BigFix Benefits

Michelle McGough
BigFix Offering Manager at a tech services company
I used this product at several organizations during my career as an Endpoint Management SME from a small Windows-only fleet to extreme sized heterogeneous empires containing various Nix distros, Windows, and macOS. The more varied and complex the requirements, the better BigFix fit the bill while other solutions faded in the background. When the customer needed the capability to have high visibility over their fleet followed by fulfilling the need to address all issues found in that fleet: BigFix was able to perform. Having built-in continuous delivery content was a major time saver and increased the first pass success rate. Having the flexibility and freedom to deploy content custom-made for the environment is what enabled all use cases to be addressed. View full review »
Information Security Systems Specialist at a university with 10,001+ employees
BigFix has enabled us to have a highly successful endpoint patching program for the past decade. It's been enormously successful there. It's also become a core part of many of our business processes, from compliance monitoring of endpoints, encryption management, key escrow, and local administrator password escrow. It's built into our inventory. It's very much everywhere. We do use BigFix as a system of investigation in the instance of lost and stolen devices to get an idea of what sort of data was possibly on it. It is an integral part of our compliance management system. Using BigFix to report on our encryption stance has been extraordinarily impactful in terms of avoiding fines for HIPAA violations and in terms of lost and stolen devices. We're definitely talking millions of dollars per year. We've got two hospitals, and probably lose a laptop a day. The scale is such that it's a huge number of machines wandering off. Now that we have good encryption coverage and good reporting on that coverage, in a lot of instances, we can acknowledge and verify that the device was lost but that it was verifiably encrypted, there were no records released, and we can then close an investigation. That's huge. View full review »
BigFix Admin / Win SysAdmin at Costco Wholesale
We're able to single console manage all departmental Windows, Linux, AIX servers, and from a single console, we can grant access via role base depending on department status and access. It's just easy to get a big picture on a single screen. It reduces network traffic when it comes to downloading patches. It's a single patch repository on the root server, all patches start on the root server, and then they are disseminated via relevance as required, up above a chain and a single connection via the relays up until it gets to the bottom of the last relay and then it disburses to the client. Storage and network wise, it makes the smallest download possible down to the last band and then disseminates from there, so you can take your relays as far down as possible to make a small download chain size wise. We use it to compare current and past patch cycles. We do monthly compliance verification and we use external vulnerability scanning, and we compare that to the BigFix compliance results and make a mesh of the two for our monthly reports for executives. We do that on a monthly basis. It has helped us to compress our patch cycles. It's been condensed 100 percent. Our patch cycle is now under 10 days for everything that we patch, and we get no complaints from our compliance people about that. They've given us requests and we recondense it. Depending on how much urgency we put on it we can take it down as much as possible. Finally, it has helped to reduce help desk calls. We actually know if there's an issue before the help desk finds out. We'll report a server down sometimes before the server owner knows, and we'll let them know that there may be an issue and then we can actually roll back a patch via BigFix before the server owner knows that there's an issue. Altogether, help desk calls have been reduced by around 50%. View full review »
Find out what your peers are saying about HCL, Tanium, Symantec and others in Endpoint Protection for Business. Updated: November 2019.
384,324 professionals have used our research since 2012.
