Try our new research platform with insights from 80,000+ expert users
Account Manager at Techlab security
Reseller
Top 20
Maximizing patch management efficiency and competitive pricing but needs asset management improvements
Pros and Cons
  • "It covers multiple operating systems and helps with patch management."
  • "BigFix could improve its asset management capabilities to discover assets, including hardware."

What is our primary use case?

BigFix is primarily used for patch management, compliance, and security patches.

How has it helped my organization?

It covers multiple operating systems and helps patch customers with patch management services, alleviating patch management issues for our customers.

What is most valuable?

It covers multiple operating systems and helps with patch management. BigFix is also valuable for its inventory, license inventory, and compliance with server hardening.

What needs improvement?

BigFix could improve its asset management capabilities to discover assets, including hardware. More improvements could be made in asset management.

Buyer's Guide
BigFix
December 2024
Learn what your peers think about BigFix. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.

For how long have I used the solution?

We have been reselling BigFix for three years.

What do I think about the stability of the solution?

The overall stability of the solution is good with no reported issues.

What do I think about the scalability of the solution?

The solution is very easy to scale.

How are customer service and support?

Customer support from HCL is satisfactory and not usually an issue.

How would you rate customer service and support?

Neutral

How was the initial setup?

The installation is quite smooth and can be managed by one person, depending on the complexity and size of the environment.

What about the implementation team?

Our project team managed the installation quite smoothly.

What was our ROI?

There has been a significant return on investment, particularly saving time and resources in patch management and compliance. It saves approximately 40% to 50% of time and resources.

What's my experience with pricing, setup cost, and licensing?

The pricing is competitive, but not the most competitive.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
PeerSpot user
VP of Solutions at a tech vendor with 51-200 employees
Consultant
It can manage lost devices, so you can wipe them remotely to ensure the IP doesn't get out in public.
Pros and Cons
  • "BigFix can manage lost devices, so you can wipe them remotely to ensure the IP doesn't get out in public. Unified endpoint security is a new perspective. I know that HCL is also collaborating with IBM, but I'm not sure if there is any cooperation between them and MaaS360 or other endpoint components."
  • "The main shortcoming of BigFix was integration with vulnerability management. If you had a vulnerability in your software and BigFix on the endpoint, you needed integration with Qualys, Tenable, or another vulnerability management solution to fix that. It was like, "Okay, we can identify issues, and get that information back from the endpoint, but what are we doing about it?""

What is our primary use case?

We used BigFix internally at my previous org. My current company is a BigFix reseller. A lot of people are looking at endpoint security now, but we primarily used BigFix for true endpoint management.

Endpoint security has become the main thing, but we used BigFix for patching and a lot of the other use cases in the past, and I think it worked pretty well. Obviously, the market has gotten much more crowded. 

What is most valuable?

The UEM component evolved into reunified endpoint management. Many of our customers used it for deployment and patching. HCL has a new endpoint security approach now, but it was really for managing that. 

BigFix can manage lost devices, so you can wipe them remotely to ensure the IP doesn't get out in public. Unified endpoint security is a new perspective. I know that HCL is also collaborating with IBM, but I'm not sure if there is any cooperation between them and MaaS360 or other endpoint components.

What needs improvement?

The main shortcoming of BigFix was integration with vulnerability management. If you had a vulnerability in your software and BigFix on the endpoint, you needed integration with Qualys, Tenable, or another vulnerability management solution to fix that. It was like, "Okay, we can identify issues, and get that information back from the endpoint, but what are we doing about it?" 

What do I think about the stability of the solution?

The stability has been solid when I've used BigFix with customers in the past. In that space, I don't think everybody is doing as much innovation as in other areas in the endpoint management or security market. 

I delineate between those two because endpoint management is a different use case. I think it's probably become a lot more important since the pandemic started.

What do I think about the scalability of the solution?

We never had any challenges with scalability. Some of our customers had tens of thousands of endpoints. 

Which solution did I use previously and why did I switch?

I used a few competitors a while back, but I don't know what LANDESK is up to these days. They were a big player in the market, but I don't know what other contenders are out there now.

What's my experience with pricing, setup cost, and licensing?

The patching tool is $250 per client device per year. The inventory and discovery tool is $15 per client per year. They have a lifecycle management tool that is the central component for managing endpoints, which costs around $43 per year. BigFix Compliance is the other part, and that's also around $43.

What other advice do I have?

I rate BigFix nine out of 10. I wouldn't recommend it to everyone. It depends on your infrastructure. If you have a pure Microsoft shop, you can probably get by deploying and managing endpoints their way. 

