A basic installation

A simplified BigFix deployment is shown in the following diagram. There is at least one server that gathers Fixlets from the Internet where they can be viewed by the console operator and distributed to the relays. Each client inspects its local computer environment and reports any relevant Fixlets back to the relay, which compresses the data and passes it back up to the servers.


This window displays a basic architecture of an IBM Endpoint Manager deployment.

This window displays a basic installation. A simplified BigFix deployment is shown in the following diagram. There is at least one server that gathers Fixlets from the Internet where they can be viewed by the console operator and distributed to the relays. Each client inspects its local computer environment and reports any relevant Fixlets back to the relay, which compresses the data and passes it back up to the servers.

The BigFix console oversees all this activity. It connects to the Servers and periodically updates its displays to reflect changes or new knowledge about your network.

The BigFix console operator can then target actions to the appropriate computers to fix vulnerabilities, apply configuration policies, deploy software, and so on. The progress of the actions can be followed in near realtime as they spread to all the relevant computers and, one by one, address these critical issues.

This diagram labels all the default ports used by BigFix, so that you can see which ports need to be open and where. These ports were selected to avoid conflict, but if you are currently using any of these ports, they can be customized upon installation.

Note: The arrows in the diagram illustrate the flow of information throughout the enterprise. The arrows from the Fixlet server to the servers represent the flow of Fixlets into your network. Clients gather Fixlets and action information from relays. They then send small amounts of information back to the servers through the relays. The UDP packets from the relay to the clients are small packets sent to each client to inform them that there is new information to be gathered. The UDP messages are not strictly necessary for BigFix to work correctly. View the article about network traffic at the BigFix support site, or ask your support technician for more details.