Tivoli Endpoint Manager
IBM Endpoint Manager (IEM) is a software tool designed for use in IT asset management. IEM was earlier known as Tivoli Endpoint Manager and was renamed to IBM Endpoint Manager in version 9.0. It enables remote management and the automatic delivery of software updates by means of TEM client software installed on PCs and other devices.
The software integrates the assets acquired with BigFix into the IBM portfolio, and extends IBM's capabilities to manage the security and compliance of servers, desktops, roaming laptops, and point-of-sale devices, such as ATMs and self-service kiosks. The software combines endpoint and security management into a single solution and enables organizations to see and manage physical and virtual endpoints.
IBM claims the following capabilities for this utility:
- Single intelligent agent for continuous endpoint self-assessment and policy enforcement
- Real-time visibility and control from a single management console
- Manage hundreds of thousands of endpoints regardless of location, connection type or status
- Target specific actions to an exact type of endpoint configuration or user type
- Reduce management complexity and cost, increase accuracy, and boost productivity
- Patch management, software distribution, OS deployment
- Support heterogeneous platforms 
- Mobile Device management
- Automatically assess endpoints and remediate vulnerabilities according to National Institute of Standards and Technology (NIST) standards
- It provides Real-time protection from malware and other vulnerabilities.
- Server Automation
IBM® Endpoint Manager aims to solve the increasingly complex problem of keeping your critical systems updated, compatible, and free of security issues. It uses patented Fixlet technology to identify vulnerable computers in your enterprise. With just a few mouse-clicks you can remediate them across your entire network from a central console. Fixlet messages are powerful, flexible, and easily customized. Using Fixlet technology, you can:
- Analyze vulnerabilities (patched or insecure configurations)
- Easily and automatically remediate all your networked endpoints
- Establish and enforce configuration policies across your entire network
- Distribute and update software packages
- View, modify, and audit properties of your networked client computers
Architectural components overview
The IBM Endpoint Manager system has the following main components:
IBM Endpoint Manager clients: Also called agents, are installed on every computer that you want to manage using IBM Endpoint Manager. They access a collection of Fixlet messages that detects security exposures, incorrect configurations, and other vulnerabilities. The client can implement corrective actions received from the console through the server. The IBM Endpoint Manager Client runs undetected by users and uses a minimum of system resources. TheIBM Endpoint Manager also allows the administrator to respond to screen prompts for those actions that require user input. IBM Endpoint Manager clients can encrypt their upstream communications, protecting sensitive information. IBM Endpoint Manager Client software can run in Windows, Linux, Solaris, HP-UX, AIX, and Macintosh operating systems.
IBM Endpoint Manager Servers : Offer a collection of interacting services, including application services, a web server, and a database server, forming the heart of the IBM Endpoint Manager system. They coordinate the flow of information to and from individual computers and store the results in the IBM Endpoint Manager database. The IBM Endpoint Manager Server components operate quietly in the background, without any direct intervention from the administrator. IBM Endpoint Manager Servers also include a built-in Web Reporting module to allow authorized users to connect through a web browser to view all the information about computers, vulnerabilities, actions, and more. The IBM Endpoint Manager supports multiple servers, adding a robust redundancy to the system.
IBM Endpoint Manager Relays: Increase the efficiency of the system. Instead of forcing each networked computer to directly access the IBM Endpoint Manager Server, relays spread the load. Hundreds to thousands of IBM Endpoint Manager clients can point to a single IBM Endpoint Manager Relay for downloads, which in turn makes only a single request to the server. IBM Endpoint Manager relays can connect also to other relays, further increasing efficiency. An IBM Endpoint Manager relay need not be a dedicated computer; the software can be installed on any Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Red Hat Enterprise Linux 4,5,6, or Solaris 10, computer with the IBM Endpoint Manager client installed. As soon as you install an IBM Endpoint Manager relay, the clients in your network can automatically discover and connect to them.
IBM Endpoint Manager Consoles: Join all these components together to provide a system-wide view of all the computers in your network, along with their vulnerabilities and suggested remedies. The IBM Endpoint Manager Console allows an authorized user to quickly and simply distribute fixes to each computer that needs them without impacting any other computers in the network. You can run the IBM Endpoint Manager console on any Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, or Windows Server 2008 R2 computer that has network access to the IBM Endpoint Manager Server. Consoles for large deployments are often hosted from Terminal Servers or Citrix Servers.
- University of California IT Services: Tivoli Endpoint Manager (TEM). Accessed 14 June 2013
- CIOinsight. "Tivoli Endpoint Management Software Gives IBM New Security Tool". Cioinsight.com. Retrieved 2014-05-20.
- "IBM Endpoint Manager". 01.ibm.com. Retrieved 2014-05-20.