multiple Conditions: You can refine your subscriptions by adding multiple conditions, creating complex filters to target specific device groups.

Filtering

The Filtering Capability in Fixlet Streams enables users to refine their search based on specific criteria, making it easier to quickly find relevant updates and patches. This feature includes the following filters, each targeting a key aspect of every Fixlet stream:

  • Name: Filters Fixlet streams by searching for specific strings within the Fixlet stream's name.
  • Description: Filters Fixlet streams by searching for specific strings within each Fixlet stream's description.
  • CVE Name: Filters Fixlets based on Common Vulnerabilities and Exposures (CVE) identifiers, aiding in locating security patches for particular vulnerabilities.
  • Type: Filters Fixlets based on selected types, whether built-in or custom.
  • Vendor: Filters Fixlets by vendor, enabling targeted patch management for software from specific providers.
  • Category: Allows filtering by category, such as security or updates, within the Fixlet streams.
  • Severity: Filters Fixlets by severity level (e.g., critical, high, medium, low), helping prioritize patches that require immediate attention.

Saving a view

Fixlet Streams support saving a view of the filtered and sorted data and access the saved view quickly when needed.

Monitoring

  • Fixlet Compliance: The Fixlet compliance percentage shows the proportion of devices that have successfully applied the patch or update from the Fixlet Stream. Regular monitoring of this metric ensures that devices are keeping up with your desired compliance levels. If the compliance percentage is lower than expected, investigate why certain devices are not compliant. This could be due to errors in the deployment or devices that didn’t meet the dynamic filter criteria.

  • Deployment Progress: The system also provides a deployment progress bar for the active Fixlet Stream, allowing you to track how far along the deployment process is.

    • Real-Time Updates: Use the progress bar to monitor the deployment status in real time. This can help you spot any delays or issues during roll out.
    • Adjust Deployment Timing: If you see that deployment is not progressing as planned, you can adjust future schedules or rerun the deployment for specific device groups.

Best Practices

  • Regularly Review Device Subscriptions: Ensure that new devices matching your criteria are automatically subscribed and that conditions remain relevant over time.
  • Monitor Compliance Metrics: Stay proactive by checking Fixlet compliance and deployment progress to address issues early.
  • Keep Automation Up to Date: Revisit and refine automation definitions as organizational needs evolve.

Additional Resources