Welcome to the Endpoint Management Blog, where you can read the perspectives from network and service assurance experts. This Blog provides insights into the endpoint management solution, as well as technical details about specific IBM products.
"I feel the need, the need for speed!" The following checklist (with links to resources and reference articles) will help you to achieve the goal of keeping your systems and deployments working at peak performance and efficiency and will reduce the number of problems that can be experienced while working with TEM. * For any item with an asterisks by it, please refer to this Wiki article for more information:... [More]
Patching Windows clusters is largely a manual effort that is time-consuming and leaves plenty of room for error. If a mistake is made in patching your “mission critical applications” it can cost $50k, $100k or for some customers $Millions per outage. Depending on what versions of Windows you’re using, there’s little-to-no tooling to help you with this important task, and unfortunately it’s not one you can delay due to the exposure to your organization of not having the latest security patches... [More]
We have just released an update to the Patches for AIX site to provide an option to install AIX fix packs from an accessible NFS share instead of the local filesystem. Since AIX fix packs can be quite large, downloading a Technology Level(TL) or Service Pack(SP) directly to the endpoint is not always possible. With the new content changes you will be able to specify an NFS repository location which contains the fixes you wish to install.
There are a few steps you'll need to take in order to use the new capability:
Build a repository in... [More]
Hey Guys, We are nearing the official release of BigFix Labs! Here's a sneak peak: BigFix Labs is a new Domain we are offering for free to all our customers. Labs offers a wide variety of interesting as-is projects that help make your BigFix life easier. Tired of writing out common relevance expression by hand? Try the new Relevance Builder in Labs! Looking a way to import BigFix data directly into excel? Labs has your back. Want to set and manage local user passwords with BigFix? Oh you bet there is a Lab for that. This is just... [More]
I am proud to announce that a new IBM License Metric Tool 9.0 is published and available!
IBM® License Metric Tool 9.0 replaces the IBM Endpoint Manager for Subcapacity Reporting 9.0 and is available additionally on Passport Advantage for all ILMT customers.
IEM customers can download the new application from IBM License Reporting (ILMT) v9 fixlet site.
IBM License Metric Tool 9.0 offers the following enhancements:
Compliance with SP 800-131a cryptographic standards
Support for IBM... [More]
IBM has modified content in the Mobile Device Management Fixlet Site for IBM Tivoli Endpoint Manager. New/Updated Fixlet Messages: - Deploy Enrollment and Apple iOS Management Extender (ID 70) - Deploy Management Extender for Lotus Traveler (ID 71) - Deploy Management Extender for Microsoft Exchange (ID 58) - Deploy Self Service Portal (ID 144) - Deploy Trusted Service Provider (ID 143) - Upgrade Management Extender for Apple iOS (ID 94) - Upgrade Management Extender for Lotus Traveler (ID 81) - Upgrade Management Extender for Microsoft... [More]
Preparing your Tivoli Endpoint Manager Server for Tivoli Provisioning Manager for OS Deployment installation
To install Tivoli Provisioning Manager for OS Deployment using Tivoli Endpoint Manager you need to prepare a target endpoint to install Tivoli Provisioning Manager for OS Deployment. Tivoli Endpoint Manager takes care of the installation perquisites to be performed on this endpoint as required by Tivoli Provisioning Manager for OS Deployment. This includes database installation.
Tivoli Endpoint Manager 8.2... [More]
9.1.1082 (9.1 patch 1) is an emergency patch release to close the OpenSSL Heartbleed vulnerability (CVE-2014-0160). This is a critical vulnerability that affects 9.1 servers and relays. If you are running a 9.1 deployment, you need to upgrade immediately in order to close the vulnerability.
