Home
WebUI User's Guide
Read this guide for an introduction to the WebUI tools, concepts, and terminology.
Getting Started with the Modern Client Management
This section introduces the Modern Client Management (MCM) concepts, terminology, and explains how to get started with using the feature.
Manage MDM devices
After Windows and macOS devices are enrolled, the devices report to BigFix as MDM devices, and they are listed on the BigFix WebUI Devices page. Use the MDM application in the WebUI to view, manage, and control these Windows and macOS devices and policies.
Deploying BigFix Agents
By deploying the BigFix Agent to devices, BigFix administrators can use all the capabilities of BigFix on those devices.

WebUI User's Guide
Read this guide for an introduction to the WebUI tools, concepts, and terminology.
- Welcome
  Welcome to BigFix WebUI. The WebUI delivers a powerful set of functions for BigFix operators. It simplifies BigFix workflow, speeds access to data, and improves flexibility, visibility, and performance.
- Meet the WebUI
  Take a quick tour of the WebUI screens, controls, and workflow.
- Get Started with Devices
  Use the Device screens to view and manage all the devices in your environment as determined by your permission levels. You can find specific devices, access device documents, select devices for deployment, generate and export device reports and do much more.
- Get Started with Patches
  Use the Patch screens to list patches, find specific patches, and view detailed patch information including known issues, vulnerable devices, and deployments.
- Get Started with Patch Policy
  A patch policy is a set of criteria that defines a patch list; that is, a collection of Fixlets that meet the patching criteria of a specific set of endpoints.
- Get Started with Software
  A BigFix software package is the collection of Fixlets used to install software on a device. The package includes the installation files, the Fixlets that install them, and information about the package itself.
- Get Started with Custom Content
  Use the Custom Content pages to view custom content, edit tasks, and view related information, including applicable devices and deployments.
- Get Started with BigFix Query
  Use the BigFix Query feature to retrieve data from endpoints through a dedicated query channel, where the memory available on each Relay minimizes the impact to normal BigFix processing.
- Take Action: The Deploy Sequence
  To deploy means to dispatch content to one or more endpoints for execution, for example, to update a patch, install software, or restart a machine.
- Get Started with Deployments
  Use the Deployment views to monitor and verify completion of BigFix deployments.
- Get Started with the Content App
  Use the Content App to work with Fixlets, tasks, and baselines on the BigFix sites. Search, filter, and deploy content using standard WebUI tools.
- Getting Started with the Modern Client Management
  This section introduces the Modern Client Management (MCM) concepts, terminology, and explains how to get started with using the feature.
  - Install MDM components
    You can set up MDM for BigFix 10 through WebUI or by running the appropriate tasks from the BESUEM content site.
  - Pre-stage
    You can configure MDM server to install BigFix agent and any other applications on Windows 10 and macOS devices on enrollment.
  - Enroll devices
    You must enroll your devices to manage them with BigFix MDM. BigFix MDM servers interact with the enrolled devices through APIs and based on the MDM policies applied on the devices.
  - Manage MDM devices
    After Windows and macOS devices are enrolled, the devices report to BigFix as MDM devices, and they are listed on the BigFix WebUI Devices page. Use the MDM application in the WebUI to view, manage, and control these Windows and macOS devices and policies.
    - Health Checks
      As a Master Operator, use the Health Checks page in the MDM application to monitor the health of your BigFix MCM deployments. This makes it easier for you to determine the status of your deployments and to identify what is not set up properly.
    - MDM Permissions
      Use the WebUI Permissions service to provide increasingly fine-grained control over permissions and preferences in WebUI MDM.
    - Device Inventory
      You can use the Devices page in BigFix WebUI to view the list of all devices (as determined by permission levels). The list will contain devices that are managed by MDM and devices that are not managed by MDM.
    - Deploying MDM policies
      Deploying MDM policies in BigFix 10 MDM allows administrators to lock down and configure MDM devices. MDM policies are deployed to manage the devices effectively through MDM.
    - Deploying MDM actions
      With BigFix 10 MDM, you can perform various actions like Lock Device, Wipe, Restart, Shutdown, Remove Policy, Deploy BigFix Agent, Deploy MDM Application, Enroll Windows 10 devices using MDM Actions.
    - Deploying BigFix Agents
      By deploying the BigFix Agent to devices, BigFix administrators can use all the capabilities of BigFix on those devices.
    - Managing MDM policies
      You can manage the MDM policy of both macOS and Windows devices using BigFix WebUI.
  - Unenroll devices
    After unenrolling from MDM, you can no longer manage the device by BigFix. MDM policies become ineffective on the unenrolled devices.
  - MDM Use Cases
  - Update MDM Components
    Learn how to update MDM components.
  - Uninstall MDM components
    Learn how to uninstall MDM components.
- Extending BigFix management capabilities
  BigFix 10 delivers a few significant new functions for enhancing the visibility and management of devices on your network regardless of whether the devices are physical or virtual.
- Support
  For more information about this product, see the following resources:

Deploying BigFix Agents

By deploying the BigFix Agent to devices, BigFix administrators can use all the capabilities of BigFix on those devices.

Master operators can deploy a BigFix Agent on an MDM device
Users other than master operators who have the Can use WebUI, Can Create Actions, and Custom Content permissions can deploy a BigFix Agent on MDM devices.

To deploy the BigFix Agent, follow these steps:

Select at least one device that is managed only by an MDM agent. (Users can also get a list of devices that don’t have the BigFix Agent installed by using the BigFix Agent Status > Not Installed filter.
Note: The devices that are managed by only MDM are indicated by the MDM symbol next to it.
Click Deploy.
From the list, select Deploy BigFix Agent.
To add or remove devices, on the Deploy BigFix Agent page, click Edit Devices.
Configure Relay authentication options.
1. Mac Relay Authentication Options: This section is displayed if Mac endpoints are selected.
  - Configure Relay: Enter an IP address or a DNS name.
  - Password: Enter the password.
  - Include BigFix full disk policy: Select this check box to grant full-disk access privileges to BigFix.
2. Windows Relay Authentication Options: This section is displayed if Windows endpoints are selected.
  - Select MSI to deploy: From this list, select the msi file that you have pre-staged on the MDM server.
To deploy the BigFix Agent, click Deploy.
Note:
- After the action is complete, both MDM and the BigFix Agent can manage the device.
- The IP address and password that are entered as part of configuring a relay are used only by macOS MDM endpoints. Windows MDM devices must have a prestaged MSI with a relay authorization that is already configured as part of the MSI.
- Deploying the BigFix Agent works only if the installers for BigFix Agents are pre-staged on the MDM server. The BigFix WebUI requires at least one .pkg file for macOS and one .msi file for Windows™ devices. If installation packages are not on the MDM server, users receive a warning that says BigFix Agent actions will fail." The WebUI checks for .msi and .pkg files in the /var/opt/BESUEM/packages folder by default to see whether BigFix Agent packages are pre-staged correctly.