Don Moss is a Technical Advisor on the BigFix team. Don began using BigFix in 2012 when he was employed at LANDesk, now known as Ivanti. Before joining HCL Software, Don worked at IBM Security as a Security Solutions Architect & Cyber-Security Engineer.  He shares a recent story about why one of his clients who replaced Microsoft Configuration Manager™, often referred to as SCCM, in favor of BigFix.

Many clients are often overwhelmed with endpoint management activities. The plethora of patches across many versions of operating systems keep most IT operations and security organizations very busy. Windows is the predominate operating system and Microsoft Configuration Manager (also known as SCCM) is the most common management tool for patching the Windows OS and Microsoft Office. CIOs implement SCCM because it is ‘free’ since it is packaged with Microsoft Enterprise License Agreements. Unfortunately, there have been a history of issues and some are still plaguing that solution. As a result, BigFix is helping organizations improve their patching and compliance operations. In this blog, I will explain why one of my recent clients decided to replace SCCM with BigFix.

My client is a manufacturer, marketer and distributor of consumer and commercial products with offices and plants in the USA, Latin America, Europe, the Middle East, Africa, and Asia. The company employs about 50,000 people across these geographies, requiring 24×7 endpoint management operations.

HCL learned that IT ops team was getting beaten up by security ops because they found missing patches during their vulnerability scans. The BigFix team was asked to help ascertain the truth. In the side-by-side comparison on a select group of servers, SCCM reported 70-90% compliance while BigFix reported 40-50%. In a deeper investigation, BigFix found missing patches from 5-6 years ago as well as patches released in the past three months!  IT ops and security ops validated the accuracy of BigFix’s patch findings.

Next, my client challenged me to produce the automated reports using BigFix that company executives wanted but were not able to get from SCCM in a timely fashion. For example, IT ops often found that after six hours of patching, SCCM showed an ‘unknown’ patch status for most endpoints. Even after more than eight days, a complete patch status report was still unavailable from SCCM. In a similar test, BigFix was able to show near-real time patch progress within minutes. I was able to show the breadth and width of BigFix reporting and demonstrate to the CIO and CISO that their custom reporting needs could easily provided by BigFix.

BigFix’s return on investment (ROI) was not even questioned because it was clear that BigFix’s efficient patching capabilities would improve their overall security posture over what SCCM was delivering. Since most security incidents are caused by known but unpatched vulnerabilities, having endpoints with missing patches was too great of a security risk than the company could afford. BigFix could confidently show and demonstrate to the executives that all endpoints (including roaming laptops) are patched, regardless of location, connection or status.

The POC was so successful, my client asked to extend the POC so they could continue to patch vulnerable servers while they expedited the purchase order. By doing so, my client simplified patching and improved their defense against cyber-attacks.

Are you finding missing patches in your vulnerability scans? If so, contact the BigFix team and request a demonstration.

Comment wrap
Further Reading
Automation | November 10, 2020
BigFix offers Fixlets for RHEL versions at End of Support
In November 2020, Red Hat Enterprise Linux 6 (RHEL6) reaches end of maintenance support. HCL is announcing two new offerings that provide continuous content delivery for Red Hat® Enterprise Linux® (RHEL). The BigFix Extended Patch for RHEL offerings eliminates the need for customers to manually discover, curate, test and package ESU content - saving staff time while drastically reducing your window of vulnerability.
Automation | November 3, 2020
Worried About Getting TrickBot-ed and Ryuk-ed? BigFix Provides Crucial Defense and Remediation Capabilities
Ninety percent of attackers will begin their attack campaigns with a phishing email. BigFix provides crucial defense and remediation capabilities against getting trickbot-ed and Ryuk-ed.
Automation | November 3, 2020
BigFix Modern Client Management Delivers New Capabilities
As the landscape of endpoint management expands, BigFix capabilities grows too. The Modern Client Management capability is BigFix’s latest effort to deliver capabilities our customers need to support their ever-changing environments that provides the versatility to change how their endpoint environment is managed. BigFix MCM is integral to organizations who want a reliable and proven approach for implementing a BYOD policy and supporting remote workers.
a/icon/common/search Created with Sketch.