IBM BigFix

From Wikipedia, the free encyclopedia
  (Redirected from Tivoli Endpoint Manager)
Jump to: navigation, search

IBM BigFix formerly IBM Endpoint Manager, Tivoli Endpoint Manager (TEM) and before that, BigFix, is a systems-management software product developed by IBM for managing large groups of computers running Windows, Mac OS X, VMware ESX, Linux or UNIX, as well as various mobile operating systems such as Windows Phone, Symbian, iOS and Android. [1] IBM Endpoint Manager provides system administrators with remote control, patch management, software distribution, operating system deployment, network access protection and hardware and software inventory functionality. [2]

History[edit]

The software is the result of the integration of assets acquired from BigFix into the IBM portfolio, and extends IBM's capabilities to manage the security and compliance of servers, desktops, roaming laptops, and point-of-sale devices, such as ATMs and self-service kiosks. [3] The software combines endpoint and security management into a single solution and enables organizations to see and manage physical and virtual endpoints.[4]

Capabilities[edit]

IBM Endpoint Manager has the following capabilities:[5]

  • Single agent for endpoint self-assessment and policy enforcement
  • Utilize a single network port, TCP/UDP port 52311, for all server, relay, and client communication
  • Near real-time visibility and control from a single management console
  • Manage hundreds of thousands of endpoints regardless of location, connection type or status
  • Target specific actions to an exact type of endpoint configuration or user type
  • Provide patch management, software distribution, OS deployment
  • Support heterogeneous platforms
  • Provide Mobile Device Management
  • Automatically assess endpoints and remediate vulnerabilities according to National Institute of Standards and Technology (NIST) standards
  • Provide real-time protection from malware and other vulnerabilities.

Fixlets[edit]

Within IBM Endpoint Manager, Fixlet messages are the method by which software, patches, and configurations are deployed to managed clients. Fixlet messages use an IBM Endpoint Manager-specific query language called the Relevance Language to apply only to computers that meet an administrator-defined criteria. If a client is found to meet that criteria then another part of the Fixlet message called the Action Script determines what change is made to the client as a result of it failing to meet applicability criteria.

Relevance Language[edit]

The Revelance Language is a query language created by IBM for use by the Endpoint Manager platform. The purpose of the relevance language is to provide an interface by which properties of a client (such as cpu, disk space, etc.) could be retrieved. The value of the relevance language is that it, to a certain extent, abstracts away platform-specific query mechanisms like WMI, /Proc, and SIM. This allows an operator to learn one query language that works across all supported platforms.[6]

Action Script[edit]

The Action Script language is a scripting language created by IBM for use by the Endpoint Manager platform. The purpose of the action script language is to provide an interface by which changes can be made to a client. The value of the action script language is that it, to a certain extent, abstracts away platform-specific scripting differences like directory traversal, script execution and flow control. This allows an operator to learn one scripting language that works across all supported platforms. [7]

Platform Components[edit]

The core IBM Endpoint Manager platform can be extended using additional components delivered by IBM:

IBM Endpoint Manager for Lifecycle Management includes Patch Management, Remote Control, Software Distribution, and OS Deployment. Patch Management includes patches for Microsoft, UNIX, Linux, and Macintosh operating systems. [8] Remote Control gives you the ability to monitor and control PCs and servers. Software distribution provides a package library and automation toolkit for endpoint administrators. OS Deployment provides imaging and provisioning of operating systems as well as operating system migration capabilities. [9]

IBM Endpoint Manager for Patch Management includes vendor patches for Microsoft, UNIX, Linux, and Macintosh operating systems as well as patches for third-party applications by Adobe, Google, and Microsoft. [10]

IBM Endpoint Manager for Core Protection delivers antimalware functionality via protection methods such as file and web reputation, personal firewall, and behavior monitoring. The Core Protection software helps protect physical and virtual endpoints from damage caused by viruses, Trojan horses, worms, spyware, rootkits, web threats, and their variants. [11]

