BigFix Reviews

It matches with the ILMT tool. We're trying to validate the licensing for IBM software. 

We're using the permanent discovery tool for septic for hardware and software too. For IBM, we have to use that due to the reporting of sub-capacity licenses.

It's mostly easy to use.

The sub-capacity licensing is the most valuable aspect of the product right now for us. 

It's good for reporting hardware and software. 

The solution is stable.

Technical support is helpful.

It scales well.

It's got some complexity when we're trying to figure out the IBM setup for software.

The sub-capacity licensing was a challenge for some of it. We had trouble getting it to calculate right.

It's better for hardware discovery. We get to increase its capabilities for hardware discovery. They need to enhance their sub-capacity capabilities, so we can use it easier for sub-capacity so that it is less of an art form and more of a science.

We'd like agents to be able to collect usage.

I've used the solution on and off for about eight years or so. I've used it for quite a while now. 

It is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze.

The solution has scaled well for what we are doing. 

Technical support has been very good. Sometimes they can't do things if it is not a function of the system; however, if the function of the system is possible, they help us and make it work. We are satisfied with the level of support we get. 

The initial setup was not overly complex. The complexity was the handling of configurations. 

The pricing was good. We had government pricing going into the project and it was pretty fair. 

I am using the latest version of the solution. I am not sure of the exact version number. I help different companies. Some are on the latest, and some aren't.

I'd advise people to understand what data they need and that the solution can actually pull that data in the right format for them.

I'd rate the solution eight out of ten. 

We're using it for Windows patching and inventory. We are totally dependent on BigFix for these tasks.

Almost every feature is wonderful in BigFix. It is very stable, and we can rely on it. It is an awesome tool.

It can be improved speed-wise. They can make it a little bit light. If you do any query for servers in bulk, it can take some time. Similarly, creating a job can take some time. 

Automation is everything, and we're looking for more automation. If we have different jobs to secure the environment, such as with server hardening, and I want a particular service that is not running, BigFix should automatically check it and do the deployment. It can send a message about why a particular job is not working on the servers or not communicating properly with Active Directory. We should be able to check the reason. We just want just a little bit of monitoring in that area.

I have been using this solution for more than three years.

It is very stable. You can trust and rely on an automated job. It will definitely work. You get a proper message if it is not working for any particular reason. It gives you a complete picture.

It is definitely scalable. We are managing around 20,000 servers with it, and we have more than 100 users. We are providing web report access to application users as well. We create a job and provide access to different teams, such as the monitoring team, backup team, and security team to deploy the job. So, it is definitely scalable.

I have personally worked with them because I request them to create access for all my colleagues. If required, I log a case in BigFix. Earlier the support was very good for BigFix, but now, HCL is facing some challenges. We are getting support, but we need more in that area. Their support was much better as compared to this time.

I have not worked with a similar solution previously. We purchased Tanium
two to three years ago. It is being used by a different team, but we are still using BigFix. We want to replace BigFix, but we are not able to because we are more comfortable with it. So, we are continuing with BigFix.

It is very easy. It is simple to understand. Even though I had requested training for BigFix, I would have been able to work with it without training.

Its price is very reasonable.

I have been recommending BigFix to my friends and different companies. We are very happy with BigFix. 

I would rate it a nine out of ten. It is an excellent product, but there is always room for improvement.

The most valuable feature of BigFix is the ability to manage all the clients that we have in our environment. So, every PC that we have has to come in and BigFix aids in all that so that we can record it, add software to it and also inventory it. So, just having that ability to see everything and inventory everything helps everybody from the technical aspect, to know what's on the PC; especially when it needs to be reimaged.

One of the improvements is the patching process and being able to get security patches out. We have 50,000 PCs in our environment and are able to patch those PCs in a relatively quick timeline.

Dynamic messaging needs improvement because one of the things that we deal with a lot is the messaging when pushing releases out. I know that there is a message we can display, but it's post-installation. On the post-installation, we have to either check on the PC or reboot the PC. We just want to be able to have a static message and to be able to take an action at any time, as well.

Documentation is always key. I like simple documents and also being on a team with a small amount of people. There is a lot that can be done with the product, and it needs good documentation to where you can see how the different pieces of the product interact with each other and what they can and can't do; but on a layman’s level.

