Our primary use of this solution is for compliance management, patching, and security configuration management.
Product Line Manager at a tech company with 10,001+ employees
Enables us to keep systems up to date, deploy new drivers, and find the information we need in the case of security incidents
Pros and Cons
- "It allows us to quickly deploy capabilities that we need, whether it be security or non-security. We use it to keep systems up to date, deploy new drivers, find the information we need in the case of security incidents. The capability allows us to gather a lot of information very quickly and it also allows us to have a centralized reporting feature and a centralized deployment capability which is nice."
- "The scalability of the web UI product doesn't scale to the size that we need for our implementation so it needs to expand. I would also like to see the capability to develop on the back of the web UI capability. There are lots of web features and integrations that we could do with web UI that it would be nice to be able to put on top of what's already there, rather than waiting for IBM to develop what we need."
What is our primary use case?
How has it helped my organization?
It allows us to quickly deploy capabilities that we need, whether it be security or non-security. We use it to keep systems up to date, deploy new drivers, and find the information we need in the case of security incidents. The capability allows us to gather a lot of information very quickly and it also allows us to have a centralized reporting feature and a centralized deployment capability, which is nice.
It has helped to reduce network traffic when it comes to downloading patches with the relay structure. Talking from the corporate server down to the relays and then to the endpoints, it has helped from that perspective. It still causes impacts, not because of the capability itself but because of the content that's being provided by Microsoft and other vendors is just so large that it starts having impacts whether you want it to or not, no matter what kind of infrastructure you put in place.
What is most valuable?
The flexibility of the capability of being able to use the out-of-the-box content that we get from the vendor as well as develop our own capabilities on top of the core capability is the most valuable feature.
What needs improvement?
The scalability of the web UI product doesn't scale to the size that we need for our implementation so it needs to expand. I would also like to see the capability to develop on the back of the web UI capability. There are lots of web features and integrations that we could do with web UI that it would be nice to be able to put on top of what's already there, rather than waiting for IBM to develop what we need.
Buyer's Guide
BigFix
December 2024
Learn what your peers think about BigFix. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
What do I think about the stability of the solution?
The core capability is very strong and hasn't changed a lot. Sometimes it is harder than others to get to some of the newer features, mostly just because we have a very large install base, and so having the time to roll out new capabilities is hard. Overall the stability and the upper trend of the capability is very good.
What do I think about the scalability of the solution?
Scalability is good.
How are customer service and support?
Overall, technical support is very good. Sometimes you have to figure out a different way to get to what you want and you have to escalate through multiple layers to get to the right solution. We've been using the tool for long enough that we don't need the easy help, we need the hard help. Sometimes that's really hard to get to and then the turnaround cycle between when we report an issue and when we hear back and being able to get data to the right people at the right time, we end up having to re-open tickets over and over again because we don't have the data that they need. Sometimes they ask for something and we have to go ask somebody else for it and get it back to them and by then the SLA has run out, so that's not good.
What about the implementation team?
We implemented internally. We've worked with IBM professional services for new capability and assistance with improving our overall capability but we didn't use them directly to implement. We've been using the tool for a really long time.
Which other solutions did I evaluate?
It's better than SCCM, it's more flexible.
What other advice do I have?
I would rate it a seven or eight out of ten. The pain points that we have are particular to us just because of the size of our implementation, the number of endpoints, etc. Overall, I think it's a great product and a product that most people would really get a lot of benefit out of. The things that we struggle with are things that are particular to our organization.
If you're considering this solution, get involved with the user community early, make relationships with the development organizations, learn how you can advocate for yourself. User group kind of things are the best way to learn. Learning from other people who have been using the tool for a long time is probably the easiest way to see the most effective implementation and best use of your resources using the tool.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Developer at Jack in the Box
Improved reliability upon the delivery of software and has helped reduce software expenses
Pros and Cons
- "It has improved reliability upon delivery of software and has also helped reduce software expenses. The extensibility of BigFix helps to create custom solutions where we may have considered purchasing something instead."
- "I would like to see much better web reporting because as it is now, it's convoluted, basic, it's not modern, and there are limitations to it."
What is our primary use case?
Our primary use case of this solution is to develop custom content to deliver to restaurants.
How has it helped my organization?
It has improved reliability upon delivery of software and has also helped reduce software expenses. The extensibility of BigFix helps to create custom solutions where we may have considered purchasing something instead.
