Jump to main content
BigFix Documentation Homepage
BigFix V9.5 Compliance Documentation
Welcome to the BigFix Compliance documentation, where you can find information about how to install, maintain, and use BigFix Compliance.
Platform
Compliance Overview
BigFix Compliance helps support endpoint security throughout your organization.
Compliance guides in PDF format
Following is a list of links to the BigFix Compliance user guides in PDF format:
Client Manager for Endpoint Protection (CMEP) encompasses Anti-Virus, spyware tools, and device control capabilities.
Overview
BigFix Client Manager for Endpoint Protection (CMEP) encompasses Anti-Virus, spyware tools, and device control capabilities.
Installation
Using CMEP
Device control
Device Control manages and controls various devices in your deployment, including USB storage devices and CD-ROM drives.
Frequently asked questions
Setting up Configuration Management
Follow these steps to set up your Configuration Management deployment.
Using checks and checklists
Configuring Windows checklists
Configuring UNIX checklists
You can configure checklists for the superseded and non-superseded UNIX content.
Importing SCAP content
Configuration Management Reporting
Frequently asked questions
BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Overview
HCL BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based on the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Setup
Complete configuration steps to access the PCI DSS checklists and checks and ensure accurate relevance evaluation on the endpoints.
Using checks and checklists
The check Fixlets in Configuration Management checklists assess an endpoint against a configuration standard. Many check Fixlets have a corresponding analysis, sometimes referred to as measured values, that report the value of the element that the check Fixlet evaluates.
Understanding the results in BigFix Compliance Analytics
Use BigFix Compliance Analytics (formerly known as Security and Compliance Analytics or SCA) to navigate and explore security configuration check results.
Resources
You can find more information about Security Configuration Management and PCI DSS in the following resources.
Security and Compliance Analytics (SCA) is a web-based application designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
Security and Compliance Analytics Setup Guide
Security and Compliance Analytics User's Guide
HCL® Endpoint Manager for Security and Compliance Analytics (SCA) is a web-based application that is designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
QRadar® provides security intelligence for protecting assets and information from advanced threats. BigFix provides a dashboard that is integrated with QRadar®. This dashboard is called the Manage Vulnerable Computers dashboard and is located within the Endpoint Protection domain in BigFix. From this dashboard, you can view enriched vulnerability and risk data, from which you can quickly identify the computers that are most at risk. You can remediate the vulnerabilities that are detected by QRadar® and you can also quarantine or un-quarantine computers.
Overview and getting started
HCL® BigFix provides the Manage Vulnerable Computers dashboard from which you can view and remediate QRadar® vulnerability data. The dashboard lists the QRadar® Computer Risk Score, CVEs, and CVE risk score, which you can use to quickly identify the computers that are at risk. The dashboard provides a list of the Fixlets and Baselines that are available to take action and remediate CVEs. You can also quarantine or unquarantine computers from the Manage Vulnerable Computers Manage Vulnerable Computers dashboard. An Actions tab shows the actions that you ran from the dashboard.
Remediate vulnerabilities
Use the Manage Vulnerable Computers dashboard to view and remediate QRadar vulnerability data and quarantine or un-quarantine computers.
BigFix and Carbon Black integration
The HCL BigFix and Carbon Black integration allows administrators to deploy a full endpoint security solution to detect, contain, investigate, and remediate security threats and attacks on endpoints across the enterprise. The following sections provide useful information and links to the resources available for the solution.