Our primary use case is Patch Management.
Good patch management capabilities help us save time during deployment
Pros and Cons
- "This has very much improved our organization by saving time to deploy thousands of endpoints to our customers."
- "We would like to see a different license plan, e.g. to include features from lifecycle with Patch Management, as an example."
What is our primary use case?
How has it helped my organization?
This has very much improved our organization by saving time to deploy thousands of endpoints to our customers.
What is most valuable?
The most valuable feature is Patch Management.
What needs improvement?
We would like to see a different license plan, e.g. to include features from lifecycle with Patch Management, as an example.
Buyer's Guide
BigFix
December 2024
Learn what your peers think about BigFix. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
For how long have I used the solution?
We have been using BigFix for five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Project Engineer at a tech services company with 10,001+ employees
This tool offers the capability to bundle a script ahead of patching, so maintenance and the corresponding patching is a click of a button
Pros and Cons
- "In terms of vulnerability management, it gives tough competition by providing a single management console with multiple benefits."
- "The tool should be more friendly in terms of Web UI and should be having better vulnerability scanning mechanisms so a third-party application is not required to fulfill that aspect."
What is most valuable?
I have been using the patch management and server automation feature of this product. In terms of vulnerability management, it gives tough competition by providing a single management console with multiple benefits. Customization as per the requirements is one of of best it offers and almost any form of scripts and any OS can be supported for those customization.
How has it helped my organization?
The automation aspect has surely reduced the manual efforts leading to diverting those into other productive areas. Instead of manually bringing down any application prior to maintenance, this tool offers the capability to bundle a script ahead of patching, so maintenance and the corresponding patching is just a click of a button.
What needs improvement?
The tool should be more friendly in terms of Web UI and should be having better vulnerability scanning mechanisms so a third-party application is not required to fulfill that aspect.
For how long have I used the solution?
I have been using the product for almost five years and have explored quite a lot with respect to its utilization and benefits.
What do I think about the stability of the solution?
The tool has been quite stable. It has improvements within each version, which have made it become better and more powerful.
What do I think about the scalability of the solution?
No issues. It can well support clients, even if it is more than 100,000, easily and efficiently.
How are customer service and technical support?
The support from IBM is good. It sometimes takes them a while to identify and come up with a workaround which can impact the environment.
Which solution did I use previously and why did I switch?
Not really, I have been using multiple tools like BigFix/SCCM/Tanium for vulnerability remediation/inventory management. I never really switched from any other tool, but used them in parallel for different projects.
How was the initial setup?
The setup is pretty straightforward, if you have a good knowledge about the geographical spread of your clients, so the relays are appropriately mapped.
What's my experience with pricing, setup cost, and licensing?
Understand the requirements and the amount of use before choosing it. If you are just managing Windows machines with the regular MS released updates, than WSUS might be a cheaper and more viable solution. If you are looking forward to a single tool with third-party vulnerability remediation and in-house customization, then this is product is good to go.
Which other solutions did I evaluate?
SCCM was an option at one point, but we zeroed in on BigFix due to the customization possible.
What other advice do I have?
It is a niche tool with good exposure to required customization and automation, but still requires quite a lot of expertise to handle in comparison to its competitive tools.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
BigFix
December 2024
Learn what your peers think about BigFix. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Systems Administrator at a tech services company with 1,001-5,000 employees
Helped us to identify the compliance of devices and has also improved the way that we manage our software inventory
Pros and Cons
- "BigFix helped us to identify the compliance of devices and has also improved the way that we manage our software inventory for reporting to vendors."
- "I would like to see improvements in the Web UI program and also a BigFix console for Mac OS."
What is our primary use case?
We use BigFix to manage Windows and Mac OS. We also use it for deploying patches and software across the company.
How has it helped my organization?
BigFix helped us to identify the compliance of devices and has also improved the way that we manage our software inventory for reporting to vendors.
It has helped to reduce network traffic when it comes to downloading patches. It helps a lot because we have the ability to customize the uses of the bandwidth in our company, and it helps us to reach every region no matter the size of the link that we have in the network. We use patch management for deploying Microsoft patches and compliance to deploy security policy across the environment.
Finally, it has helped to compress the patch cycles. It has helped us to reduce the time that we need to use for patch management by at least 50 percent.
What is most valuable?
The scalability and the ability to manage different operating systems are the two most valuable features.
What needs improvement?
I would like to see improvements in the web UI program and also a BigFix console for Mac OS.
What do I think about the scalability of the solution?
Scalability is really great because we have the ability to scale the solution no matter how many endpoints we have. The last updates came with a lot of improvements regarding the scalability.
How are customer service and technical support?