We use it for PCI compliance and checking to see if endpoints are in a state where they need to be patched or not up to a certain level so it has helped us avoid compliance fees.
What is most valuable?
Being able to report directly on aspects of the system is the most valuable feature for us. Meaning, instead of reporting on just an error code or something, you can inspect actual files, properties, registry keys, etc.
What needs improvement?
I would like to see much better web reporting because as it is now, it's convoluted, basic, it's not modern, and there are limitations to it.
What do I think about the stability of the solution?
The stability is excellent. I haven't had issues with BigFix crashing unexpectedly or anything like that.
What do I think about the scalability of the solution?
The scalability seems solid. We're a smaller customer. We have about 16,000 endpoints, whereas other companies have hundreds of thousands.
How are customer service and technical support?
Technical support is excellent, as far as the forum support. As far as new product needs, it's mixed. Sometimes if you are asked to submit an official request they go into a black hole.
What about the implementation team?
We implemented in-house.
What other advice do I have?
I would rate it a seven out of ten. You can see all of the code of the custom content that is created for you. That's huge. With a lot of proprietary solutions, it's a black box where you can't see what they're doing and when it messes up you're on your own. With BigFix that was huge because if something goes wrong then you can create your own copy and start troubleshooting it.
I would advise someone considering this solution to have a developer on staff to fully leverage the features of it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
BigFix
December 2024
Learn what your peers think about BigFix. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Systems Engineer at Carolinas Healthcare System
Every PC that we have has to come in, and this product records it, adds software to it and also inventories it.
What is most valuable?
The most valuable feature of BigFix is the ability to manage all the clients that we have in our environment. So, every PC that we have has to come in and BigFix aids in all that so that we can record it, add software to it and also inventory it. So, just having that ability to see everything and inventory everything helps everybody from the technical aspect, to know what's on the PC; especially when it needs to be reimaged.
How has it helped my organization?
One of the improvements is the patching process and being able to get security patches out. We have 50,000 PCs in our environment and are able to patch those PCs in a relatively quick timeline.
What needs improvement?
Dynamic messaging needs improvement because one of the things that we deal with a lot is the messaging when pushing releases out. I know that there is a message we can display, but it's post-installation. On the post-installation, we have to either check on the PC or reboot the PC. We just want to be able to have a static message and to be able to take an action at any time, as well.
Documentation is always key. I like simple documents and also being on a team with a small amount of people. There is a lot that can be done with the product, and it needs good documentation to where you can see how the different pieces of the product interact with each other and what they can and can't do; but on a layman’s level.
What do I think about the stability of the solution?
It is very stable. We haven't had any issues on any downtime that inhibits our ability to get things out, so it's been pretty stable.
What do I think about the scalability of the solution?
It seems to be very scalable. We went from roughly 24-25,000 assets to 50,000 PCs in five years. So, we're looking to grow and it seems like it's very capable to handle what we have in store.
How are customer service and technical support?
Support is very awesome. Every time we have needed something from technical support, they have been on top of everything with a very quick turnaround in the issues that we've had with the product.
Which solution did I use previously and why did I switch?
We were using an old IBM solution framework solution and some custom scripts that we had built around the framework solution to do our software distribution. When BigFix came along, we went right into the BigFix framework.
When choosing a vendor, one thing that is always critical is, how much does it cost? It needs to be cost effective. Support is also one of the things that we look for. We have a small team so when we are looking at vendors, we want to know if they provide any training. Also, can any kind of training dollars be rolled into the product or can experts come on site to train? We also want to hear customer feedback about how the company or the product are doing at another company's site that is similar to ours.
How was the initial setup?
I was not involved in the initial setup. A coworker of mine actually set it up and got it going, and I came in on the back end. Right now, I'm actually going to be taking that over.
The setup was straightforward. I don't think it was too complex. I know that we have some complexities with the way some things are set up in our environment, but the product itself is pretty straightforward.
What other advice do I have?
If they are able to get it into the environment and run some type of proof of concept and be able to kick the tires a little bit, that would be the best way go with any product.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Marketing Coordinator and Project Manager at Attend IT AS
Excellent support, highly scalable and reliable
Pros and Cons
- "The most valuable feature of BigFix is the software deployment."
