BigFix Reviews

• Patch Management
• Software Distribution
• Security Compliance
• Software Compliance

Patch compliance has improved. Using software distribution, the software distributed in the environment has been standardized. With the same software versions across the environment, compatibility issues have come down with a reduction in helpdesk tickets arising out of different software versions. There is also a check on software assets by means of implementing the software inventory module and a great deal of software compliance has been achieved.

Patch Management for a variety of operating systems makes it valuable as we can rely on a single tool for obtaining patch compliance of the entire compute infrastructure. This also ensures that we do not need to have different skills for different OS patch requirements.

• Relay selection and availability needs improvement as an incorrect relay selected can cause network chokes.
• Client reporting to the console is a minor issue but definitely needs improvement.
• Reporting needs to be enhanced with maybe a simple GUI based report generator with drag and drop features to create a custom report. The current mechanism is a bit clunky by use of filters.  

It is very stable.

No scalability issues. We have customers ranging from 250 endpoints to over 100,000 endpoints.

Customer support is excellent, but involving customer support and crossing the initial hurdles of getting past the first level of support personnel sometimes takes a while. But once it lands with the right support people the support is excellent. Level 1 support from IBM definitely needs improvement. 

No other tools were used.

The setup is pretty straightforward provided you have planned well for the deployment. Know the environment well prior to deployment: The architecture needs to be drawn up prior to deployment. Plan the deployment of main server, database server, BigFix application(s), relays, console, and finally the deployment of clients.

We are a BigFix vendor. We rate ourselves as excellent subject matter experts. Given the exposure and experience of handling fairly large deployments on Bigfix, we have gathered vast knowledge in the Patch, Security & Software compliance space.

ROI is pretty quick if you consider Security & Software Compliance as your primary use cases as Patch Management and Software Inventory Management. It has worked out to be under six months in many of our deployments. You may not be able to directly attach a ROI for security, but given the fact that Bigfix has been able to address many vulnerabilities that arise out of non patching makes Bigfix a compelling investment

Plan well to ensure you have a stable and scaleable deployment. If you have a need for many use cases: Patch Management, Software Distribution, Remote Control, OS Deployment, Software Asset Management, Vulnerability Management, Security Compliance, and Server Automation, make sure you prioritize your requirements before deployment. You should go about meeting the requirements in phases, not try and burn the entire ocean.  

No other products evaluated.

Get started with BigFix.

We are an MSP, and we use this solution for our customers as well as for our company. 

I use BigFix for everything. I use it for patch management, software distribution, OS deployment, server automation, and inventory and asset management.

BigFix is a great product. The flexibility of putting together your own relevance and retrieving custom data from any one of your agents is a valuable feature. It is one of my favorite features because if a boss asks me, "How many of these devices do we have?", I can put together a report in two seconds.

The only thing that I don't like about BigFix is that it does not support other devices such as printer firmware, router firmware, and things like that. I will be happy if I can control everything and get everything else in there, even if it is just a line item.

They can do some enhancements to the Web UI. I am trying to get customers to be able to manage their environment by using Web UI, and it would be good if we can delete endpoints by using Web UI. We should also be able to generate Excel content or data tables from the Web UI without having to go to the console. It is small stuff, and it drives me crazy that I have to go to another console to do these things.

I have been using this solution for years.

It is a pretty stable product. There are problems only if you mess up during the installation. If you do it right, then everything is fine.

It is scalable. It is able to handle up to 250,000 devices. So, you should be fine with anything under that. 

I work with all kinds of customers. I have small customers with 30 endpoints, and I also have a couple of big customers with 30,000 or 40,000 endpoints.

It has been great since it became HCL.

I know how to use them all. I have used Asterisk and other solutions, but I got used to BigFix. BigFix is pretty straightforward.

Its initial setup is straightforward.

I would advise taking some of the training so that you can use the product to the fullest potential. It is a huge and flexible product, and you can take advantage of a lot of stuff if you know how to do it. If you don't know, you're never going to take advantage of it.

I would rate BigFix a ten out of ten.

Our primary use case of this solution is for automated server patching. It integrates with our change management tool. It replaced SCCM for Windows. 

Servers are patched more consistently than they have been previously.

Some of the most valuable features are the development of the patches, the fixlets, and not having to bundle things ourselves. 

I would like to see integration of user security between the different products to be improved. There's separate security for compliance, separate security for web reports, and the console, and you have to manage those things separately. 

