What is new in BigFix 10 Platform

BigFix 10 Platform provides new features and enhancements.

Patch 1
Discover and report cloud assets, now also from Google Cloud Platform

With this feature, you can discover and manage visibility of your cloud assets across different cloud providers by using the Plugin Portal and plugins technology. To install the BigFix client on your discovered cloud assets, use the WebUI or the BigFix Console.

For details, see Extending BigFix management capabilities.

Get more from audit logs

The audit log service now provides more details about logging in and out of the BigFix Server, and information on the IP addresses that the clients use to access the server.

For details, see Server audit logs.

Enhanced security of TLS connections with support for Forward Secrecy

You can now leverage on the ephemeral Diffie-Hellman (DHE) and ephemeral elliptic curve Diffie-Hellman (ECDHE) for key exchange to increase the level of security of your deployment.

For details, see Using the DHE/ECDHE key exchange method.

Mitigate network impact and bandwidth requirements with clients connected through VPN

You can now configure BigFix Client to take payloads directly from the internet based on a configurable list of sites. This helps you mitigate the network impact and bandwidth requirements associated with BigFix Relays that serve BigFix Clients connected through a VPN.

For details, see the configuration setting named _BESClient_Download_DirectRecovery described in List of settings and detailed descriptions.

Use Microsoft Office 365 as the email server for WebReports

In the earlier versions of BigFix Platform, Web Reports could only contact email servers by using the basic authentication over SMTP. In this release, you can schedule the sending of reports by using the Office 365 email server with OAuth 2.0 and credentials grant flow.

For details, see Setting Up Email.

Added support for BigFix Agent
Added support for BigFix Agent running on:
  • Ubuntu 20.04 LTS on Intel.
  • Windows 10 Enterprise for Virtual Desktops.
    Note: For Windows 10 Enterprise for Virtual Desktops, the relevance expression "product info string of operating system" returns “Server RDSH”. This limitation is valid for Patch 1 only.
Other enhancements
  • Modified the installer to remove the setup of SQL Server 2016 SP1 - Evaluation from the options of the BigFix evaluation installation.

    For details, see Performing an evaluation installation on Windows.

  • Enhanced serviceability of PeerNest and BigFix Client debug log with more information and the possibility to rotate and set a maximum size.

    For details, see List of settings and detailed descriptions.

  • Improved Client Deploy Tool (CDT) wizard. Simplified the installation process for clients that are discovered by the cloud plugins.

    For details, see Installing the BigFix Agent on discovered resources.

  • Upgraded the following external libraries:
    • The libcurl file transfer library level was upgraded to Version 7.69.1.
    • The Codejock library was upgraded to Version 19.2.0.
    • The jQuery library was upgraded to Version 3.5.1.
Version 10
Multicloud support

BigFix 10 provides you with a single, comprehensive view of all your endpoints, regardless of whether they are in the cloud or on premise. This feature extends the BigFix capabilities to eliminate unmanaged cloud blind spots in your Amazon Web Services, Microsoft Azure, and VMware environments by using native cloud APIs to discover unmanaged servers across multiple cloud providers simultaneously. With this feature, you can also easily deploy the BigFix agent to provide deeper levels of visibility and control in order to bring your cloud devices into full management.

For details, see Extending BigFix management capabilities and Configuring cloud plugins.

Enhanced security with an option to deploy relays as authenticating

As a BigFix Administrator, you can now choose to install Relays as authenticating at the time of deployment. By using this option, you can streamline the best practice of securing and configuring the internet-facing relays, thereby safeguarding your environment and data against threats.

For details, see Authenticating relays.

Improved support for multiple Web Report servers for REST API calls

When you have multiple BigFix Web Reports servers in your environment, you can define a priority order in which you want specific queries sent to the REST API. This feature introduces more flexibility to the way you control your integrations, while avoiding potential impacts to your operational environment.

For details, see https://developer.bigfix.com/rest-api/api/webreports.html.

Enhanced logging for the BigFix agent

The BigFix agent logs now include additional endpoint identification information (including OS, hostname, and IP address) and relay selection data to help you improve serviceability and simplify troubleshooting.

Other enhancements
  • Improvements to the Take Action Dialog to avoid targeting ‘all computers’ by default.
  • Introduced MAC address as a reserved property.
  • Added support for:
    • BigFix Server on Windows Server 2019.
    • BigFix Relay on SUSE Linux Enterprise Server (SLES) Version 15 on AMD/Intel.
    • BigFix Relay on Red Hat Enterprise Linux Version 8 x86 64-bit on Intel.
    • BigFix Agent on Amazon Linux 2.
      Note: For Amazon Linux 2, the client package is the Red Hat Enterprise Linux 6 package.
    • BigFix Agent on Oracle Enterprise Linux 8 on Intel.
    • BigFix Agent on Red Hat Enterprise Linux 8 PPC 64-bit LE on Power 8 and 9.
    • BigFix Agent on SUSE Linux Enterprise Server (SLES) Version 15 on s390x.
  • The OpenSSL toolkit level was upgraded to Version 1.0.2u.
OS and database support changes
BigFix 10 introduces some changes to the minimum supported versions of operating systems and databases for various BigFix components. Notable among these changes is that the BigFix 10 Server now requires:
  • Either Windows Server 2012 R2 or later + SQL Server 2012 or later.
  • Or Red Hat Enterprise Linux Version 7 + DB2 Version 11.5 GA.

For details, see Detailed system requirements.