Welcome to the Endpoint Management Blog, where you can read the perspectives from network and service assurance experts. This Blog provides insights into the endpoint management solution, as well as technical details about specific IBM products.
We've added a lot of great features and enhancements in the 8.x platform releases, with even more fantastic new capabilities to come in future platform versions. However, in order for our products to fully take advantage of all of these great benefits, we need migrate deployments off version 7.2. That's why we're pre-announcing end of support for 7.2, with plenty of advance notice to our users. Here are some reasons to upgrade:
I ntegration with Microsoft Active Directory and LDAP - Provision and authenticate Console users through... [More]
We are looking to retire the following legacy sites in March 2012: Patches for RedHat Enterprise Linux Patches for RedHat Enterprise Linux (Outdated RPMs) Before anyone starts to panic, keep in mind that we replaced these sites with the Patches for RHEL 3|4|5 sites in 2009. The Patches for RHEL sites were developed to make our patch content easier to deploy by supporting RPM dependency resolution. By retiring the legacy Red Hat sites, we will be able to clear up confusion around the two different sets of content, reduce the maintenance... [More]
We are pleased to announce that TEM Power Management now supports MAC OS X Lion (10.7), Windows 2008, and Windows 2008 R2. Actions to Take: Please apply Fixlet ID 58 “Enable Power Tracking with Default Assumptions” to applicable computers. Please create new power profiles under “Manage Power Profiles” to change power settings for new supported OSes. Published site version: Power Management, version 32 As part of this Fixlet release and our ongoing review of all of our Fixlets, we have also successfully reduced the size of this Fixlet
Be aware that currently TEM does not support migrating AD users to a different OU. When an AD user is moved to a different OU it prevents the AD user from logging into the console via LDAP. This article describes what you would need to do to restore an LDAP account. Question How to get Console LDAP operators to be able to login after moving the users to new OUs and groups? Cause Functionality not yet available. Answer Here's the workaround: 1. Backup the database. 2. Using SQL Server Management Studio by querying for the current... [More]
New flash training released for Tivoli Endpoint Manager v 8.2
This module is titled: Manually adding new software titles to the software usage analysis catalog
See all Tivoli IEA content here:
We are preparing for our upcoming release of the IBM Endpoint Manager for Mobile Devices that will support Android, Apple iOS and other devices. To support these new devices, we need to update our existing Fixlet sites' site relevance to exclude these devices and prevent unnecessary content gathering, storing, and processing. This should have no effect on any existing devices subscribed to the Fixlet sites, but a side effect of this change is that some baselines might show a warning indicating that the underlying Fixlets have changed. You can... [More]
As part of our ongoing efforts to reduce the size of our Fixlets, we are publishing a new version of the OS Deployment Fixlet today. There is no change to function, but this new version will require less disk space. The new version number is 11.
Hi All, Lately, we have seen an increased adoption of Microsoft Forefront, so we recently added support for Microsoft Forefront Endpoint Protection to our Client Manager for Endpoint Protection (CMEP) Fixlet site. Customers can now use CMEP to support the following Microsoft Forefront management tasks: - Report on agent health (running, stopped) - Report on client information (definition versions, engine version, client status, etc) - Deploy definition updates via the Microsoft Forefront Update Wizard - Enforce a policy that monitors the... [More]
Just wanted to let you guys know that our Patch Tuesday kernel fixlets
for Jan 2012 are live. They are going to be in Enterprise Security version 1557. For
now, we have content for: MS12-001 thru MS12-006. MS12-007 should be
coming out a little later. You can find the security bulletin releases from Microsoft here. Happy patching.
Security Configuration Management (SCM) for Unix Systems The Security and Compliance team at IBM has modified the content within the UNIX System checklists to add per user ignore for the following controls: AIX 5.3 & 6.1 GEN000800 GEN000540 GEN000620 GEN000600a GEN000580 GEN000680 GEN000700 RHEL 4 & 5 GEN000540 GEN000700 Solaris 8, 9 & 10 GEN000540 ---- Site Versions ---- Self-Parameterizing Sites: DISA STIG Checklist for AIX 5.1 v7 DISA STIG Checklist for AIX 5.2 v6 DISA STIG Checklist for AIX 5.3 v6 DISA STIG Checklist for AIX... [More]
The IBM Mobile Device Management team is pleased to announce the upcoming release of MDM 2.2 end of April.
Some features included in this release are initial Enterproid Integration and Web Admin Portal.
Another announcement will be made when the update has been released.
Application Engineering Team
IBM Endpoint Manager
The Inspector Search site been updated and enhanced. Try it out: http://support.bigfix.com/inspectorsearch/inspector_search.html (It can also be reached at the link at search.bigfix.com) New functionality includes enhanced descriptions of inspectors. For example: 1. In the Type field, enter substring. 2. Click the Find Inspectors button. 3. It should list 19 inspectors that match that criterion. Click on start of <substring>. The search result is displayed. Before this addition to the program, no type information was... [More]
There is currently a 0 day advisory from Microsoft in which Microsoft has not provided a downloadable patch for yet. However they, have provided a workaround to disable the vulnerability.
Important Note: The workaround is a registry setting will disable remote VPN access on an endpoint which is using NDProxy to authenticate. So if the IEM agent on the endpoint requires a VPN connection to reach its parent relay or server, applying the workaround would make the agent not reachable to its parent relay or server.
The out-of-band September 2012 security bulletins have been released in Patches for Windows (English) site version 1661. Gathering the new site version will show the Fixlets. Fixlet messages for Microsoft Security Bulletins: MS12-063 Superseded Fixlet Messages: MS12-052 Important Note: Microsoft has not released a patch for Internet Explorer 8 on Windows XP SP2 x64 systems. Once Microsoft releases it, we will release a Fixlet for it as well.
The Fixlets for the following security bulletins are now available in version 1593 of the Patches for Windows (English) site: MS12-029 MS12-030 MS12-031 MS12-034 MS12-035 It took us longer to release these Fixlets due to a larger than expected number of patches made available by Microsoft. We plan to release Fixlets for the localized versions of the patches over the next couple of days.