It is very stable. We haven't had any issues on any downtime that inhibits our ability to get things out, so it's been pretty stable.

It seems to be very scalable. We went from roughly 24-25,000 assets to 50,000 PCs in five years. So, we're looking to grow and it seems like it's very capable to handle what we have in store.

Support is very awesome. Every time we have needed something from technical support, they have been on top of everything with a very quick turnaround in the issues that we've had with the product.

We were using an old IBM solution framework solution and some custom scripts that we had built around the framework solution to do our software distribution. When BigFix came along, we went right into the BigFix framework.

When choosing a vendor, one thing that is always critical is, how much does it cost? It needs to be cost effective. Support is also one of the things that we look for. We have a small team so when we are looking at vendors, we want to know if they provide any training. Also, can any kind of training dollars be rolled into the product or can experts come on site to train? We also want to hear customer feedback about how the company or the product are doing at another company's site that is similar to ours.

I was not involved in the initial setup. A coworker of mine actually set it up and got it going, and I came in on the back end. Right now, I'm actually going to be taking that over.

The setup was straightforward. I don't think it was too complex. I know that we have some complexities with the way some things are set up in our environment, but the product itself is pretty straightforward.

If they are able to get it into the environment and run some type of proof of concept and be able to kick the tires a little bit, that would be the best way go with any product.

BigFix is primarily used for patch management, compliance, and security patches.

It covers multiple operating systems and helps patch customers with patch management services, alleviating patch management issues for our customers.

It covers multiple operating systems and helps with patch management. BigFix is also valuable for its inventory, license inventory, and compliance with server hardening.

BigFix could improve its asset management capabilities to discover assets, including hardware. More improvements could be made in asset management.

We have been reselling BigFix for three years.

The overall stability of the solution is good with no reported issues.

The solution is very easy to scale.

Customer support from HCL is satisfactory and not usually an issue.

Neutral

The installation is quite smooth and can be managed by one person, depending on the complexity and size of the environment.

Our project team managed the installation quite smoothly.

There has been a significant return on investment, particularly saving time and resources in patch management and compliance. It saves approximately 40% to 50% of time and resources.

The pricing is competitive, but not the most competitive.

We primarily use the solution for patching.

The solution offers great patching, even for third-party patching. Many organizations know how to patch Microsoft products. However, the biggest benefit for BigFix is third-party patching. It can patch Notepad and Java - all of these third-party products that are non-Mircosoft.

It's stable. 

The implementation process is simple. 

It can scale. 

I'm not sure if there are any extra features needed.

It could use better integration with Hypervisor products like VMware. This is where it is lacking right now. There are articles available explaining how to integrate with VMware. However, it's my understanding that it is somewhat difficult. 

I am not sure if this is available on the cloud or not. 

I've been using the solution for three years. 

The solution is stable. I'd rate it eight out of ten. We've had no issues with stability. Performance-wise, it has been fine. 

One of the issues that my guys come across is it can take up to 48 hours before the Microsoft patches are available in BigFix since we are a day ahead in New Zealand. 

I'm not sure how many people are using the solution in our organization. 

The scalability is okay. I'd rate the solution seven or eight out of ten in terms of the ease of scaling. My experience with scaling has been pretty good. 

There is a lot of web access and online groups available, which are quite good. I don't necessarily have access to support and, therefore, cannot speak to their level of support.

We do have an internal team that would be able to get hold of support.

I'm also familiar with ECCM. However, it only patches Microsoft products. We've also used BatchPatch, used for pushing scripts, among other solutions.

I helped with the installation process for two customers. The installation was reasonably swift; however, the actual consideration and moving the patching products across into BigFix that can take a long time. The configuration took six to 12 months. 

A massive gain for BigFix would be if it was able to go and interrogate products like SCCM and import the patching sequences and groups, it would make it much easier. 

I'd rate the initial setup process seven out of ten. It does take quite a long time to bring everything across from other products. 

I'm not sure of the exact licensing structure. It might be about $23 a client. Some of the modules, such as security compliance and lifecycle, may cost extra. For example, the integration with BigFix and Micorosft Defender may require an extra license. 

I'm an avid BigFix fan, and we use it in my company quite a bit.

We're the biggest vendor in New Zealand, and we have it installed in our organization and fed out to clients. 

