Welcome to the BigFix Blog, where you can read the perspectives from network and service assurance experts. This Blog provides insights into the endpoint management solution, as well as technical details about specific IBM products.
We just published the Fixlets for Patches for Windows sites for German, Japanese and Chinese (Simplified) languages. The Patch Tuesday content for the remaining language sites should be available by Wednesday evening PST.
Just wanted to let you guys know that our Patch Tuesday fixlets for November 2011 are live. They hit the world roughly forty minutes ago. We also published the re-release of MS11-037 as part of that push. We'll be working next on the non-English Patch Tuesday fixlets.
Just a heads up, our tenative delivery times for this upcoming Patch Tuesday are 2:00PM PST for all patches. We'll release non-English security patches shortly afterwards. You can find more information about the upcoming November Patch Tuesday here: http://technet.microsoft.com/en-us/security/bulletin/ms11-nov
There is a document created listing all the supported endpoint protection products for CMEP at this wiki page: https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en#/wiki/Tivoli%20Endpoint%20Manager/page/Client%20Manager%20for%20Endpoint%20Protection%20%E2%80%93%20Supported%20Products It will be updated once a support for a new product is published.
Security Configuration Management (SCM) for Unix Systems The Security and Compliance team at IBM has modified the content within the UNIX System checklists to add per user ignore for the following controls: AIX 5.3 & 6.1 GEN000800 GEN000540 GEN000620 GEN000600a GEN000580 GEN000680 GEN000700 RHEL 4 & 5 GEN000540 GEN000700 Solaris 8, 9 & 10 GEN000540 ---- Site Versions ---- Self-Parameterizing Sites: DISA STIG Checklist for AIX 5.1 v7 DISA STIG Checklist for AIX 5.2 v6 DISA STIG Checklist for AIX 5.3 v6 DISA STIG Checklist for AIX... [More]
We expect to publish Fixlets for the localized versions of the October 2011 security patches by Thursday (13 Oct 2011) evening Pacific Time. We will post an update on this blog once the content for non-English versions of Patches for Windows Fixlet sites is published.
The second set of Fixlets for October Patch Tuesday is now available in version 1530 of the EnterpriseSecurity site. This set covers the following security bulletins: * MS11-078: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution * MS11-079: Vulnerabilities in Microsoft Forefront Unified Access Gateway Could Cause Remote Code Execution * MS11-082: Vulnerabilities in Host Integration Server Could Allow Denial of Service
Hi All, We are considering developing some content to support reporting and basic management of BitLocker deployments. If you use BitLocker, or are considering deploying it in the future, please share your thoughts on the below areas to help us build a more useful offering. If you'd like to provide input in a private forum, feel free to email me directly at firstname.lastname@example.org. (1) Do you currently use BitLocker, or plan to deploy it soon? If not, are you using another disk encryption technology? (2) If you are using BitLocker, on how many... [More]
We just released the first set of Patch Tuesday patches for October 2011. They should all be included in version 1529 of the Enterprise Security site. This first set includes content for: MS11-075 MS11-076 MS11-077 MS11-080 MS11-081 The rest of the patches are scheduled to be delivered around 9:30PM PST.
Just a heads up, our tenative delivery times for this upcoming Patch Tuesday are: 2:00PM PST for Kernel Patches 9:30PM PST for all Patch Tuesday Patches You can find more information about the upcoming October Patch Tuesday here: http://technet.microsoft.com/en-us/security/bulletin/ms11-oct
We have just published another set of updates to our Client
Manager for Endpoint Protection site to add support for the most recent versions
of supported vendor products: Symantec
Endpoint Protection 12 McAfee VirusScan
Enterprise 8.8 McAfee GroupShield 7.0 / McAfee
Security 7.6 for Microsoft Exchange Forefront
Client Security CA Anti-Virus / Total Defense
Hi All, Lately, we have seen an increased adoption of Microsoft Forefront, so we recently added support for Microsoft Forefront Endpoint Protection to our Client Manager for Endpoint Protection (CMEP) Fixlet site. Customers can now use CMEP to support the following Microsoft Forefront management tasks: - Report on agent health (running, stopped) - Report on client information (definition versions, engine version, client status, etc) - Deploy definition updates via the Microsoft Forefront Update Wizard - Enforce a policy that monitors the... [More]
The Inspector Search site been updated and enhanced. Try it out: http://support.bigfix.com/inspectorsearch/inspector_search.html (It can also be reached at the link at search.bigfix.com) New functionality includes enhanced descriptions of inspectors. For example: 1. In the Type field, enter substring. 2. Click the Find Inspectors button. 3. It should list 19 inspectors that match that criterion. Click on start of <substring>. The search result is displayed. Before this addition to the program, no type information was provided.... [More]
Hi everybody, We have been slowly transitioning our customer-facing documentation and technical info pages from our legacy BigFix sites to IBM systems. Here is a quick overview of some of the changes: New "Endpoint Management Community" -- This page basically links to all the pages discussed below. New "Endpoint Management" Blog -- (You are reading my first blog post.) We didn't have a blog at BigFix and instead used mailing list updates and forum posts. But... we think the blog is a better way to communicate and we... [More]