- "The solution could improve by adding support drivers for different systems and equipment. When you have a lot of different computers if they could fix how to install any updates, firmware, or drivers for different systems or servers it would be good."
What is our primary use case?
I have used BigFix for patch management, compliance for security, and inventory OS deployment to software.
What is most valuable?
The most valuable feature of BigFix is the software deployment.
What needs improvement?
The solution could improve by adding support drivers for different systems and equipment. When you have a lot of different computers if they could fix how to install any updates, firmware, or drivers for different systems or servers it would be good.
In an upcoming release, they should add database support included and deliver the solution as a cloud service similar to the services on Microsft Azure.
For how long have I used the solution?
I have been using BigFix for approximately 10 years.
What do I think about the stability of the solution?
BigFix is extremely stable.
What do I think about the scalability of the solution?
I have found BigFix to be highly scalable. BigFix can be used on 10 computers, 10,000 and 1,000,000 computers. It doesn't matter the number of computers.
We have approximately 50 people using this solution in my organization. We use the solution daily.
BigFix is suitable for both SMB and enterprise customers.
How are customer service and support?
The support from BigFix is excellent.
I rate the support from BigFix a five out of five.
Which solution did I use previously and why did I switch?
I have used other similar solutions previously. The main difference between the other solutions and BigFix is you can do more for a lesser price with BigFix. You can do more with less effort to get it up and work properly. Its broader support for different OS systems.
How was the initial setup?
I rate the implementation difficulty of BigFix a five out of five.
If you choose, for example, Microsoft SSM Configuration Manager, you need a lot of servers, databases, and the configuration of firewalls, et cetera. It's a tremendous cost before you get up and running. With BigFix, in 10 to 15 minutes, you're up and running. Everything is working well.
What's my experience with pricing, setup cost, and licensing?
The price of BigFix is better than the solutions. You are able to pay monthly or annually. There are not any hidden costs with BigFix. There is an additional cost for the SQL database.
I rate the price of BigFix a five out of five.
What other advice do I have?
I would recommend this solution to others. I would advise others the solutions are suitable for small to medium-sized companies, and enterprises.
I rate BigFix a ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior Server Systems Enigineer at a healthcare company with 1,001-5,000 employees
Enabled us to reduce compliance reporting from about 100 hours per server to less than six
Pros and Cons
- "We are able to use BigFix through API connections to automate and reduce resources and time. The product's been great for us. It's increased the security posture ten-fold and it's increased our visibility across our endpoints enormously."
- "I would like to see API connectivity, built-in API connectors to the standard toolsets, whether it's for your ServiceNow or your Qualys. More API connectivity to make it easier to integrate to other tools."
What is our primary use case?
We use BigFix as our primary automation platform. We use it to tie in disparate tasks and services that we need to apply to our servers. We use it for patching, reporting, and compliance.
How has it helped my organization?
We are able to use BigFix through API connections to automate and reduce resources and time. The product's been great for us. It's increased the security posture ten-fold and it's increased our visibility across our endpoints enormously.
It has helped us to reduce network traffic when it comes to downloading patches. We don't have a million machines reach out in the middle of the night to get devices. We have BigFix on our cruise lines in which satellite connectivity is limited. We had to pay per byte that goes across the wire.
We use BigFix to compare our past and present patch cycles. We use it to report on the success of patching and what patches are available. It lets us do postmortems to find out when a patch was first available, first supplied, and if it had any issues.
Using BigFix and the automation we built we've been able to reduce patch time from three hours and 37 minutes on average to less than twenty minutes per server.
Through using our automation we've seen a reduction in failures, critical patch failures, probably by about three or four percent.
What is most valuable?
The most valuable feature would be its flexibility. It's one product that works across multiple OSs. We have one agent that will sit on six to seven different OSs in our environment. I can use one console to push a patch to six or seven different OSs in one view. I don't have to jump from screen to screen or remote log-in.
I don't like the peer to peer file transfers feature. Security wise, it's a bad format and it's not useful.
What needs improvement?
I would like to see API connectivity, built-in API connectors to the standard toolsets, whether it's for ServiceNow or Qualys. More API connectivity to make it easier to integrate to other tools.
What do I think about the stability of the solution?
It's very stable. We haven't had any major issues from it. Most times, we have false positives. Our people tell us that BigFix is doing something and we go back and look and it doesn't.
