What is MCM?
BigFix Modern Client Management is a new feature introduced to the platform as part of BigFix V10. MCM leverages Mobile Device Management (MDM) technology, inherent in Windows 10 and macOS (10.15 and higher), to aide in enrollment and management of these devices without the need for a BigFix agent to be installed.
MCM for BigFix
BigFix has always been a fan favorite due to its ability to manage endpoints from a collection of backgrounds (Windows, Linux, Physical, Virtual, On-Premise and Cloud) and now with MCM capabilities we expand our reach with our ability to manage endpoints with or without a BigFix agent! By leveraging the MDM technology in Windows 10 and macOS devices, BigFix enthusiasts can access a BigFix web portal (on or off the corporate network) and then using their corporate credentials, enroll the device for BigFix management. Once the device has been enrolled and is reporting into BigFix, you have the option to continue to manage the device via that endpoints native MDM capabilities or deploy the BigFix agent seamlessly from the BigFix WebUI should that endpoint require additional management than what each respective operating system offers natively.
What MDM capabilities are available with BigFix MCM?
Once a device has been enrolled in MCM, you have the ability to define Policies for the management of a collection of devices or you can issue commonly used actions to a single endpoint or sets of endpoints. BigFix MCM gives you the ability, out of the box, to manage passcode policies, full disk access, and kernel extensions on your enrolled MCM devices. To ensure a strong passcode on BYOD (Bring Your Own Device) devices, you can set that passcode policy within the BigFix WebUI with settings including character length, lockout interval, and maximum login attempts.
To enable a BYOD strategy, organizations can direct their employees to the BigFix MCM portal for enrollment. And once enrolled, that employee’s personal laptop would then be subscribed to the aforementioned policy, ensuring the employee’s machine has a passcode that conforms to the maximum length, etc.
In keeping with BigFix’s celebrity, when you need to do more than what the out-of-the-box policies provide, BigFix MCM gives you the option to create custom policies!
Custom MCM Policies
Windows 10 and macOS have a significant amount of inherent MDM capabilities. When you are managing one of these devices via BigFix MCM, you have the ability to tap into all of those by leveraging BigFix’s Custom Policy feature.
One use case in particular that resonates with many organizations using BigFix is how we handle endpoints which are believed to be compromised. For example, let’s say that a remote Windows 10 laptop has been generating some suspicious activity. By leveraging the Custom Policy in BigFix MCM, you can define an action that, once deployed, will instruct that endpoint to reboot into Windows Defender Offline which a offline scanning tool that runs without starting your operating system that prevents malicious inbound/outbound connections and detect and removes any malicious content that might be causing the suspicious activity. This is just one example of the many use cases BigFix MCM now enables administrators to take advantage of by pairing our custom policies with the native MDM capabilities within Windows 10 and macOS.
BigFix Adapts as Endpoint Management Evolves
As the landscape of endpoint management expands, BigFix capabilities grows too. The Modern Client Management capability is BigFix’s latest effort to deliver capabilities our customers need to support their ever-changing environments that provides the versatility to change how their endpoint environment is managed. BigFix MCM is integral to organizations who want a reliable and proven approach for implementing a BYOD policy and supporting remote workers.