- Client Authentication
Client Authentication extends the security model used by BigFix to encompass trusted client reports and private messages.
- Authenticating relays
BigFix deployments with internet-facing relays that are not configured as authenticating are prone to security threats.
- Handling the key exchange
When an agent tries to register and does not have a key and certificate, it automatically tries to perform a key exchange with its selected relay.
- Manual key exchange
If an agent does not have a certificate and can only reach an authenticating relay on the network, connected through the internet, you can manually run the following command on the agent so it can perform the key exchange with an authenticating relay:
- Revoking Client Certificates
After a client authenticates, you can revoke its certificate if you have any reason to doubt its validity.
- Re-registering a revoked client
The client revoke procedure removes a client from the console and updates a client certificate revocation list.
- Mailboxing
With Client Mailboxing you can send an encrypted action to any given client, instead of broadcasting it to all clients.