Welcome to the BigFix Blog, where you can read the perspectives from network and service assurance experts. This Blog provides insights into the endpoint management solution, as well as technical details about specific IBM products.
The IBM Endpoint Manager SSL Heartbeat Vulnerability (CVE-2014-0160) Scanner, developed by the IEM AVP Team, is being made available to customers to assist in identifying potentially vulnerable systems through a distributed and automated approach. Customers can find the latest version of the scanner in the Bigfix Labs site version 35. The Scanner has 2 different operating modes available: - Filesystem scan to locate executables and libraries that may contain affected versions of OpenSSL (including applications embedding OpenSSL) -... [More]
Hi everybody, We have been slowly transitioning our customer-facing documentation and technical info pages from our legacy BigFix sites to IBM systems. Here is a quick overview of some of the changes: New "Endpoint Management Community" -- This page basically links to all the pages discussed below. New "Endpoint Management" Blog -- (You are reading my first blog post.) We didn't have a blog at BigFix and instead used mailing list updates and forum posts. But... we think the blog is a better way to communicate and we... [More]
Content in the Patches for Windows (English) has been modified: Modified Fixlet Message: MS12-053: Vulnerability in Remote Desktop Could Allow Remote Code Execution - Windows XP SP3 - V2 (ID: 1205301) MS12-053: Vulnerability in Remote Desktop Could Allow Remote Code Execution - Windows XP SP3 - V2 - CORRUPT PATCH (ID: 1205303) MS12-055: Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege - Windows XP SP3 - V2 (ID: 1205501) MS12-055: Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of... [More]
Just a quick note to let you know that we have increased our deployment size upgrade recommendations to encourage deployments of less than 15,000 seats to begin the upgrade process. As always, we recommend that you upgrade your servers and consoles at the same time because older consoles will not be able to connect with the upgraded server. We'll be updating our deployment size recommendations more frequently now that the holidays are over, so please subscribe to the blog's RSS feed to make sure you're aware of the latest updates. We'll... [More]
Here are two articles you will want to bookmark and continually come back to. The articles will be frequently updated to include new information, tips, and the most common problem solutions as well as procedures for gathering data for troubleshooting and engaging Support for assistance in problem resolution. Featured Documents for Tivoli Endpoint Manager http://www-01.ibm.com/support/docview.wss?uid=swg21600475 What information do I include when I open a Support case with IBM? http://www-01.ibm.com/support/docview.wss?uid=swg21505708 ... [More]
IBM is pleased to announce the next release of IBM Endpoint Manager for Mobile Devices. New Features in this release include: 1. Self-Service Portal End-users to manage their own devices. Users can login to the portal using their AD/LDAP credentials. They can view device details; and, in the event of loss or theft, they can issue wipe, lock, or reset password commands, among others. 2. Enhanced Enrollment Options Authenticated enrollment is now supported via AD/LDAP integration. Additionally, administrators can optionally present additional... [More]
IBM Endpoint Manager and MaaS360 have recently been named as leaders in the Gartner Magic Quadrant for Client Management Tools and Enterprise Mobility Management respectively for the 3 rd year in a row. This recognition comes at a critical time as the mobile workforce grows exponentially and initiatives like BYOD continue to become embedded in the workplace. IBM Endpoint Manager provides real time visibility and control over all endpoints - from servers to laptops - enabling organizations to find and fix problems in minutes. This... [More]
IBM Tivoli Endpoint Manager for Security and Compliance Security Configuration Management (SCM) The Security and Compliance team at IBM has updated the content within the DISA and USGCB Checklists for Windows Operating Systems. 1) Additional DISA Vulnerability IDs have been added: 1. V-1077 2. V-1089 3. V-1095 4. V-1102 5. V-1103 6. V-1122 7. V-1126 8. V-1130 9. V-14250 10. V-14267 11. V-14268 12. V-14269 13. V-14270 14. V-15705 15. V-15706 16. V-15727 17. V-16021 18. V-16048 19. V-18010 20. V-3337 21. V-3481 22. V-3487 *Affected Sites* DISA... [More]
We've just released a new feature to
Labs- the Client Manager Builder. The Client Manager Builder can help you
manage anti-virus products from vendors that are not supported by the
Client Manager for Endpoint Protection (CMEP) site by generating
content for those unsupported anti-virus products. The CMEP site
currently supports the following vendors: McAfee, Symantec,
Trend Micro, Microsoft™, Sophos, Computer Associates, and IBM®.
