BigFix Reviews

Our primary use case is Patch Management.

This has very much improved our organization by saving time to deploy thousands of endpoints to our customers.

The most valuable feature is Patch Management.

We would like to see a different license plan, e.g. to include features from lifecycle with Patch Management, as an example.

We have been using BigFix for five years.

I have been using the patch management and server automation feature of this product. In terms of vulnerability management, it gives tough competition by providing a single management console with multiple benefits. Customization as per the requirements is one of of best it offers and almost any form of scripts and any OS can be supported for those customization.

The automation aspect has surely reduced the manual efforts leading to diverting those into other productive areas. Instead of manually bringing down any application prior to maintenance, this tool offers the capability to bundle a script ahead of patching, so maintenance and the corresponding patching is just a click of a button.

The tool should be more friendly in terms of Web UI and should be having better vulnerability scanning mechanisms so a third-party application is not required to fulfill that aspect.

I have been using the product for almost five years and have explored quite a lot with respect to its utilization and benefits.

The tool has been quite stable. It has improvements within each version, which have made it become better and more powerful.

No issues. It can well support clients, even if it is more than 100,000, easily and efficiently.

The support from IBM is good. It sometimes takes them a while to identify and come up with a workaround which can impact the environment.

Not really, I have been using multiple tools like BigFix/SCCM/Tanium for vulnerability remediation/inventory management. I never really switched from any other tool, but used them in parallel for different projects.

The setup is pretty straightforward, if you have a good knowledge about the geographical spread of your clients, so the relays are appropriately mapped.

Understand the requirements and the amount of use before choosing it. If you are just managing Windows machines with the regular MS released updates, than WSUS might be a cheaper and more viable solution. If you are looking forward to a single tool with third-party vulnerability remediation and in-house customization, then this is product is good to go.

SCCM was an option at one point, but we zeroed in on BigFix due to the customization possible.

It is a niche tool with good exposure to required customization and automation, but still requires quite a lot of expertise to handle in comparison to its competitive tools.

We use BigFix to manage Windows and Mac OS. We also use it for deploying patches and software across the company.

BigFix helped us to identify the compliance of devices and has also improved the way that we manage our software inventory for reporting to vendors.

It has helped to reduce network traffic when it comes to downloading patches. It helps a lot because we have the ability to customize the uses of the bandwidth in our company, and it helps us to reach every region no matter the size of the link that we have in the network. We use patch management for deploying Microsoft patches and compliance to deploy security policy across the environment.

Finally, it has helped to compress the patch cycles. It has helped us to reduce the time that we need to use for patch management by at least 50 percent.

The scalability and the ability to manage different operating systems are the two most valuable features. 

I would like to see improvements in the web UI program and also a BigFix console for Mac OS.

Scalability is really great because we have the ability to scale the solution no matter how many endpoints we have. The last updates came with a lot of improvements regarding the scalability.

Their technical support needs some improvement. We have had some cases where we didn't get enough support from the support team but I think it's improving now.

We switched to BigFix because of the scalability and because it can be used across multiple platforms.

The implementation is really straightforward and it's easy to implement with the environment.

SCCM is a complex solution that needs a lot of licenses which means a lot of money. It only supports Windows and BigFix can be deployed across Linux and Microsoft operating systems.

I would rate BigFix a nine out of ten. Not a ten because there are some improvements that can be done to the product and the support that we get from the vendor needs improvement.
BigFix can do almost anything. You should know how to use it based on your specific requirements, but it can do almost anything.

Ability to run custom reports and custom relevance.

It allowed us to proactively seek out issues as well as quickly react to issues and target only computers which needed fixes. It was very easy to streamline down to what was needed.

We need a much better multi-tenant option. 

We had 60 plus divisions and there was no real way to effectively give those people the help at the division sufficient rights within the console to see just their responsibilities. We wanted Bob at one of our divisions to have console access and only be able to manage his computers. We were not able to find a way to effectively do this. They had a web console that did not really handle our needs. 

My current company is a consulting firm. If they had a better way to have multi-tenant access, this could be a product that could potentially do great good for us. As it was, when I last used it, it would not work for us without setting up a new instance for every customer we manage. Not really effective for our needs.

I have used it for about four years.

Yes, occasionally we did.

Yes, we did find some “quirks” and had to get creative, but we were able to work within the solution to streamline transfer speeds to not saturate networks between sites when synchronizing enormous install packages to our relays scattered around the country. Also, we could not easily scale the management to multiple tenants as we hoped and as we were able to do with other products in the past.