However, if you have a mixed environment of any kind, BigFix is good at what it does. Patch management is vital for security posture, so I wouldn't be surprised if BigFix is becoming increasingly popular.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
BigFix
December 2024
Learn what your peers think about BigFix. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Anuj Verma - PeerSpot reviewer
Technical Consultant at Aon Corporation
Real User
Reasonable price, reliable, and easy to understand
Pros and Cons
  • "Almost every feature is wonderful in BigFix. It is very stable, and we can rely on it. It is an awesome tool."
  • "It can be improved speed-wise. They can make it a little bit light. If you do any query for servers in bulk, it can take some time. Similarly, creating a job can take some time."

What is our primary use case?

We're using it for Windows patching and inventory. We are totally dependent on BigFix for these tasks.

What is most valuable?

Almost every feature is wonderful in BigFix. It is very stable, and we can rely on it. It is an awesome tool.

What needs improvement?

It can be improved speed-wise. They can make it a little bit light. If you do any query for servers in bulk, it can take some time. Similarly, creating a job can take some time. 

Automation is everything, and we're looking for more automation. If we have different jobs to secure the environment, such as with server hardening, and I want a particular service that is not running, BigFix should automatically check it and do the deployment. It can send a message about why a particular job is not working on the servers or not communicating properly with Active Directory. We should be able to check the reason. We just want just a little bit of monitoring in that area.

For how long have I used the solution?

I have been using this solution for more than three years.

What do I think about the stability of the solution?

It is very stable. You can trust and rely on an automated job. It will definitely work. You get a proper message if it is not working for any particular reason. It gives you a complete picture.

What do I think about the scalability of the solution?

It is definitely scalable. We are managing around 20,000 servers with it, and we have more than 100 users. We are providing web report access to application users as well. We create a job and provide access to different teams, such as the monitoring team, backup team, and security team to deploy the job. So, it is definitely scalable.

How are customer service and support?

I have personally worked with them because I request them to create access for all my colleagues. If required, I log a case in BigFix. Earlier the support was very good for BigFix, but now, HCL is facing some challenges. We are getting support, but we need more in that area. Their support was much better as compared to this time.

Which solution did I use previously and why did I switch?

I have not worked with a similar solution previously. We purchased Tanium
two to three years ago. It is being used by a different team, but we are still using BigFix. We want to replace BigFix, but we are not able to because we are more comfortable with it. So, we are continuing with BigFix.

How was the initial setup?

It is very easy. It is simple to understand. Even though I had requested training for BigFix, I would have been able to work with it without training.

What's my experience with pricing, setup cost, and licensing?

Its price is very reasonable.

What other advice do I have?

I have been recommending BigFix to my friends and different companies. We are very happy with BigFix. 

I would rate it a nine out of ten. It is an excellent product, but there is always room for improvement.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Security Administrator at IBM
Real User
Vendor patches are synchronized automatically, but feature updates are not synchronized
Pros and Cons
  • "All the vendor patches are synchronized automatically."
  • "In-place and OS upgrades can be improved."

What is our primary use case?

I'm a full stack developer and we are customers of BigFix. 

What is most valuable?

All the vendor patches are synchronized automatically, which is something you don't find in other tools. It enables an unlimited number of management fixes to be created automatically. For software deployments and software package staging, we can easily use a web script and deploy directly which is another great feature.

What needs improvement?

Improvements can be made when it comes to in-place and OS upgrades. For example, SCCM provides a feature upgrade that's automatically synchronized, whereas in BigFix it doesn't synchronize for feature updates for Windows 10.
I'd also like to see some more advanced reporting tools. 

For how long have I used the solution?

I've been using this solution for about four years. 

What do I think about the stability of the solution?

The solution is generally stable although sometimes our customers will report some issues and it's not always easy to find the source. 

What do I think about the scalability of the solution?

The scalability is fine. 

How are customer service and support?

We don't really use customer support. We have enough knowledge for reporting and deployments, and we have a TRC that allows us to access the remote of the end-users and check any problems. 

How was the initial setup?

The initial setup is straightforward. 

Which other solutions did I evaluate?

If you compare BigFix with SCCM, both have their own specialty tools. In some cases, I prefer BigFix and in others I prefer SCCM. If you're talking about patching, I'd go with BigFix but if it's connected to image management, then I'd go with SCCM.

What other advice do I have?

I rate this solution seven out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
SandeepTyagi - PeerSpot reviewer
Senior Cloud Analyst at a tech services company with 51-200 employees
Real User
Top 10
Provides good reporting, Windows patching, and hardware and software inventory
Pros and Cons
  • "The most valuable features of the solution are Windows patching and the hardware and software inventory."
  • "The solution’s pricing could be improved."

What is most valuable?

The most valuable features of the solution are Windows patching and the hardware and software inventory. The solution's reporting is very good in a single console.