IBM Endpoint Manager for Security and Compliance provides common STIG, CIS, and third-party security baselines, network self quarantine, and removable device control. [12]

IBM Endpoint Manager for Software Use Analysis gathers information about installed software and hardware in a customer's infrastructure. Software Use Analysis tracks application usage on endpoints to determine the number and type of licenses required for licensed software. [13]

IBM Endpoint Manager for Server Automation provides hypervisor operations to build and manage virtual machines in a datacenter environment. In addition, the Server Automation component provides the ability to do middleware management tasks to support operating system patching for clustered systems. [14]

Architecture[edit]

The IBM Endpoint Manager system has the following main components:

IBM Endpoint Manager Agents are installed on every computer that is managed using IBM Endpoint Manager. The agents access collections of content called, "Fixlets" that allow the agent to automatically detect and correct security exposures, incorrect configurations, and other vulnerabilities. IBM Endpoint Manager Agent software can run in Windows, Linux, Solaris, HP-UX, AIX, and Macintosh operating systems.

IBM Endpoint Manager Relays acts as a cache between IBM Endpoint Manager clients and their server. The relays cache patch content for clients to download and the relays aggregate client reports for the IBM Endpoint Manager server. IBM Endpoint Manager relays do not need to run on dedicated hardware and can run on any number of client and server operating systems. IBM Endpoint Manager relays can connect also to other relays allowing for a hierarchy of relays in the environment.

IBM Endpoint Manager Servers provide a collection of interacting services, including application services, a web server, and a database server, forming the core of the IBM Endpoint Manager system. The server coordinates the flow of information to and from individual computers and store the results in the IBM Endpoint Manager database. The IBM Endpoint Manager supports multiple servers in a replication topology allowing for high availability and disaster recovery.

IBM Endpoint Manager Web Reports is a web based reporting module that allows authorized users to view all of the information available for managed endpoints including vulnerabilities, actions, and more. A single IBM Endpoint Manager Web Reports server can aggregate reporting information from multiple IBM Endpoint Manager servers.

IBM Endpoint Manager Consoles allow administrators, also called operators, to view and interact with all of the clients and servers in the IBM Endpoint Manager environment. The IBM Endpoint Manager Console allows an authorized user to quickly and easily distribute software patches and configuration settings. You can run the IBM Endpoint Manager console on any modern 64-bit Windows operating system that has network access to the IBM Endpoint Manager Server.

External links[edit]

References[edit]

  1. ^ "IBM Endpoint Manager Platform Support Policy". Retrieved 18 June 2015. 
  2. ^ University of California IT Services: Tivoli Endpoint Manager (TEM). Accessed 14 June 2013
  3. ^ "IBM Closes Acquisition of BigFix". Retrieved 18 June 2015. 
  4. ^ CIOinsight. "Tivoli Endpoint Management Software Gives IBM New Security Tool". Cioinsight.com. Retrieved 2014-05-20. 
  5. ^ "IBM BigFix Endpoint Manager". Retrieved 18 June 2015. 
  6. ^ "Endpoint Manager Relevance Language Guide" (PDF). Retrieved 19 June 2015. 
  7. ^ "Action Guide" (PDF). Retrieved 19 June 2015. 
  8. ^ "IBM Endpoint Manager for Patch Management" (PDF). Retrieved 18 June 2015. 
  9. ^ "IBM Endpoint Manager for Lifecycle Management" (PDF). Retrieved 18 June 2015. 
  10. ^ "IBM Endpoint Manager for Patch Management" (PDF). Retrieved 18 June 2015. 
  11. ^ "IBM Endpoint Manager for Core Protection" (PDF). Retrieved 18 June 2015. 
  12. ^ "IBM Endpoint Manager for Security and Compliance" (PDF). Retrieved 18 June 2015. 
  13. ^ "IBM Endpoint Manager for Software Use Analysis V9.0" (PDF). Retrieved 18 June 2015. 
  14. ^ "IBM Endpoint Manager for Server Automation" (PDF). Retrieved 18 June 2015.