How does IBM BigFix Compliance work?

Enforces continuous security compliance

IBM BigFix Compliance offers accurate and real-time visibility and continuous enforcement of security configurations and patches. Security and compliance analytics identify, manage and report on policy exceptions and deviations. The software also shows trending and analysis of security configuration changes. The intelligent agent provides continuous compliance with automated audit cycles measured in minutes rather than weeks.

Provides PCI-DSS compliance

The solution provides Payment Card Industry Data Security Standard (PCI-DSS) compliance with BigFix Compliance Payment Card Industry (PCI) Add-on. It helps with the enforcement and compliance reporting needed to satisfy the latest PCI-DSS requirements. BigFix Compliance automatically manages system configuration to improve endpoint security and helps protect organizations from the loss of confidential customer information, while lowering operational and security administration costs.

Manages hundreds of thousands of endpoints

BigFix Compliance supports a large variety of endpoints. These include servers, desktop PCs, as well as specialized equipment such as point-of-sale (POS) devices, ATMs and self-service kiosks. It provides endpoint management for major operating systems, third-party applications and policy-based patches, and helps discover endpoints that you might not have known were in your environment.

Delivers a broad range of security functions

You get a variety of security functions plus you can add other targeted functions without adding infrastructure or implementation costs. Patch management delivers patches to endpoints on your operating system and for application vendors. Security configuration management helps detect and enforce security configurations; vulnerability management discovers, assesses and remediates vulnerabilities; and multivendor endpoint protection management manages third-party endpoint security clients.

Makes the most of BigFix technology

BigFix Compliance places an intelligent agent on each endpoint. This single agent performs multiple functions including continuous self-assessment and policy enforcement with minimal impact on system performance. It includes real-time and continuous reporting and analysis from the intelligent agent. The software also allows agents to be configured as a relay between other agents and the console, which lets existing servers or workstations transfer packages throughout the network.

How customers use it

  • Compliance overview

    Problem

    Finding current and historical compliance status across all endpoints.

    Solution

    View compliance across the enterprise and see individual categories of compliance checks in one simple, real time view. See historical compliance trending to know how the organization is improving its compliance posture over time.

  • Endpoint compliance

    Endpoint compliance

    Problem

    Ensuring all endpoints are compliant with specific security policies created based on CIS or other security benchmarks.

    Solution

    IT Operators can easily drill down into individual machines, determine their current compliance against specific regulatory or organizational polices, and schedule remediation as required.

  • PCI-DSS Compliance

    Problem

    The need to report the current status for PCI-DSS compliance.

    Solution

    IT Operators can check endpoint compliance posture against each PCI-DSS Requirement, at any given point in time, and quickly identify the areas not in full compliance, to help the organization prepare and pass annual PCI audits.

  • Vulnerability Remediation

    Problem

    Discovering vulnerabilities and effectively conveying the required patching to IT Operations.

    Solution

    The tight integration between BigFix Compliance and QRadar allows effective identification of required patches, and can prioritize patching efforts to maximize the impact to raising the security posture.

Technical details

Software requirements

Software requirements for IBM BigFix Compliance can be viewed at:

    Hardware requirements

    Hardware requirements for IBM BigFix Compliance can be viewed at:

      Buy now and get started