There is a new wiki for all IBM Tivoli Endpoint Manager (BigFix) best practices, and it can be found here: https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en#/wiki/Tivoli%20Endpoint%20Manager As with all Service Management Connect wikis,
you can expect to find a lot of information created by subject matter
experts, including but not limited to the following content: Best practices Customizations Fixlet authoring Lifecycle management Troubleshooting information Bookmark the new Tivoli Endpoint Manager wiki today.... [More]
Welcome to the Endpoint Management blog. This
blog is one of several within the Service Management Connect community,
and its purpose is to provide readers with ideas and perspectives about
the endpoint management solution directly from the
technical experts. Follow this blog, and you can get tips, tricks, and
perspectives on several endpoint management topics, including: Installation Integration Performance Customization Technical tips and tricks More... If you have specific topics for which you would like to see blog entries, don't... [More]
IBM is pleased to announce that BigFix Patch for Solaris just released an enhancement to the Endpoint Upgrade List - Solaris 10 analysis. This analysis retrieves a list of the Solaris endpoints that require an operating system upgrade. It now checks for the updates against the recent published Solaris OS release, which is currently at U11, and the kernel patch update, which contains a set of different fixes that is published on the Oracle support website. Actions to Take: Gathering of the site will automatically... [More]
IBM BigFix Patch is pleased to announce the release of the native tools site, named "Patches for SLE 12 Native Tools", for SUSE Linux Enterprise Desktop 12 and SUSE Linux Enterprise Server 12. This site uses Zypper, which is SLE's default package manager, and contains content from the following channels for SLE 12 x86_64 systems: SLED12-Pool SLED12-Updates SLES12-Pool SLES12-Updates Ensure that you are subscribed to these supported channels if you are using custom repositories. Actions to take: If you are... [More]
IBM BigFix Patch for Windows is pleased to announce support for Windows 10. Windows 10 updates are cumulative and its packages contain all the previously released fixes. As most patches are cumulative, the new patches are going to supersede all the earlier patches. Todate, BigFix Patch for Windows has published the following Microsoft Windows 10 Fixlets. 307468302 MS15-074, MS15-078: Security Update for Windows 10 (KB3074683) - Windows 10 (Superseded) 307468304 MS15-074, MS15-078: Security... [More]
Majority of the Fixlets in the Patches for Mac site and Updates for Mac Applications site require the endpoint to be restarted after applying a patch to ensure the stability of the endpoint’s operating system. At any given time, multiple applications and processes could be running on an endpoint. These processes could lock a file that is required to be updated by the patch. Restarting the endpoint will help remove such locks and commit the intended changes by the patch. Apple does not provide a definitive answer as to... [More]
IBM BigFix Patch for Windows has modified a previously released Fixlet ID 4000000: Adobe Digital Editions 4.0.3 Available into an Audit Fixlet. Audit Fixlets indicate that the application is outdated and users must manually apply the update. Adobe has included Norton Antivirus with the Adobe Digital Edition 4.0.3 installer. While installing ADE 4.0.3, you might encounter a checkbox to agree to the inclusion of Norton Safety Scan. Published Site Version: Updates for Windows Applications, version 821. Application Engineering... [More]
IBM is pleased to announce that BigFix Patch for SUSE just released an enhancement to an existing solution for installing packages from a custom repository. You can use the Install packages by using zypper task to install or update packages on SUSE Linux Enterprise version 11 and later endpoints that are registered to custom repositories. This task is enhanced to allow you to install all the packages that were issued until the date that you specify. The new action requires Zypper version 1.5.3-3.2 . The Zypper command... [More]
Users of Lync 2013 (Skype for Business) must first install the following KBs before installing KB3055014 to avoid encountering issues with Lync. KB2889853 (April 14, 2015, update for Skype for Business) KB3054853 (June 9, 2015, update for Office 2013) You do not have to apply this update if you applied the following updates: KB2889923 (April 14, 2015, update) KB3039779 (May 12, 2015, security update) KB2817427 (Microsoft Office 2013... [More]
The download page for MS15-093 provides two KBs: KB3078071 and KB3087985, which must be run in sequence. You must first install KB3078071 before installing KB3087985. KB3078071 was also released in MS15-079 last August 11, 2015, so you might already have this KB installed. Refer to the Installation section, for the steps to install KB3087985. Installation If you installed KB3078071 when it was released in MS15-079 last August 11, 2015, apply the Fixlet for KB3087985. If you have not yet installed KB3078071, you must do the... [More]
Content in the Patches for Windows (English) has been released: New Fixlets: Fixlets for Microsoft Security Bulletin: MS15-093 Reason for Update: Microsoft has released security bulletin MS15-093. Actions to Take: None Published site version: Patches for Windows (English), version 2306. Additional links: https://technet.microsoft.com/library/security/ms15-093 Application Engineering Team IBM BigFix
IBM Endpoint Management Product Newsletter. These communications are designed to help you derive maximum value from your software by providing you with helpful e-Support technical information, answers to frequently asked questions, and links to other key information. Please take a moment to read through the materials provided below. http://ow.ly/oKGxE - IBM Endpoint Manager