Only deployments running 9.1.1065 are exposed to the Heartbleed vulnerability. Earlier versions are not vulnerable. After upgrading from 9.1.1065 to 9.1.1082, the following steps should be performed to revoke any potentially-compromised... [More]
We have just released version 8.2.1093 of the Tivoli Endpoint Manager platform. Our dev and qa teams have been working hard to address issues found in previous releases. Updates in this release include (among others): Updates to the Windows 2000 and Mac OS X 10.7 clients A fix for a race condition which could cause clients to potentially miss UDP messages Fixes for Client UI issues where action links were not being displayed A fix for an issue where you could not assign an AIX relay to be a child of another AIX relay Non-Windows relay fixes... [More]
We are pleased to announce that new versions of TEM for Core Protection and its Data Protection Add-on (Core Protection Module v10.6 SP1) are now available. The highlights of this new release include: * Data Protection 64-bit support * Behavior Monitoring 64-bit support * 100+ new pre-configured DLP templates * IPv6 support for CPM * Updated SPR/SPS with scalability/performance enhancements * VDI - Microsoft Hyper-V platform support Published Site Versions: * Trend Micro Core Protection Module site: version 41 * Trend Micro Data Protection... [More]
IBM has modified content in the Mobile Device Management Site for IBM Tivoli Endpoint Manager. New/Changed Fixlet Messages: - Management Extender Fixlets - Upgrade Self Service Portal (ID 184) - Upgrade Proxy Agents (ID 191) Updated Analyses: - Management Extender Status (ID 87) - MDM Infrastructure Components Status (ID 153) New/Changed Wizards and Dashboards: - Setup and Configure Mobile Device Management - Health Checks - Mobile Device Security Overview (Web Report) Update Details: - The proxy agent will now correctly block actions from... [More]
IBM Tivoli Endpoint Manager for Security and Compliance Security Configuration Management (SCM) The Security and Compliance team at IBM has updated the content within the DISA and USGCB Checklists for Windows Operating Systems. USGCB: USGCB Checklist for Internet Explorer 8 --- site version 8 USGCB Checklist for Windows 7 ------------- site version 5 USGCB Checklist for Windows 7 Firewall -- site version 7 USGCB Checklist for Windows 7 Energy --- site version 8 Change list: - The metadata schema has been updated to support TEM SCA. This... [More]
IBM is pleased to announce a new dashboard for owners of the Patch Management product in the Endpoint Manager family. The Manage Download Plug-ins dashboard provides a central interface for administrators to oversee and manage download plug-ins in a deployed environment. In the past, administrators would run different management tasks, which are found in different sites, for each operating system. Note that the existing download plug-in tasks are being deprecated. Use the new dashboard to perform download plug-in management tasks . With the new... [More]
IBM is pleased to announce the release of IBM Endpoint Manager for Mobile Devices Version 2.5!
Site Version 81 – December 12, 2013
Major Release Features
Microsoft Exchange Management Extender:
Enable support of Exchange 2013.
Plugin implementation for multitenant deployments.
Lotus Traveler Management Extender:
oPlugin implementation for multitenant deployments.
iOS 7 App Configuration Support.
Security Configuration Management (SCM) for Unix Systems The Security and Compliance team at IBM has UPDATED the content within the DISA Checklists for Windows operating systems. Additional DISA Vulnerability IDs have been added: * V-1077 * V-1089 * V-1095 * V-1102 * V-1103 * V-1122 * V-1126 * V-1130 * V-14250 * V-14267 * V-14268 * V-14269 * V-14270 * V-15705 * V-15706 * V-15727 * V-16021 * V-16048 * V-18010 * V-3337 * V-3481 * V-3487 Affected Sites: DISA STIG Checklist for Windows 2003 DC ----------> site version 9 DISA STIG... [More]
IBM is pleased to announce the release of OS Deployment and Bare Metal Imaging 3.0. This release has the following features: Seamless bare metal provisioning through integration with Tivoli Provisioning Manager for OS Deployment Dashboard content to configure and manage Tivoli Provisioning Manager for OS Deployment servers for bare metal provisioning Activity dashboard to keep track of re-image, capture, and bare metal deployment tasks Image Library dashboard expanded to support re-image task and bare metal profile creation Enhanced templating... [More]
The remaining patch (Internet Explorer 8 for WinXP SP2 x64) for the out-of-band security bulletin for September 2012 (MS12-063) has been
released. It is now available in Patches for Windows (English) site
version 1662. Gathering the new site version will show the Fixlet.