Tanyalynnette Grimes
CEO/ Chief Strategist at GreenWave Tech Corp
I've worked with the product a very long time, almost eight and a half years now, and for my own company, we're able to make sure that our endpoints are secure, regardless of the location on or off network. Also, for a lot of our customers, a big benefit is being able to give with accuracy, the reporting of compliancies based on NIST or STIGs, compliance reporting tools and being able to know that what they're doing. It has also helped to reduce network traffic when it comes to downloading patches. By only having to download the patch once to the central location and then utilizing the relay structure to then download the patch to a specific site and then everything gathering at local, it greatly reduces the bandwidth of multiple endpoints. We use it to compare current and old patches. I don't necessarily want to deploy a roll-up patch, but we have to because that's how the vendors are producing them. By being able to evaluate whether the new patching is as successful as the old way, we're able to compare the different content of the patches and not just that the patch has been delivered, but that the vulnerability that the patch is supposed to fix no longer exists. Before we started using this solution, patching was done per endpoint. What we're able to do now is, we can test the patches, deploy them, with certainty that they're not breaking anything else, and then large scale deploy the amount. I've seen customers reduce their patch cycle times from a 60-day turnaround window to a 15-day turnaround window. Finally, it has helped reduce software spend. By having to look at the licensed tools and what's being utilized and not utilized, we're able to make informed decisions about software license levels. This product falls a little short as far as the licensing compliance capabilities. I would like to see some development surrounding that so that I could input ELA agreements, regardless of vendor, and be able to pull those compliance-based reports. View full review »
Product Line Manager at a tech company with 10,001+ employees
It allows us to quickly deploy capabilities that we need, whether it be security or non-security. We use it to keep systems up to date, deploy new drivers, and find the information we need in the case of security incidents. The capability allows us to gather a lot of information very quickly and it also allows us to have a centralized reporting feature and a centralized deployment capability, which is nice. It has helped to reduce network traffic when it comes to downloading patches with the relay structure. Talking from the corporate server down to the relays and then to the endpoints, it has helped from that perspective. It still causes impacts, not because of the capability itself but because of the content that's being provided by Microsoft and other vendors is just so large that it starts having impacts whether you want it to or not, no matter what kind of infrastructure you put in place. View full review »
Security Engineer at a university with 1-10 employees
Before we had BigFix, we had problems with some malware. BigFix allows us to immediately patch all instances of endpoints that are vulnerable to antivirus and initiate scans. That's key. It helps us to compress our patch cycles. With our patches, I can make sure 80% of the community has got their endpoint patching up to current standards, which is a current patch cycle within a week and a half. Finally, it has helped us to avoid compliance issues, potentially by millions. We use it for device compliance. It's key that endpoints with a certain type of data, if they were to get lost and not encrypted, would need to be reported and those would need to be reported to a federal agency. This can mean associated fines in the hundreds of thousands if not millions. We have lost endpoints with data on there, but because we can confirm with BigFix that they were verifiably encrypted, we are protected and don't have to make those sorts of reports. It has saved us maybe millions in funds. View full review »
Senior Server Systems Enigineer at a healthcare company with 501-1,000 employees
We are able to use BigFix through API connections to automate and reduce resources and time. The product's been great for us. It's increased the security posture ten-fold and it's increased our visibility across our endpoints enormously. It has helped us to reduce network traffic when it comes to downloading patches. We don't have a million machines reach out in the middle of the night to get devices. We have BigFix on our cruise lines in which satellite connectivity is limited. We had to pay per byte that goes across the wire. We use BigFix to compare our past and present patch cycles. We use it to report on the success of patching and what patches are available. It lets us do postmortems to find out when a patch was first available, first supplied, and if it had any issues. Using BigFix and the automation we built we've been able to reduce patch time from three hours and 37 minutes on average to less than twenty minutes per server. Through using our automation we've seen a reduction in failures, critical patch failures, probably by about three or four percent. View full review »
Technical Engineer at a individual & family service with 10,001+ employees
Prior to BigFix we used Altiris, which was distributed. We had to manage multiple servers, and duplicate the tasks that we did on each server. BigFix tremendously reduced the amount of work that we had to do on each server in a centralized manner. We could minimize the work that we had to do, and we had a lot more control over the tasks and what machines they ran on. It has helped to reduce help desk calls by 60-70%. Using the self-service portal allows our users a lot of access to fix their own problems as far as errors, as well as policies that auto-resolve issues as they come up without the user even knowing. Finally, it has helped us to avoid compliance fines in the tens of thousands of dollars, if not more. We've used it for software audits numerous times and saved significant amounts of money with being able to clearly identify what machines have what software, then verify that we're licensed for the software that we have. View full review »
Joshua Hickok
Senior Security Consultant at Tech Data Corporation