What do I think about the scalability of the solution?
It's been scalable for us. We've taken it from physical to virtual, from virtual to cloud, from on-prem to off-prem seamlessly.
How are customer service and technical support?
Their technical support is above average. Sometimes, because there are different modules, we'd get bounced to different help desks. It's frustrating that we don't have a one-stop shop. Overall, when we do get the right person, it's quick and easy.
How was the initial setup?
We rebuilt it three years ago from the ground up and the setup wasn't complex.
What was our ROI?
We've seen ROI time-wise. We reduced compliance reporting from about 100 hours per server to less than six. We reduced patch time from three hours and a half to less than twenty, and we've reduced the patch man-hours from about five to six people per eight-hour shift.
Which other solutions did I evaluate?
We also considered Red Hat and Microsoft. We chose BigFix because we saw more fidelity in reporting, more fidelity in accuracy, and more fidelity in security.
It's a night and day difference between BigFix and SCCM. Anyone who's used SCCM before knows that BigFix provides a far better product in scalability, reporting, and the accuracy of patching.
What other advice do I have?
I would rate it a ten out of ten. It's worked for what we wanted. It's provided one screen to look across different OSs. It's also provided speed and flexibility. We're able to integrate it to all of our tools, do things to other servers and automate things that aren't done on one platform.
My advice to someone considering this solution would be to find a tool that can span as many OSs as possible. If you're using three different patching tools to approach three different OSs, you're probably lost.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Infrastructure Security Ops Manager at The Walt Disney company
The most valuable feature for me is the multi platform which is customizable so we're able to do API integration throughout our entire network.
What is most valuable?
The most valuable feature for me is BigFix's multi platform. It's customizable and we're able to do API integration throughout our entire network.
How has it helped my organization?
We're able to to implement automation and reduce touch labor for level one technicalities so we're able to free up more manpower to take on more difficult tasks.
What needs improvement?
- I would like to see it go to the cloud. I want to see it as a management service.
- For us, we basically generate our own API documentation. So I think more API integration would also help.
What do I think about the stability of the solution?
We've had no problems, it's a very stable solution. It's very well supported and has a big forum of users. So you always have a resource to reach out to.
We've actually fixed the patching by improving our patch application by almost 60%. We went from applying 6,000 patches manually to 34,000 on average a month.
What do I think about the scalability of the solution?
It's very scalable. Extremely scalable. Customization is always a big issue for us so we're always able to grow with it.
How is customer service and technical support?
We've used technical support many times. They have great support. We've had international support. We've been on calls with Poland, Ireland, Germany and all our technical experts in the USA.
How was the initial setup?
I wasn't involved in the installation process.
Which other solutions did I evaluate?
When choosing a vendor we think that knowledge of our market place is key. The Walt Disney Company is unique in the environment so we need someone who understands that we work in different ways than a lot of other companies. This also applies with regard to product scalability. We need growth, I don't need to be working with one product in a silo.
What other advice do I have?
I would really encourage them to look into it and take a look at its abilities and think of it as a platform and not just a patching mechanism. Some people think BigFix is just patching. It's a lot more than that so I would ask them to look at the bigger modules.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Systems Engineering at a retailer with 10,001+ employees
With Inventory Services, the speed is key.
What is most valuable?
For me, Inventory Services is heavily used in our environment. The patch management suite, I would say is the second, and very important for us to ensure that we are maintaining our PCI and SOX compliance for the company I work with. In addition to that, we have server automation that we use, security and compliance module, lifecycle management, and OSD. So all of those things are really important for us.
How has it helped my organization?
Clearly, with Inventory Services, the speed is really key. In retail, we need answers very, very quickly. Other competitor products (which we do have in house) just don't compare.
What needs improvement?
Web reports. The interface for web reports is still pretty basic, and really hasn't changed in the seven years that we've had the product, so that would be one thing that would be really nice.
I really don't know that there's really much more that can be added that's already not currently in the pipeline, or currently exists.
What do I think about the stability of the solution?
It's been stable. I've used the product for seven years and I haven't had an issue that has brought things down. So it's been very stable.
What do I think about the scalability of the solution?
Scalability is also really great. We have a very small client base in comparison to what we could potentially do, so scalability is wonderful.
How is customer service and technical support?
In the seven years, I think I've submitted maybe four to five problems. That's it. Response time has always been good.