This is our patching product of choice. All new customers get BigFix implemented, and existing customers are encouraged to have it as well. 

We're an integrator. 

We're completing a new client install and working on the configuration of patching, and this is the best tool we've ever implemented for this customer. I love this tool. It could just be a bit more accessible.

I'd recommend the solution. I'd rate it nine out of ten.

We use BigFix as our primary automation platform. We use it to tie in disparate tasks and services that we need to apply to our servers. We use it for patching, reporting, and compliance.

We are able to use BigFix through API connections to automate and reduce resources and time. The product's been great for us. It's increased the security posture ten-fold and it's increased our visibility across our endpoints enormously.

It has helped us to reduce network traffic when it comes to downloading patches. We don't have a million machines reach out in the middle of the night to get devices. We have BigFix on our cruise lines in which satellite connectivity is limited. We had to pay per byte that goes across the wire. 

We use BigFix to compare our past and present patch cycles. We use it to report on the success of patching and what patches are available. It lets us do postmortems to find out when a patch was first available, first supplied, and if it had any issues.

Using BigFix and the automation we built we've been able to reduce patch time from three hours and 37 minutes on average to less than twenty minutes per server. 

Through using our automation we've seen a reduction in failures, critical patch failures, probably by about three or four percent.

The most valuable feature would be its flexibility. It's one product that works across multiple OSs. We have one agent that will sit on six to seven different OSs in our environment. I can use one console to push a patch to six or seven different OSs in one view. I don't have to jump from screen to screen or remote log-in.

I don't like the peer to peer file transfers feature. Security wise, it's a bad format and it's not useful. 

I would like to see API connectivity, built-in API connectors to the standard toolsets, whether it's for ServiceNow or Qualys. More API connectivity to make it easier to integrate to other tools.

It's very stable. We haven't had any major issues from it. Most times, we have false positives. Our people tell us that BigFix is doing something and we go back and look and it doesn't.

It's been scalable for us. We've taken it from physical to virtual, from virtual to cloud, from on-prem to off-prem seamlessly.

Their technical support is above average. Sometimes, because there are different modules, we'd get bounced to different help desks. It's frustrating that we don't have a one-stop shop. Overall, when we do get the right person, it's quick and easy. 

We rebuilt it three years ago from the ground up and the setup wasn't complex.

We've seen ROI time-wise. We reduced compliance reporting from about 100 hours per server to less than six. We reduced patch time from three hours and a half to less than twenty, and we've reduced the patch man-hours from about five to six people per eight-hour shift. 

We also considered Red Hat and Microsoft. We chose BigFix because we saw more fidelity in reporting, more fidelity in accuracy, and more fidelity in security. 

It's a night and day difference between BigFix and SCCM. Anyone who's used SCCM before knows that BigFix provides a far better product in scalability, reporting, and the accuracy of patching.

I would rate it a ten out of ten. It's worked for what we wanted. It's provided one screen to look across different OSs. It's also provided speed and flexibility. We're able to integrate it to all of our tools, do things to other servers and automate things that aren't done on one platform.

My advice to someone considering this solution would be to find a tool that can span as many OSs as possible. If you're using three different patching tools to approach three different OSs, you're probably lost. 

Our primary use of this solution is for endpoint patching and to deply operating system level patches to seventy-five thousand plus Mac and Windows endpoints.

Before we had BigFix, we had problems with some malware. BigFix allows us to immediately patch all instances of endpoints that are vulnerable to antivirus and initiate scans. That's key.

It helps us to compress our patch cycles. With our patches, I can make sure 80% of the community has got their endpoint patching up to current standards, which is a current patch cycle within a week and a half.

Finally, it has helped us to avoid compliance issues, potentially by millions. We use it for device compliance. It's key that endpoints with a certain type of data, if they were to get lost and not encrypted, would need to be reported and those would need to be reported to a federal agency. This can mean associated fines in the hundreds of thousands if not millions. We have lost endpoints with data on there, but because we can confirm with BigFix that they were verifiably encrypted, we are protected and don't have to make those sorts of reports. It has saved us maybe millions in funds.

One of the most valuable features is the ability to be able to check relevance. You can see what's applicable for what patches and deploy only the required patches to those individual endpoints.