What needs improvement?

The solution’s pricing could be improved.

For how long have I used the solution?

We have been doing a POC for the last three months with BigFix's Evolution version.

What do I think about the stability of the solution?

I rate the solution a nine out of ten for stability.

What do I think about the scalability of the solution?

Around 500 users are using the solution in our organization.

I rate the solution an eight or nine out of ten for scalability.

Which solution did I use previously and why did I switch?

Intune only supports Windows and does not support other platforms like Unix and Linux. On the other hand, BigFix supports all platforms.

How was the initial setup?

The solution's initial setup is simple and not complex. I have done the full server installation and configuration thrice, and it's not complex.

What's my experience with pricing, setup cost, and licensing?

On a scale from one to ten, where one is expensive and ten is cheap, I rate the solution's pricing one out of ten.

What other advice do I have?

Patch management is configured in existing endpoint computers. We are pushing the custom policy deployment in weekly patches, which require critical and important patches. Since it's a by-policy, it's pushed automatically. We have enabled the solution's remote endpoint management option, but we are primarily focussing on licensing hardware and software inventory.

BigFix's integration with our IT infrastructure was easy. I would recommend the solution to other users.

Overall, I rate the solution ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
reviewer2139978 - PeerSpot reviewer
Team Manager with 201-500 employees
Real User
Top 20
Great for patching, works well with third-party products, and reliable
Pros and Cons
  • "We've had no issues with stability."
  • "It could use better integration with Hypervisor products like VMware."

What is our primary use case?

We primarily use the solution for patching.

What is most valuable?

The solution offers great patching, even for third-party patching. Many organizations know how to patch Microsoft products. However, the biggest benefit for BigFix is third-party patching. It can patch Notepad and Java - all of these third-party products that are non-Mircosoft.

It's stable. 

The implementation process is simple. 

It can scale. 

What needs improvement?

I'm not sure if there are any extra features needed.

It could use better integration with Hypervisor products like VMware. This is where it is lacking right now. There are articles available explaining how to integrate with VMware. However, it's my understanding that it is somewhat difficult. 

I am not sure if this is available on the cloud or not. 

For how long have I used the solution?

I've been using the solution for three years. 

What do I think about the stability of the solution?

The solution is stable. I'd rate it eight out of ten. We've had no issues with stability. Performance-wise, it has been fine. 

One of the issues that my guys come across is it can take up to 48 hours before the Microsoft patches are available in BigFix since we are a day ahead in New Zealand. 

What do I think about the scalability of the solution?

I'm not sure how many people are using the solution in our organization. 

The scalability is okay. I'd rate the solution seven or eight out of ten in terms of the ease of scaling. My experience with scaling has been pretty good. 

How are customer service and support?

There is a lot of web access and online groups available, which are quite good. I don't necessarily have access to support and, therefore, cannot speak to their level of support.

We do have an internal team that would be able to get hold of support.

Which solution did I use previously and why did I switch?

I'm also familiar with ECCM. However, it only patches Microsoft products. We've also used BatchPatch, used for pushing scripts, among other solutions.

How was the initial setup?

I helped with the installation process for two customers. The installation was reasonably swift; however, the actual consideration and moving the patching products across into BigFix that can take a long time. The configuration took six to 12 months. 

A massive gain for BigFix would be if it was able to go and interrogate products like SCCM and import the patching sequences and groups, it would make it much easier. 

I'd rate the initial setup process seven out of ten. It does take quite a long time to bring everything across from other products. 

What's my experience with pricing, setup cost, and licensing?

I'm not sure of the exact licensing structure. It might be about $23 a client. Some of the modules, such as security compliance and lifecycle, may cost extra. For example, the integration with BigFix and Micorosft Defender may require an extra license. 

What other advice do I have?

I'm an avid BigFix fan, and we use it in my company quite a bit.

We're the biggest vendor in New Zealand, and we have it installed in our organization and fed out to clients. 

This is our patching product of choice. All new customers get BigFix implemented, and existing customers are encouraged to have it as well. 

We're an integrator. 

We're completing a new client install and working on the configuration of patching, and this is the best tool we've ever implemented for this customer. I love this tool. It could just be a bit more accessible.

I'd recommend the solution. I'd rate it nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Ali Dahbi - PeerSpot reviewer
Head of IT Onsite Support at a energy/utilities company with 1,001-5,000 employees
Real User
Effective patch management, plenty of features, and simple deployment
Pros and Cons
  • "The most valuable and essential features of BigFix are all of them, they are needed when serving the purpose of the desktop operation framework. We cannot run operations without patching or without having an appropriate mechanism for deploying software, et cetera. The features all serve their purpose for our use case."
  • "BigFix can improve the way machines report back to the console. In the external relay management environment, it has become more of a hybrid environment with most of the machines not being on-site. The need of having public-facing reporting items interconnected is becoming more and more crucial. In general, the reporting could use some enhancement."