It's very stable.

It's very scalable. It handles it effortlessly for our needs. 

The first level two support was a little spotty a year ago. It's improved. I get a B, B plus from them. The knowledge of the first line of support seemed to be limited. 

Once you've done the setup once, it's not that complex. Initially, it can be a little bit complex to get your head around, but now that I've done it a couple of times, I don't deem it to be overly complex.

We used IBM Professional Services and it was a good experience. 

I would rate BigFix an eight out of ten. It's powerful, has low administrative overhead, it's reliable, and not too expensive. Not a ten because there's always room for improvement. 

The most valuable features are the endpoint management capabilities of what you can actually control on your endpoints, as far as vulnerability assessment, compliance, and making sure that they are up to date on multiple platforms. One single-user-stop-shop is really awesome.

A benefit is being able to do it from a single place; whether it's Windows, Linux or Solaris, the user interaction doesn't change for the operators. We can teach one on Windows and one on Solaris to do the same thing. For them it's very simple, because it all looks the same. That why I dig it.

Scalability is big for us. To be able to scale faster and quicker, with more people coming in. Probably, more of a cloud initiative presence would be good, possibly as a SaaS, that would be amazing. Yeah, I think that's what we are looking for.

Stability is solid. Very, very solid. We rarely have issues and if there are, it was usually due to old architecture issues, but we've taken care of that and since then, we really haven't had any.

Scalability could be better. I know they're improving it. They are talking about it. They preached about it a lot at a recent IBM conference, specifically. We are kind of looking forward to that.

Technical support is getting better. About five years ago, it was horrible. Over the last couple of years, it's gotten better; more engagement and more knowledge transfer, it seems like, to the first-tier level support for IBM.

I came into the company and it was already there. So, I'm not sure about previous solutions.

I was not involved in the initial setup.

It is a highly effective tool if you're cross-platform. It really gets the job done simply.

I really do dig it. I had worked with it previously, got a different job, not using it. After a little bit I came back and just looked for a job that was still using the BigFix tool. I sought out jobs specifically looking for it.

Knowledge of the tool is important when selecting a vendor. Anyone can come and take you out to lunch, or wine and dine you. That's fine, they all do it. But to be able to have someone walk up to you and know how the tool actually functions is most important to me. I don't know which vendors were evaluated.

It's easy to manage. It gives me great power over the devices that I manage with very little effort, compared to other products. With other products, it takes a lot more effort just to do the same kind of work.

It has one central location to manage all the different platforms that we have such as desktop, Windows Servers, Linux Server, Solaris, AIX and zLinux. It's great to be able to manage them all from one central location.

The feature that I would like them to implement is for the command line and I know this is probably against the design. We come from the command line and sometimes, you want to talk to the agent in real time. Seems like now with the new BigFix CLI, it's heading in that direction. It's something that we've been craving for, because sometimes you want to just talk to this agent and not have to wait. You just want to discuss things with them and get the result back. That will be great. Still, you have to dance around and probably do some voodoo in order to get that data back. We come from the old framework, in which you send a command and get your return back. This kind of power is gone in BigFix, but we love all the other stuff.

Usually after upgrades, you have some hiccups but they're manageable. It's kind of common between products, after upgrades; either it is a learning curve or it could be a bug and then it's fixed in subsequent patches. So, nothing out of the ordinary, but it scales well.

This solution scales well.

I use the technical support for stubborn kind of issues, that won't go away. However, not as much as for the other products. They're very knowledgeable and it sounds like a different breed with the IBM support.

Actually, we had all the tools and we pulled them out, after which we went to BigFix. The reason why we chose this solution is because the government paid for it.

The setup is very easy. I usually have to tell them how hard it is, but then I can do it within a day. So, this is also a very big feature.

This product is extremely easy. If you've never implemented this type of three-tier architecture tool, then you don't know it. But, for anybody who has carried out such an implementation before, it is very straightforward.

Support is the most crucial criteria while selecting a vendor, because when things hit the wall and everybody's heated and trying to finger-point, you want someone that have the backbone to say, "We'll take care of it." IBM can do that. They never try to say, "No." They take the heat really well and they control it. Big corporations are looking for that kind of security that the company can provide and they're going to put as much resources as needed, so as to get the problem solved.