The peer to peer file transfers feature is scary to me. I'm a security engineer, so thinking about sending updates or any sort of infrastructure level software communications coming from an endpoint that I didn't build or maybe don't trust is a bit scary.

I want to see a solution for being able to deploy automated software to a Mac running OS X 10.13, something that's going to deal with kernel exceptions and answering prompts for user permissions for data folders and whatnot. They need to really streamline and automate the Mac software deployment.

Stability is totally safe. We've been using it for years and years and it hasn't done us wrong.

Scalability is awesome. We've gone from twenty thousand machines to seventy thousand machines and there's plenty of room for lots more.

Any time I've had to call or take it up with the support at BigFix, I've had nothing but the best support. The engineers get what it is we're trying to do. We've had an outstanding relationship with them, and some of them even know us on a first name basis. Very good support.

The initial setup was pretty straightforward, but that was 2006, 2007. A lot has changed. It would be a little bit more intense right now.

We also looked at Altiris but BigFix came in because of its unique capabilities. It was Mac and PC compliant and worked with our endpoints. At the time, the price was right for us. There was local support and we had a very personal relationship with BigFix.

SCCM will do most of the Mac stuff I want but doesn't give you the highly targeted capabilities I have in deploying anything I want to endpoints in any configuration that I choose.

I would rate BigFix a ten out of ten. It has saved me so much time in patching alone. The capabilities it gives me for very granular targeting of endpoints based on whatever criteria that I can come up with is great. It is very simply a tool that can do just about anything. There is always room for improvement. I want to see better capability in Mac software deployments. Apple changed some of their policies, so I'd like to see BigFix get up to speed with that. 

I would advise someone considering this solution to jump heavily into the community features. The BigFix forums are fantastic, we have an amazing user community that has been so helpful for me and it's a great learning resource for folks who are new to BigFix. It's a great community for people who are more experienced, people share that and help each other out. The community is fantastic.

I'm a long time user for endpoint management and now I do consulting so I design solutions for end customers.

It has improved my organization because we can automate a lot of tasks. We went from manually patching machines or doing our best and having very little visibility into it to us being able to "set it and forget it" and getting really good results on first-pass patching.

In addition, it has also helped us to reduce network traffic when it comes to downloading patches. It's very easy to throttle the network traffic, Instead of us taking down the network, downloading hundreds of patches, we're able to set a throttle, and then also spread it out over a period of time, which helps a lot.

It has helped to compress our patch cycles. In some cases, a hundred percent because in some areas, patching wasn't happening. We went from not patching to just automating it.

Finally, help desk calls have been reduced. We were able to look at help desk calls and find out which ones were most common and start automating that with BigFix. For some various organization, a quarter to half of our help desk calls were knocked out.

It's incredibly powerful and it's very extensible. Meaning, it's very easy for us to customize the platform to solve a number of different tasks for us.
We enjoy using peer-to-peer file transfers as a peering system for files. It provides built-in redundancy and we can control it all from the console, which is nice.

I would eventually like to see a SaaS offering, a cloud-hosted BigFix instance where we only have to put a relay in our environment. 

Stability is incredible. A lot of times people will let it run forever without touching it because it just keeps going. Once you stand up the solution, there's very little that you have to do. Just the occasional update and that's it.

Scalability is awesome. For one, it supports around a quarter of a million endpoints, which is a lot. It's also very easy to stand up relays anywhere in the world. It's incredibly scalable.

Technical support is pretty good. I have never had any issues with support. Primarily, though, I go to the BigFix community which has been super helpful.

We initially switched because we had different solutions for all different platforms. We had one for MAC OS, we had one for Windows, and we weren't really using them that much so we were able to use it to manage all of them with a single tool instead of a bunch of different ones.

The initial setup is very easy. 

BigFix is way better than SCCM. SCCM doesn't do MAC OS or Linux. It takes a lot of time to manage, it's a lot of work, there are all kinds of ports that you need to open, and it's just a pain to manage.

I would rate BigFix a nine out of ten because I really enjoy the tool but there's always room for improvement and there's always something to add. I've been really happy. There's a close-knit community. It's super easy to get help. They're always adding new features. I'm very happy with it.

I would advise someone considering this solution to try it out. Set up a demo, give it a shot, turn on some auto-patching, and then just watch as your organization self-heals.