How does IBM BigFix Compliance work?
Enforces continuous security compliance
IBM BigFix Compliance offers accurate and real-time visibility and continuous enforcement of security configurations and patches. Security and compliance analytics identify, manage and report on policy exceptions and deviations. The software also shows trending and analysis of security configuration changes. The intelligent agent provides continuous compliance with automated audit cycles measured in minutes rather than weeks.
Provides PCI-DSS compliance
The solution provides Payment Card Industry Data Security Standard (PCI-DSS) compliance with BigFix Compliance Payment Card Industry (PCI) Add-on. It helps with the enforcement and compliance reporting needed to satisfy the latest PCI-DSS requirements. BigFix Compliance automatically manages system configuration to improve endpoint security and helps protect organizations from the loss of confidential customer information, while lowering operational and security administration costs.
Manages hundreds of thousands of endpoints
BigFix Compliance supports a large variety of endpoints. These include servers, desktop PCs, as well as specialized equipment such as point-of-sale (POS) devices, ATMs and self-service kiosks. It provides endpoint management for major operating systems, third-party applications and policy-based patches, and helps discover endpoints that you might not have known were in your environment.
Delivers a broad range of security functions
You get a variety of security functions plus you can add other targeted functions without adding infrastructure or implementation costs. Patch management delivers patches to endpoints on your operating system and for application vendors. Security configuration management helps detect and enforce security configurations; vulnerability management discovers, assesses and remediates vulnerabilities; and multivendor endpoint protection management manages third-party endpoint security clients.
Makes the most of BigFix technology
BigFix Compliance places an intelligent agent on each endpoint. This single agent performs multiple functions including continuous self-assessment and policy enforcement with minimal impact on system performance. It includes real-time and continuous reporting and analysis from the intelligent agent. The software also allows agents to be configured as a relay between other agents and the console, which lets existing servers or workstations transfer packages throughout the network.