I like the overall usage of it. It's easy to use, gives you great visibility into your envionment, customization of your reports, and the community of users that you can pull experience and knowledge from. So that's one of the main advantages for using BigFix.

It has definitely improved our patch process, being able to create compliance reports and hand those to management, executives and so on, and making the overall procedure of managing assets, managing end points, patching endpoints, etc. It has just made everything pretty easy.

It's not perfect, but it's close. There are some things here or there, for instance if you get down to the small details, such as if you could deploy and action it a different way, or you selected multiple endpoints and then from there, selected a right-click and deployed something from it, instead of the normal way etc.

If you could select one particular endpoint, look in the applicable fixlets, and then deploy an action from there, it would be helpful.

Of course there are many ways to achieve these aims, and you can't satisfy every possible little change here or there for everybody, these are just things that we've talked about or thrown out there in our environment.

I have been using the solution for almost two years already.

We haven't encountered any issues with stability.

We haven't encountered any issues with scalability.

I've used technical support quite often at times, when either having a small issue, or just trying to set something up new and different, and I've always had great experiences with support. They always either call me back, or email me back, or set up a WebEx to work through an issue. So I've had great experiences with support.

I haven't used a previous solution as such. I worked at a previous company, moved to the current company I am employed at now, and saw the process and how different it was.

Coming from a company that utilized BigFix, I knew that there was a better way here, and I pushed hard to get BigFix implemented. They went on my recommendation, spent the money, and we have it in place. It's been in place for almost two years now.

Regarding installation, I needed help from either support or our actual business partner or vendor. As I was just an operator previously, I never had to set it up from scratch. Actually it was pretty easy. Of course I had help, I had support, but it was nothing that was too difficult to do. Everything went seamlessly, went smoothly, and like I say we have been thoroughly enjoying it for the time we've had it.

Just do it.

I find the lifecycle and compliance models to be the most valuable features.

BigFix should consider giving organizations in Turkey a lower price.

I have been using BigFix for nearly a year. 

BigFix is a stable solution. We have not had any issues with it. 

BigFix is scalable and reliable. It has been good for our organization. 

We have not had much use for technical support. The few times that we did get in touch with them, they solved our problems. However, we have not had much need for technical support. BigFix is easy to use.

The initial setup was not complex.

BigFix is actually a little bit on the expensive side in Turkey because of the dollar's exchange rate in our currency. 

Everyone should give in Turkey a try. Our services are easy to manage with BigFix. It is a quick and easy-to-use tool. 

Our primary use case of this solution is for security patching and application patching.

From a security standpoint, it allows us to make sure that we're not leaving ourselves vulnerable to exploits and things like that. That's the biggest advantage that we see to the product from a security standpoint. 

We use it to compare current and past patch cycles. We usually roll the baselines into every patch cycle. We do some recording on previous patch cycles and stuff like that, and how effective each baseline is.

It has helped to compress our patch cycles from a long time ago. We were patching individually each day, then we were able to compress them all into a month.

I'm not sure by what percentage but it has helped to reduce help desk calls, in terms of security vulnerabilities, but it has reduced the amount of vulnerabilities and the security notifications we get. Also, self-service lets us install notifications, not like sending a front line support personnel.

Some of the most valuable features would be: 

• The custom content 
• Baselines
• Inventory
• Application usage

I would like to see: 

• More custom content
• Better content for Mac 
• Automated patching. They have this but I'm looking for improvements.
• Automated baselines for patching.

Stability is good. It works well. When it works, it works great. It's pretty quick to respond.

Scalability is good. From my other experience using the relays and things like that, it scales pretty widely. We have a pretty good amount of endpoints and it works well for us.

Technical support is good. We have a close relationship with people who work in the company. We are fortunate where we get direct communication with them, so it's good.

We weren't previously using a solution, so we knew we had to invest in one. We brought in a bunch of different solutions and BigFix was the one that won out. 

The initial setup was was complex because it was new. The help that they gave us and the documents that they gave us were really straightforward. The first time I set it up there was a learning curve, but the second time it was real easy.

We also looked at Microsoft SCCM. We chose BigFix because it's more inclusive, it's centered towards Microsoft and Windows. There's a lot more content and things like that so, it's much more in-depth and widespread than SCCM.

I would rate BigFix an eight or nine. We've been using it for a really long time and we're happy customers. 

I would advise someone considering BigFix to split it up and compare it to what you're looking at. You'll see that it can do more than other competitors.