IBM Tivoli Endpoint Manager for Security and Compliance Security Configuration Management (SCM) The IBM Endpoint Manager team is pleased to announce the availability of two new wizards for creating custom Fixlets within the Security and Compliance product. The two new wizards -- " Create Custom Relevance SCM Content " and " Create Custom Unix SCM Content " -- allow you to easily create custom SCM Fixlets within the TEM Console without having to use an external tool. These wizards provide significant benefits over creating... [More]
IBM is pleased to announce the release of Tivoli Endpoint Manager OS Deployment 2.2. This release has two feature additions • Driver Management - A new dashboard will be added to allow for uploading and managing drivers that are used during reimage and capture. • Bootable Media Creation Tool - A new tool will be available to create self contained bootable media for imaging an offline bare metal computer. New Dashboard: • Driver Library – Found in Systems Lifecycle->OS Deployment->Manage Images and Drivers New... [More]
Here are two articles you will want to bookmark and continually come back to. The articles will be frequently updated to include new information, tips, and the most common problem solutions as well as procedures for gathering data for troubleshooting and engaging Support for assistance in problem resolution. Featured Documents for Tivoli Endpoint Manager http://www-01.ibm.com/support/docview.wss?uid=swg21600475 What information do I include when I open a Support case with IBM? http://www-01.ibm.com/support/docview.wss?uid=swg21505708 ... [More]
Hey folks, Just wanted to update everyone and apologize for some recent issues accessing our technical information... We had a string of untimely issues of all sorts and it caused some outages... Here were the recent issues: Our support.bigfix.com and forum website were down intermittently in the last few weeks due to one of our network providers connectivity failure. We completed our scheduled forum transition, which transitioned to the new system just fine, but some users were unable to login with their new IBM forum account. If you had... [More]
Hi everybody, We have been slowly transitioning our customer-facing documentation and technical info pages from our legacy BigFix sites to IBM systems. Here is a quick overview of some of the changes: New "Endpoint Management Community" -- This page basically links to all the pages discussed below. New "Endpoint Management" Blog -- (You are reading my first blog post.) We didn't have a blog at BigFix and instead used mailing list updates and forum posts. But... we think the blog is a better way to communicate and we... [More]
Content in the Patches for Windows (English) has been modified: Modified Fixlet Message: MS12-053: Vulnerability in Remote Desktop Could Allow Remote Code Execution - Windows XP SP3 - V2 (ID: 1205301) MS12-053: Vulnerability in Remote Desktop Could Allow Remote Code Execution - Windows XP SP3 - V2 - CORRUPT PATCH (ID: 1205303) MS12-055: Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege - Windows XP SP3 - V2 (ID: 1205501) MS12-055: Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of... [More]
We've just released our first Labs update of the new year: TEM Computer Browser! BigFix rocks at reporting and taking actions across hundreds of thousands of machines at a time. If you want to patch every machine in your deployment, you can do with just one click in BigFix. However, sometimes it can be difficult to get a simple all-in-one view of a specific computer from out many-computer-centric interface. This is where the new Computer Browser comes into play. Created by Lee Wei, the same guy that brought you such favorites as the... [More]
IBM has released version 2.0 of IBM Endpoint Manager for Mobile Device Management (MDM).
New Major Features: Enhanced Multi-Tenancy Support – MDM now supports multi-tenancy with the addition of “enrollment” tags. See Additional Links section for more details. BlackBerry 10 support - BlackBerry 10 devices can now be managed through the Exchange Extender via the ActiveSync interface. Windows Phone 8 and Windows Surface RT support - These devices can now be managed through the Exchange Extender via the ActiveSync interface. Deny Email Access... [More]
Content in the Patches for Windows (English) Fixlet Site has been released. New Fixlet Messages: Fixlet messages for Microsoft Security Bulletins: MS13-008 MS13-008: Security Update for Internet Explorer - IE 6 - Windows XP SP3 (1300801) MS13-008: Security Update for Internet Explorer - IE 6 - Windows XP SP3 - CORRUPT PATCH (1300802) MS13-008: Security Update for Internet Explorer - IE 6 - Windows XP SP2 (x64) (1300803) MS13-008: Security Update for Internet Explorer - IE 6 - Windows XP SP2 (x64) - CORRUPT PATCH (1300804) MS13-008:... [More]
A security vulnerability has been discovered in OpenSSL that affects some products in the IBM Endpoint Manager portfolio.
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability to expose 64k of private memory and retrieve secret keys. This vulnerability can be remotely exploited, authentication is not required and the exploit is not... [More]
IBM Tivoli Endpoint Manager for Security and Compliance Security Configuration Management (SCM) The Security and Compliance team at IBM has updated the content within the DISA and USGCB Checklists for Windows Operating Systems. 1) Additional DISA Vulnerability IDs have been added: 1. V-1077 2. V-1089 3. V-1095 4. V-1102 5. V-1103 6. V-1122 7. V-1126 8. V-1130 9. V-14250 10. V-14267 11. V-14268 12. V-14269 13. V-14270 14. V-15705 15. V-15706 16. V-15727 17. V-16021 18. V-16048 19. V-18010 20. V-3337 21. ... [More]
IBM is pleased to announce the next release of IBM Endpoint Manager for Mobile Devices. New Features in this release include: 1. Self-Service Portal End-users to manage their own devices. Users can login to the portal using their AD/LDAP credentials. They can view device details; and, in the event of loss or theft, they can issue wipe, lock, or reset password commands, among others. 2. Enhanced Enrollment Options Authenticated enrollment is now supported via AD/LDAP integration. Additionally, administrators can optionally present additional... [More]