Their technical support needs some improvement. We have had some cases where we didn't get enough support from the support team but I think it's improving now.
Which solution did I use previously and why did I switch?
We switched to BigFix because of the scalability and because it can be used across multiple platforms.
How was the initial setup?
The implementation is really straightforward and it's easy to implement with the environment.
What other advice do I have?
SCCM is a complex solution that needs a lot of licenses which means a lot of money. It only supports Windows and BigFix can be deployed across Linux and Microsoft operating systems.
I would rate BigFix a nine out of ten. Not a ten because there are some improvements that can be done to the product and the support that we get from the vendor needs improvement.
BigFix can do almost anything. You should know how to use it based on your specific requirements, but it can do almost anything.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Desktop Engineer at a tech services company with 501-1,000 employees
Allowed us to proactively seek out issues as well as quickly react to issues and target only computers which needed fixes
Pros and Cons
- "Ability to run custom reports and custom relevance."
- "We need a much better multi-tenant option."
What is most valuable?
Ability to run custom reports and custom relevance.
How has it helped my organization?
It allowed us to proactively seek out issues as well as quickly react to issues and target only computers which needed fixes. It was very easy to streamline down to what was needed.
What needs improvement?
We need a much better multi-tenant option.
We had 60 plus divisions and there was no real way to effectively give those people the help at the division sufficient rights within the console to see just their responsibilities. We wanted Bob at one of our divisions to have console access and only be able to manage his computers. We were not able to find a way to effectively do this. They had a web console that did not really handle our needs.
My current company is a consulting firm. If they had a better way to have multi-tenant access, this could be a product that could potentially do great good for us. As it was, when I last used it, it would not work for us without setting up a new instance for every customer we manage. Not really effective for our needs.
For how long have I used the solution?
I have used it for about four years.
What do I think about the stability of the solution?
Yes, occasionally we did.
What do I think about the scalability of the solution?
Yes, we did find some “quirks” and had to get creative, but we were able to work within the solution to streamline transfer speeds to not saturate networks between sites when synchronizing enormous install packages to our relays scattered around the country. Also, we could not easily scale the management to multiple tenants as we hoped and as we were able to do with other products in the past.
How is customer service and technical support?
I didn’t have to deal with them much. Others did. We frequently found that we were bringing solutions to them.
How was the initial setup?
I did not do the initial setup.
What's my experience with pricing, setup cost, and licensing?
This was not my responsibility.
Which other solutions did I evaluate?
I was not the decision-maker here.
What other advice do I have?
It is a great product. Spend some time really learning about the capabilities and how things are organized within the product. Then, spend some time really planning your structure and how the organizational groups should play out. It will make things a lot easier down the road when you need to send something to just one area of your business. Unfortunately, it is usually after a product is implemented that we truly understand how to best implement for our environment.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Security Analyst at Cleveland Clinic
Patch management makes it easy for out-of-band and in-band patching
What is our primary use case?
- A central engine for endpoint posture improvements
- Excellent compliance reporting with customizable dashboards
- Scalability and expandability support any heterogeneous environment.
How has it helped my organization?
BigFix has helped us in improving the overall endpoint posture and lifecycle management of the workstations as well as applications.
What is most valuable?
- Compliance reporting is the best.
- Patch management makes it easy for out-of-band and in-band patching.
- Inventory correlation with third-party tools.
What needs improvement?
- Complex design and administration
- Offline management
- Remote support on unsupported platforms
- A large infrastructure required to implement for a medium-sized organization
- Also, I would like to see if BigFix could be application aware for more in-depth compliance and reporting.
For how long have I used the solution?
One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Security Analyst at a tech services company with 10,001+ employees
The most valuable feature for me is being able to reach all systems at once
How has it helped my organization?
I'd probably say it's a great asset for inventory management. You don't know, especially in our environment, where everything is and it just appears. Then you can track down what belongs to whom, for inventory purposes.
There is some complexity, a learning curve, but overall it's a great product. I have and will recommend it to anybody.
What is most valuable?
The most valuable feature for me is being able to reach all systems at once.
What needs improvement?
I would probably just say the user interface and the web portal option. They came up with a GUI interface to use on the web, so it's very user-friendly. It's good for your lower level operators. Maybe a little more up-to-date interface would be better. It still has an older interface on the console.
What do I think about the stability of the solution?
Stability is great.
What do I think about the scalability of the solution?
With regards to scalability, it's come a long way. I've only been working with it for about two years, and in those two years, it's evolved so much.
How are customer service and technical support?
The technical support is always good.
How was the initial setup?
I wasn't involved in the initial setup for this company.
Which other solutions did I evaluate?