It has improved my organization because we can automate a lot of tasks. We went from manually patching machines or doing our best and having very little visibility into it to us being able to "set it and forget it" and getting really good results on first-pass patching. In addition, it has also helped us to reduce network traffic when it comes to downloading patches. It's very easy to throttle the network traffic, Instead of us taking down the network, downloading hundreds of patches, we're able to set a throttle, and then also spread it out over a period of time, which helps a lot. It has helped to compress our patch cycles. In some cases, a hundred percent because in some areas, patching wasn't happening. We went from not patching to just automating it. Finally, help desk calls have been reduced. We were able to look at help desk calls and find out which ones were most common and start automating that with BigFix. For some various organization, a quarter to half of our help desk calls were knocked out. View full review »
Endpoint Management Engineer at a retailer with 1,001-5,000 employees
Having higher visibility on patching level, on patching successful, and non-successful has been a way that BigFix has improved my organization. Also, the ability to customize the content to do what we need it to do is very powerful and very flexible for us. Finally, in the area of custom interfaces, like REST API, really gives us the ability to provide for our external customers. It has immensely helped to reduce network traffic when it comes to downloading patches. Downloading once and distributing to all endpoints applicable greatly reduces bandwidth. View full review »
Shalva Narayan
Project Lead at a tech services company with 201-500 employees
My company provides support services to a lot of customers and companies. We have reduced a huge amount of man-effort. Along with the man-effort, we have reduced the timeline to fix the compliance and security gaps. We have an unbroken record. The documentation clearly says that we have done the patching of newly released patches, including Microsoft and third-party patches, in up to 80% of the computers, within 72 hours of the release of the production. That was a very massive benefit that we have seen. When I talk about the 80% endpoints, it is 100 or 200. I am talking about 25,000 endpoints. View full review »
Ravi Khanchandani
Founder Director with 11-50 employees
Patch compliance has improved. Using software distribution, the software distributed in the environment has been standardized. With the same software versions across the environment, compatibility issues have come down with a reduction in helpdesk tickets arising out of different software versions. There is also a check on software assets by means of implementing the software inventory module and a great deal of software compliance has been achieved. View full review »
John Livinston
CEO at Verve
It allows for visibility into the OT, the industrial environments, that didn't exist before which is a big piece and has benefited my organization. Second, the speed at which people can patch is night and day versus SCCM or another similar solution. When it comes to downloading patches it has helped our network tracking. Our networks are very low bandwidth and very sensitive. For instance, we're running a power plant and that power plant has to be up 99.99% of the time. That network that it's running on was built 35 or 40 years ago, without all the modern technologies, so we can't do it without BigFix. Many of our clients have compliance requirements that they have to patch within a certain window and so we have to be able to give them data of when the cycle happened and if they complete the patches. It has also helped to compress our client's patch cycles. For our clients, what was normally a full 30 days of work is now down to a couple of days to get the data in and actually get out and patch the thing. We tuned the BigFix console to enable that a little bit easier so it's a 75 to 80% reduction. View full review »
Ben Cotton
Founder at CyFIR
We rely on BigFix as part of our consulting engagements. It's more efficient from a visibility and discovery standpoint on the initial phase, the consulting engagement. It also increases our efficiencies on the remediation phase of our engagements. We use it to compare the current state of patch and diff that with where it should be and to also push CVE patches and things out that are specific to a problem we have found. The combination of CyFIR and BigFix has allowed one of our major customers, one of the top Fortune 50 financial firms in the world, to reduce their forensic investigator count by about 4 FTE with the combination of CyFIR and BigFix. Compared to SCCM it's much more robust, much more capable, and you can be much more targeted with SCCM. The challenge with SCCM is it doesn't have much of a discovery module so if we're going in blind to a network, we really want to know what's there, not what they think is there. BigFix provides us that picture. View full review »
System Administrator at a university with 10,001+ employees
From a security standpoint, it allows us to make sure that we're not leaving ourselves vulnerable to exploits and things like that. That's the biggest advantage that we see to the product from a security standpoint. We use it to compare current and past patch cycles. We usually roll the baselines into every patch cycle. We do some recording on previous patch cycles and stuff like that, and how effective each baseline is. It has helped to compress our patch cycles from a long time ago. We were patching individually each day, then we were able to compress them all into a month. I'm not sure by what percentage but it has helped to reduce help desk calls, in terms of security vulnerabilities, but it has reduced the amount of vulnerabilities and the security notifications we get. Also, self-service lets us install notifications, not like sending a front line support personnel. View full review »
Engineer with 10,001+ employees
BigFix has drastically reduced the maintenance window period to patch and reboot servers. It has helped to reduce network traffic when it comes to downloading patches. There's a single download to the primary BigFix server which is then replicated and cached on the Relays for all data center connected servers. Due to the automation, we've been able to prevent a lot of human errors with BigFix so it's reduced our help desk calls by 50%. Finally, it has helped us to compress patch cycles by around 75%. View full review »