What is our primary use case?

We are using BigFix for desktop management, endpoint management, inventory, application control, remote control, building machines, master images, OS deployment, and software distribution.

What is most valuable?

The most valuable and essential features of BigFix are all of them, they are needed when serving the purpose of the desktop operation framework. We cannot run operations without patching or without having an appropriate mechanism for deploying software, et cetera. The features all serve their purpose for our use case.

The one feature that provided the most value and efficiency would be patch management. It's the most powerful feature in BigFix.

What needs improvement?

BigFix can improve the way machines report back to the console. In the external relay management environment, it has become more of a hybrid environment with most of the machines not being on-site. The need of having public-facing reporting items interconnected is becoming more and more crucial. In general, the reporting could use some enhancement.

In a future release, it would be a benefit to have a cloud-based solution with external cloud-based relays. Additionally, having a remote control in the cloud feature would be interesting.

For how long have I used the solution?

I have been using BigFix for approximately four years.

What do I think about the stability of the solution?

BigFix is stable. However, there have been a few minor issues, such as the relay's not reporting.

What do I think about the scalability of the solution?

The scalability of BigFix is good. How deployment is not that large in size. The exercises that we do are pretty limited.

We have approximately 30 administrators using this solution.

How are customer service and support?

Our company has a good relationship with the reseller that we work with and the support they provide to us is fair.

How was the initial setup?

The initial setup of BigFix was easy because we started from scratch, we didn't have a CCM before. The deployment of BigFix is a powerful feature, it is simple to do.

What's my experience with pricing, setup cost, and licensing?

The price of BigFix could be lower. However, I am always seeking a lower price.

What other advice do I have?

My advice to others is for them to take a holistic approach while designing. Don't look at one functionality, but look at the environment as a framework. View it from all aspects and merge operation with security. Don't let your focus be on the compliance of your environment or on the operation element alone, take other aspects into consideration, such as the security aspect, which is fast remediation, vulnerability management, and end-of-life management.

I rate BigFix an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Engineer with 10,001+ employees
Real User
Drastically reduced the maintenance window period to patch and reboot servers
Pros and Cons
  • "BigFix has drastically reduced the maintenance window period to patch and reboot servers."
  • "I would like to see a web UI SDK so we could take what is provided currently and be able to build our own customized web UI for particular customers that want to sell service."

What is our primary use case?

Our primary use case is for the automation of patch compliance.

How has it helped my organization?

BigFix has drastically reduced the maintenance window period to patch and reboot servers.

It has helped to reduce network traffic when it comes to downloading patches. There's a single download to the primary BigFix server which is then replicated and cached on the Relays for all data center connected servers.

Due to the automation, we've been able to prevent a lot of human errors with BigFix so it's reduced our help desk calls by 50%.

Finally, it has helped us to compress patch cycles by around 75%.

What is most valuable?

The power is in the Platform!

What needs improvement?

I would like to see a WebUI SDK so we could take what is provided currently and be able to build our own customized web UI for particular customers that want to sell service.

What do I think about the stability of the solution?

It's extremely stable. 

What do I think about the scalability of the solution?

It's very scalable. 

How are customer service and technical support?

Their technical support is excellent. 

Which solution did I use previously and why did I switch?

We've used BigFix in the past with other companies so we knew BigFix was a superior tool. Ten years prior, the current tool we were using had a lot of overhead, was time-consuming, used a lot of resources, and time spent on it. We knew there were better tools out there. 

It's far superior and there's no comparison to SCCM. It is so easy to navigate in the console. Everything's in a single view within a fixlet or a task. You can tell what actions are taking place versus having to go through separate menus in your console to figure it out. Just that alone and knowing instantly what your environment looks like based off of content makes BigFix superior. 

How was the initial setup?

The initial setup was very straightforward. It's simple infrastructure to set up in comparison to other tools, like BladeLogic or SCCM, very simple infrastructure to set up.

What about the implementation team?

We implemented ourselves. 

What other advice do I have?

I would rate it a ten out of ten. It hasn't changed much since it's inception, so it's a superior product and it's just going to get better with the expansion of the API endpoint security and WebUI.

If you're considering BigFix, you should look deeper than just what's on the retail box of patch and compliance and software distribution. Look at the platform, what it can do on the back, and the relevance language, and the reporting capabilities. There's a lot more to this that you can use in your DevOps org to accomplish automation tasks.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free BigFix Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Buyer's Guide
Download our free BigFix Report and get advice and tips from experienced pros sharing their opinions.