Which other solutions did I evaluate?
When we're selecting a solution, we want a vendor that we can trust, that is on top of it, on point, and thorough.
What other advice do I have?
I would say I would give it a nine. Only because as I stated earlier, web reports, if that were to improve, I'd give it a ten. There's always room for improvement.
Really understand what your environment is like. Make sure that your network team is engaged with all of that.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Manager at a tech consulting company with 5,001-10,000 employees
Good desktop patching, stable, and scalable
Pros and Cons
- "Desktop patching is the most valuable feature, because with servers, we have complete control over them, and we can simply push patches to the servers."
- "The deployment has room for improvement and can be more streamlined."
What is our primary use case?
We use the solution to push patches to our servers, primarily for desktop and server security updates.
How has it helped my organization?
We proved the endpoint's effective delivery of software updates and conducted a network inventory in BigFix. This significantly improved the completion status and generated reports on the percentage of patching immediately after Microsoft releases the patches. This report is easily available for our end-user computing platform.
What is most valuable?
Desktop patching is the most valuable feature, because with servers, we have complete control over them, and we can simply push patches to the servers. However, desktops are one of the most common sources of leakage, which can occur for different reasons if patches are not uploaded on time. We have significantly improved the desktop side of it. This includes endpoints such as laptops, desktops, and other mobile devices.
What needs improvement?
The deployment has room for improvement and can be more streamlined.
The automation has room for improvement.
For how long have I used the solution?
I have been using the solution for one year.
What do I think about the stability of the solution?
I give the stability an eight out of ten.
What do I think about the scalability of the solution?
I give the scalability an eight out of ten.
Which solution did I use previously and why did I switch?
We previously used Microsoft Windows Server Update Services, but we switched because we could not have a complete schedule for a server to receive updates. We have a few other features in BigFix, such as managing network endpoints, discovering endpoints, and a scanner. All of these features are not available with Microsoft and Linux patching.
How was the initial setup?
It is very important to use the solution effectively. In most installations, we deploy without configuring all the features and implementing them, so we do not gain much from it. Therefore, I think some automation processes can be adjusted to prevent the zero-rate thread.
The deployment phase was somewhat complex due to the need to open many firewalls within the network. Considering the large scale of the company, with fifty thousand employees around the world, I believe that in my previous job, we could have improved communication by reducing the number of ports required for the servers to communicate within the network.
We had a project manager assigned from the BigFix team who listed out all the requirements for effective communication to be established. However, the challenge of implementing BigFix in multiple countries and coordinating with multiple network teams in order to open the required communication between the firewalls was a seemingly hopeless task. If the application uses specific codes that are common in nature, typically those ports are already allowed in the network.
The deployment took us three months.
What's my experience with pricing, setup cost, and licensing?
I give the pricing a seven out of ten. The cost is slightly high.
What other advice do I have?
I give the solution an eight out of ten.
In the deployment phase, we need to get the firewall ports that are required and open ports to the Internet for the DNC-based servers to communicate and download patches. These tasks need to be taken care of during the deployment phase, as it will be very difficult to troubleshoot and fix things once they are implemented. Therefore, the deployment phase needs to be covered effectively. Thinking of the features at a later point in time will not solve all the problems.
When evaluating solutions, there were very few in the market that provided most of the security features. When we evaluated BigFix, it was the VMDR functionality that stood out compared to the others. We would have to use a piecemeal solution or multiple products to be configured in the system. The effectiveness of BigFix was secondary, but we at least had some basic information available regarding security, VMDR management, detection, and response.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free BigFix Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Endpoint Protection Platform (EPP) Configuration Management Patch Management Unified Endpoint Management (UEM)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Cisco Secure Endpoint
SentinelOne Singularity Complete
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Symantec Endpoint Security
Intercept X Endpoint
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
Tanium
ESET Endpoint Protection Platform
Check Point Harmony Endpoint
VMware Carbon Black Endpoint
HP Wolf Security
Buyer's Guide
Download our free BigFix Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between BigFix And Carbon Black Cb Defense?
- SCCM vs BigFix: what are pros and cons?
- What is the biggest difference between BigFix and BMC TrueSight Server Automation?
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?
- What to choose: an endpoint antivirus, an EDR solution or both?
- Are you aware of SIEM platforms that integrate both Active Directory auditing and security monitoring tools?