Price and support were the most important factors we considered. I wasn't actually involved in this setup so I don't know which other professional endpoint security companies were on the shortlist.
What other advice do I have?
It's great if you're looking for an all-in-one inventory management, patch management and security tool. Now they have also added Detect, which is an awesome response tool. It's almost getting to a one-stop shop solution for inventory and patch management and automation.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Consultant at activedge
Easy to use, cheaper than the value, and there is tons of support from the BigFix community
Pros and Cons
- "I would advise someone considering this product to go for it. It's easy to use, cheaper than the value, and there is tons and tons of support from the BigFix community. With almost every challenge we have someone who has encountered it, and you will have a solution right away."
- "To make it a ten they should improve the licensing. Second, if they could have one environment for everything it would be nice. For you to install compliance you need to install the server, and then you add the modules. For you to install inventory you install the server and then you add the modules. It's not easy to do. When I was doing it before I learned it, it was not straight forward."
What is our primary use case?
We use this solution for patch management and software distribution.
How has it helped my organization?
Initially, for the customers that we consult for, their IT Security and IT Operations units were working in silos, especially with regards to patch management and vulnerability and compliance reporting. BigFix effectively bridged the gap between both teams while providing a single robust reporting interface for both teams.
What is most valuable?
Compliance is the most valuable feature. It allows you to build custom policy checklist while leveraging recommended industry security compliance checklists e.g DISA-STIG, CIS, PCI-DSS
What needs improvement?
Upgrading from an Evaluation license to a production license is not error free. Managed endpoints still gets stuck with the evaluation masthead and as such would not let you execute actions outside the BigFix management client maintenance actions. This needs to be improved
For how long have I used the solution?
One to three years.
What do I think about the scalability of the solution?
It's very scalable. The highest I did was between 9000 to 11,000 networks and I didn't lose any performance with that.
Which solution did I use previously and why did I switch?
I initially onboarded with Microsoft SCCM. The user interface leaves a lot to be desired, performance impact as you go above 10,000 endpoints and also maintenance tasks like setting up of distribution points are not available at the click of a button.
How was the initial setup?
The initial setup is straight forward. I deployed it in around three weeks. I started with installing the servers and the primary relay, then I installed 2 relays per subnet, made the relays deployment points and then installed the BigFix clients locally from the deployment points.
What's my experience with pricing, setup cost, and licensing?
Compliance, and lifestyle are a bit pricey especially to customers that get SCCM included as part of their ELA. It's makes convincing harder.
What other advice do I have?
I would advise someone considering this product to go for it. It's easy to use, cheaper than the value, and there is tons and tons of support from the BigFix community. With almost every challenge we have someone who has encountered it, and we will have a solution right away.
I would rate it an eight out of ten. To make it a ten they should improve on the issues stated above
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Director of Security Solutions at a tech services company with 51-200 employees
It allows for a thin infrastructure that can be exploited by the customer for multiple purposes.
What is most valuable?
The most valuable features of the BigFix solution are integration with a single agent and that the customer can deploy the Inventory module, the Lifecycle Management module, or the newly announced BigFix Detect Security module. That's really valuable because it allows for a very thin infrastructure on the end point, that the customer can exploit for multiple purposes.
How has it helped my organization?
It represents to a customer a very strong and quick ROI, so the investment and value becomes very positive early on. There is a higher level of security and awareness, along with a very high level of control at the end points.
What needs improvement?
The one feature that I would have like to see included (I know it is coming in the next release), is the block function of the newly announced BigFix Detect module.
In my opinion, the products are on the right track and we've had great success with them.
What do I think about the stability of the solution?
Stability has not been an issue at all.
What do I think about the scalability of the solution?
There have been no scalability issues.
Which solution did I use previously and why did I switch?
The most important factor while choosing a vendor is how much profit we can make after selling the solution. Secondly, how successful could I make the solution in the marketplace. The third factor would be the level of support from the provider.
What other advice do I have?
Just do it!
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free BigFix Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Endpoint Protection Platform (EPP) Configuration Management Patch Management Unified Endpoint Management (UEM)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Cisco Secure Endpoint
SentinelOne Singularity Complete
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Symantec Endpoint Security
Intercept X Endpoint
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
Tanium
ESET Endpoint Protection Platform
Check Point Harmony Endpoint
VMware Carbon Black Endpoint
HP Wolf Security
Buyer's Guide
Download our free BigFix Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between BigFix And Carbon Black Cb Defense?
- SCCM vs BigFix: what are pros and cons?
- What is the biggest difference between BigFix and BMC TrueSight Server Automation?
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?
- What to choose: an endpoint antivirus, an EDR solution or both?
- Are you aware of SIEM platforms that integrate both Active Directory auditing and security monitoring tools?