I didn’t have to deal with them much. Others did. We frequently found that we were bringing solutions to them.

I did not do the initial setup.

This was not my responsibility.

I was not the decision-maker here.

It is a great product. Spend some time really learning about the capabilities and how things are organized within the product. Then, spend some time really planning your structure and how the organizational groups should play out. It will make things a lot easier down the road when you need to send something to just one area of your business. Unfortunately, it is usually after a product is implemented that we truly understand how to best implement for our environment.

• A central engine for endpoint posture improvements
• Excellent compliance reporting with customizable dashboards
• Scalability and expandability support any heterogeneous environment.

BigFix has helped us in improving the overall endpoint posture and lifecycle management of the workstations as well as applications.

• Compliance reporting is the best.
• Patch management makes it easy for out-of-band and in-band patching.
• Inventory correlation with third-party tools.

• Complex design and administration
• Offline management
• Remote support on unsupported platforms
• A large infrastructure required to implement for a medium-sized organization
• Also, I would like to see if BigFix could be application aware for more in-depth compliance and reporting.

I'd probably say it's a great asset for inventory management. You don't know, especially in our environment, where everything is and it just appears. Then you can track down what belongs to whom, for inventory purposes.

There is some complexity, a learning curve, but overall it's a great product. I have and will recommend it to anybody.

The most valuable feature for me is being able to reach all systems at once.

I would probably just say the user interface and the web portal option. They came up with a GUI interface to use on the web, so it's very user-friendly. It's good for your lower level operators. Maybe a little more up-to-date interface would be better. It still has an older interface on the console.

Stability is great.

With regards to scalability, it's come a long way. I've only been working with it for about two years, and in those two years, it's evolved so much.

The technical support is always good.

I wasn't involved in the initial setup for this company.

Price and support were the most important factors we considered. I wasn't actually involved in this setup so I don't know which other professional endpoint security companies were on the shortlist.

It's great if you're looking for an all-in-one inventory management, patch management and security tool. Now they have also added Detect, which is an awesome response tool. It's almost getting to a one-stop shop solution for inventory and patch management and automation.

We use this solution for patch management and software distribution.

Initially, for the customers that we consult for,  their IT Security and IT Operations units were working in silos, especially with regards to patch management and vulnerability and compliance reporting. BigFix effectively bridged the gap between both teams while providing a single robust reporting interface for both teams.

Compliance is the most valuable feature. It allows you to build custom policy checklist while leveraging recommended industry security compliance checklists e.g DISA-STIG, CIS, PCI-DSS

Upgrading from an Evaluation license to a production license is not error free. Managed endpoints still gets stuck with the evaluation masthead and as such would not let you execute actions outside the BigFix management client maintenance actions. This needs to be improved

It's very scalable. The highest I did was between 9000 to 11,000 networks and I didn't lose any performance with that.

I initially onboarded with Microsoft SCCM. The user interface leaves a lot to be desired, performance impact as you go above 10,000 endpoints and also maintenance tasks like setting up of distribution points are not available at the click of a button.

The initial setup is straight forward. I deployed it in around three weeks. I started with installing the servers and the primary relay, then I installed 2 relays per subnet,  made the relays deployment points and then installed the BigFix clients locally from the deployment points.

Compliance, and lifestyle are a bit pricey especially to customers that get SCCM included as part of their ELA. It's makes convincing harder.

I would advise someone considering this product to go for it. It's easy to use, cheaper than the value, and there is tons and tons of support from the BigFix community. With almost every challenge we have someone who has encountered it, and we will have a solution right away. 

I would rate it an eight out of ten. To make it a ten they should improve on the issues stated above

The most valuable features of the BigFix solution are integration with a single agent and that the customer can deploy the Inventory module, the Lifecycle Management module, or the newly announced BigFix Detect Security module. That's really valuable because it allows for a very thin infrastructure on the end point, that the customer can exploit for multiple purposes.

It represents to a customer a very strong and quick ROI, so the investment and value becomes very positive early on. There is a higher level of security and awareness, along with a very high level of control at the end points.

The one feature that I would have like to see included (I know it is coming in the next release), is the block function of the newly announced BigFix Detect module.

In my opinion, the products are on the right track and we've had great success with them.

Stability has not been an issue at all.

There have been no scalability issues.

The most important factor while choosing a vendor is how much profit we can make after selling the solution. Secondly, how successful could I make the solution in the marketplace. The third factor would be the level of support from the provider.

Just do it!