For more information about how to use
this cool feature, please refer to this wiki: Using the Client... [More]
We are pleased to announce that TEM Power Management now supports MAC OS X Lion (10.7), Windows 2008, and Windows 2008 R2. Actions to Take: Please apply Fixlet ID 58 “Enable Power Tracking with Default Assumptions” to applicable computers. Please create new power profiles under “Manage Power Profiles” to change power settings for new supported OSes. Published site version: Power Management, version 32 As part of this Fixlet release and our ongoing review of all of our Fixlets, we have also successfully reduced the size of this Fixlet
IBM has released several new features in the Mobile Device Management Fixlet Site for IBM Tivoli Endpoint Manager. 1. Nitrodesk Touchdown support The TEM Agent now integrates with Nitrodesk Touchdown. This allows TEM to control a richer set of configurations on Android devices, such as selective wipe, and security polices like password length, encryption etc. 2. Google Cloud Messaging The Android agent can now use Google Cloud Messaging to provide much quicker response times to action commands. 3. Proxy Agent enhancements The Proxy Agent... [More]
Managing even a simple datacenter entails some pretty complex activities… things like performing server builds, ensuring security compliance on servers, managing both a physical and virtual server environment as well as keeping servers patched. Just patching is a complex activity as you have to deal with everything from patching single servers to patching business services that span multiple servers as well as patching nodes in a cluster… all while ensuring your servers are in a maintenance window and in some cases ensuring... [More]
Just a quick post on some of the setup and configuration changes you can expect in version 8.2. On upgrade, all existing Console users will be migrated to local users. Console users will be asked to provide .pvk files on initial login for the purposes of verification only and will not be used for subsequent login attempts. Consoles in 8.2 connect to the Server through HTTPS 52313. This replaces the previous method of ODBC connections. This is configurable. Account provisioning is now handled by the Console, not the BESAdmin tool. However,... [More]
Many companies look at Software Asset Management (SAM) as
something they can manage with spreadsheets and home grown software. Until a software company performs a license
audit and they find their spreadsheets are out of date and then the CEO wants
to know why the company is faced with a huge unplanned software bill. Or maybe their software costs are consuming
more and more of their limited IT budget and management wants to know if all
these software licenses are really being used.
Seems like a good question, but they can’t even... [More]
Here is some simple steps for new users. Let's take Patch Overview dashboard for example. First, enable Patching Support site: 1. Locate License Overview dashboard in BES Support site: 2. Ctrl+F to launch the Find window and type in Patching Support, it will help you to locate the Patching Support site in the License Overview dashboard. Then click Enable: 3. Wait until the site is up-to-date, currently the latest version is 26: Second, go to Patch Management... [More]
Hello World! :) I have had an issue the other days about using the new ILMT 9.x (IBM License Metric Tool) in parallel with IEM for SUA 9.x (IBM Endpoint Manager for Software Use Analysis). Even raised an APAR for it, APAR IV59595, raised to clarify this and add the details in the IEM for SUA's InfoCenter. Speaking of InfoCenter, I have found this link: http://pic.dhe.ibm.com/infocenter/tivihelp/v26r1/index.jsp?topic=%2Fcom.ibm.lmt.doc_9.0%2Fcom.ibm.license.mgmt.doc%2Fplaninconf%2Fc_poc_recommendation.html So this states that: "... [More]
Have you ever wanted to measure the quality of your infrastructure? Perhaps you'd like to know the time it takes for your endpoints to respond to questions and for the data to make it into the database? Well, now you can. One of our engineers, Aram, has come up with a simple SQL statement to provide what we are calling "Travel Time". Travel Time is the average time it takes for all of your endpoints to answer a question, in this case "Last Report Time", and insert that answer into the database. Using this value can... [More]
If you are an MDM customer integrating your MDM and MaaS360 deployments, please see the updated instructions for acquiring Fiberlink Web Services access on the DevWorks IEM Wiki, at https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/IBM%20MaaS360%20Integration%20for%20Unified%20Reporting .