Mark Poulson
Principle Consulting Architect at GNE
One of the biggest benefits BigFix has had for our organization is the ease and efficiency to perform many different tasks, across pillars and platforms, all from one pane of glass. It has immensely reduced network traffic when it comes to downloading patches. Across the board, I've had a number of customers who've had platform tools that I'm able to combine into one tool. We've set up and started using BigFix to patch and have had much higher patch saturation rates than in the past. We do historical tracking with BigFix, and we can see that the success rate's gone way up. It has also helped to reduce help desk calls because of the success rate that we have with the patching. As the success rate goes up, we get fewer calls. View full review »
Technical Lead at a university with 1-10 employees
Being able to intelligently create reports, gather data, export CSVs and give that to the leadership of some of the client groups that my team supports has been a benefit to my organization. There are instances where we have been able to utilize BigFix to reduce help desk calls by automating certain things. Along with the concept of savings calls for the help desk it's saving individual help desk tickets that get navigated to our group by automating things which save us man-hours. View full review »
Fernando Martinez
Systems Administrator at a tech services company with 1,001-5,000 employees
BigFix helped us to identify the compliance of devices and has also improved the way that we manage our software inventory for reporting to vendors. It has helped to reduce network traffic when it comes to downloading patches. It helps a lot because we have the ability to customize the uses of the bandwidth in our company, and it helps us to reach every region no matter the size of the link that we have in the network. We use patch management for deploying Microsoft patches and compliance to deploy security policy across the environment. Finally, it has helped to compress the patch cycles. It has helped us to reduce the time that we need to use for patch management by at least 50 percent. View full review »
BigFix Admin at a university with 10,001+ employees
BigFix has helped us to compress our patch cycles. We typically do one release a month. Where we really benefited from this solution is that we now have one to two people whereas previously we would need thirty to forty people taking care of it. That's where we benefited from BigFix the most. We've never had central patching before, so BigFix has improved things quite a bit. It has helped to reduce software spend. We do have the inventory component, but it's not fully implemented yet. We know that the software does take out certain data and so now we have better data. View full review »
Onyegbule Uche
Technical Consultant at Activedge Technologies
Initially, for the customers that we consult for, their IT Security and IT Operations units were working in silos, especially with regards to patch management and vulnerability and compliance reporting. BigFix effectively bridged the gap between both teams while providing a single robust reporting interface for both teams. View full review »
Sean Seymour
Senior Developer at Jack in the Box
It has improved reliability upon delivery of software and has also helped reduce software expenses. The extensibility of BigFix helps to create custom solutions where we may have considered purchasing something instead. We use it for PCI compliance and checking to see if endpoints are in a state where they need to be patched or not up to a certain level so it has helped us avoid compliance fees. View full review »
Andrew Laurence
Systems Analyst at a university with 10,001+ employees
It enables us to patch our systems quickly and within expectations and to increase our volume as needed. It has also helped us compress our patch sites. We used to do it monthly but now we do it weekly. Compared to SCCM, I always feel like I'm fighting the tool. I do not feel that way with BigFix. View full review »
Technology Engineer at a retailer with 1,001-5,000 employees
The use of fast query has been extremely valuable providing insight in real time of the endpoints. View full review »
Senior Solutions Architect at Siwel Consulting
The older version of the tools that I use also included the connectivity aspect, and the fact that the tool now has it separate from the collection of usage data makes the deployment of these tools much easier. View full review »
IT Engineer at a pharma/biotech company with 1,001-5,000 employees
Servers are patched more consistently than they have been previously. View full review »
Connie Lamicela
CTO at ESM Technology
Some of my clients have gone from it taking months to be able to get through a patch cycle or to discover what's out there, down to days. A lot of it's been over a 90% improvement. View full review »
Our patch cycles are much faster. They usually all happen within a few days or less. View full review »
System Analysis at a healthcare company with 10,001+ employees
We've been able to fully automate our TWS installs, to the point where a user requests it and we don't do anything. Also, our upgrades are much more refined than the manual processes we did before. View full review »
Nirmal Kumar
Talent Acquisition Executive at a consultancy with 1,001-5,000 employees
The product is less costly when compared to other solutions, and this is a good solid solution for what we have paid. View full review »
Itay Fahima
Infrastructure Specialist with 501-1,000 employees
* I can manage all of my assets from one place, no matter where they are in the world. * Manage deployments and authorized software assets. * Manage IMAGES for the entire organization from one place, and do it fast! * Patch management is no longer a problem. View full review »
Uffan Khan
Information Security Analyst with 1,001-5,000 employees
BigFix has helped us in improving the overall endpoint posture and lifecycle management of the workstations as well as applications. View full review »
IT Operations Manager at a tech services company with 10,001+ employees
* Patch compliance reached 100%. * Patch management, because it significantly improved the patch compliance. View full review »
Find out what your peers are saying about HCL, Tanium, Symantec and others in Endpoint Protection for Business. Updated: November 2019.
384,324 professionals have used our research since 2012.
Sign Up with Email