The Future of BigFix – Should I be Concerned?

By Dan Powers

Did you know IBM acquired BigFix in 2010 from Gateway Computers after deploying it internally?  They were so enamored by the efficiency of the platform that they bought it.  For the last 9 years, IBM has developed enhancements to the platform, rebranded BigFix to Tivoli Endpoint Manager (TEM), and then to IBM Endpoint Manager (IEM) only to rename it back to BigFix by popular demand.  Then, in December 2017, HCL assumed responsibility for BigFix development and support.  Why? HCL had used BigFix for client projects since 2003, way before IBM’s purchase in 2010.  So, as a BigFix customer and partner, HCL acquiring BigFix is of no concern. In fact, it is exciting!  And, they wouldn’t have purchased BigFix at a price of $1.8 Billion (yes with a “B”), if they thought there was no value in it.

What are things we might expect out of HCL?  Of course, only time will tell, but let’s look at a few recent (and older) integrations with the platform in terms of endpoint management and security. The first two are not a surprise.

QRadar Integration: Provides the ability to leverage patches to be applied, anti-virus deployment status, compliance status, software installed, processes running, etc. to the SIEM is a powerful augmentation to QRadar.

Resilient Integration: Ability to search for Indicators of Compromise (IOC) in IBM Resilient across all endpoints via BigFix helps quickly identify the scope of any incident. Investigations are enhanced with data from the BigFix agent on all endpoints. And response to any incident can happen quicker by leveraging a playbook from Resilient into BigFix.

Carbon Black Integration:   At one point, a rumor about IBM BigFix was that Carbon Black would replace Trend Micro offered in the Protection module (when trend left). Although it didn’t happen, integration between BigFix and Carbon Black did, and the result was enabling BigFix to remediate issues found and identified by Carbon Black.

So, all three integrations above were initiated by IBM, which makes sense, since two were owned by IBM and one was closely related to IBM products.  However, when we look at recent additions, they are mostly done at HCL.  To me, these are more “open”, in a sense, to 3rd party applications.

Windows Defender Integration: Enabling Windows Defender Core services on the Windows 10, updating Defender signatures from the cloud along with consistent monitoring of Defender status provides tighter integration and value between BigFix and Windows 10 operating system.

More recent additions in the security realm are the following:

It seems the integration strategy under HCL is looking at expanding the ecosystem far beyond other IBM products and making concentrated effort to provide real-time security features within the product and other existing enterprise tool sets.

As we look deeper into the BigFix core platform, we can see a noted uptick for security. For example, let’s look at inventory, which by itself is invaluable to control not only the software installed, but track the usage and compliance in terms of software license: Saving many organizations money from penalties (software audits) but also simply on software/subscriptions that simply where not being utilized. Now along with this data, the inventory system also provides integration with the IBM X-Force for file reputation along with reporting on National Vulnerability Database (NVD) and Common Vulnerabilities and Exposures (CVE) content – providing vulnerability data on existing and running Software throughout your environment!

The Compliance module, which traditionally dealt to harden your endpoints by leveraging Defense Information Systems Agency (DISA), Security Technical Implementation Guide (STIG) and Center for Internet Security (CIS) checklists has also had an increased effort to provide more checklist not just for operating systems but also enterprise applications. Recently, it has integrated the patch module (included with Compliance) into the reporting analytics allowing historical patching and direct integration with 3rd party Vulnerability tools and malware tools.

The new Patch enablement helps bridge the reporting between Patching and Compliance along with integration between tools such as Rapid7/Qualys etc.  It also shows a real-time view into your organization and the risk across your devices. Being able to drill down or look at groups of system helps your operations team work closer with the security team to identify and resolve issue quicker by matching CVE data to specific patches to resolve the issue.

As the date gets closer for HCL’s official acquisition of BigFix, it will be extremely interesting where HCL will take the product. Recent additions of Raspbian OS (Raspberry Pie) as a supported endpoint, only adds to BigFix being the only platform that natively supports all devices found in an enterprise environment. Will HCL add support for mobile devices?  Add more IoT devices like Raspbian?  One of the missing components is mobile devices to make BigFix a true Unified Endpoint Management (UEM). BigFix currently supports more native OS platforms than any other endpoint management solution out there today. So, it makes sense that mobile devices would be the most logical next step.  IBM purchased MaaS360 and offered an integration into BigFix but failed to merge the two products into a single management platform.  If HCL can do this, with printer and the Raspbian support, BigFix would manage ANY device that exists in our new IoT world, from a single platform.

I have enjoyed BigFix as a product and working with IBM for the last 9 years, IBM provided great value and opportunity to enhance the product. But knowing that HCL has been working with BigFix since 2003 and not hindered by existing mind set and focus IBM has had the last few years. I for one, am extremely excited to see what happens in Q4 of this year, with the release of BigFix Version 10!!


IBM BigFix Is Part of the HCL Technologies Acquisition Announcement


Champion Solutions Group - HCL BigFix Update!


Erick Bacallao joined Champion Solutions Group in 2015 after a career of Software Development in Cuba at the National Cancer Care Institute of Cuba, followed by moving to the States with allAware.


Champion acquired allAware and its properties and Erick has utilized his extensive background and expertise in IT and Software Development to rise to VP of Product Development in less than 5 years. During this time, Erick has been involved with key projects that led to the launch of numerous products including CSP Boss, Inscape platform and 365 Productivity Insights.


Erick has a Bachelor of Science in Computer Science from the University of Havana. He won Gold Medals for Programming from the Ministry of Education in Cuba, and he is certainly still a Gold Medalist for Champion!


As President and CEO, Chris is responsible for the development of key strategic alliances and solution portfolio. He leads Champion’s go-to market and execution strategies for integrated offerings in the cloud, in security, and in digital infrastructure, always focusing on improving the customer experience and driving transformative business outcomes.


He also aligns key partner initiatives with company strategy and oversees corporate marketing and messaging to gain mindshare with customers and partners. It’s his vision and innovativeness that have catapulted Champion up the ranks to become a $100M+ organization—and one of the most respected solution providers in the industry.


Over the past two decades, Chris has also focused on mergers and acquisitions, as well as innovative product development. He is the original founder and an active member on the Board of Managed Maintenance, Inc., a SAAS provider and consulting firm that utilizes their award-winning One-View Portal to help the IT Channel and its customers manage their IT Maintenance.


Chris is also the original founder and chief strategist behind one of the original storage cloud providers, Storage Access / BluePoint. During the course of a few short years, he had raised $20M and took that company public on the Toronto Stock Exchange. It has since been acquired by Pomeroy.


In 2012, Chris led the acquisition of MessageOps and continued the product development and worldwide launch of its premier SAAS, 365 Command. Built on Microsoft Azure, 365 Command is currently managing over 1 million seats of Microsoft’s Office 365. After achieving this phenomenal milestone, 365 Command and other MessageOps O365 utilities were sold to Kaseya.


Over the past 35 years, Chris as worked tirelessly to not only advance his own career, but those of his employees. In addition to leading a $100M organization, Chris can also be found sitting with sales teams, cold calling and coaching, and validating why Champion has been listed on Best Places to Work by both South Florida Business Journal and Computerworld.

Ultimately, the success garnered by Champion Solutions Group, its associated companies, and their employees is due in large part to the leadership of its President and CEO. Perhaps the most fitting award Chris has earned is South Florida Business Journal’s 2013 Ultimate CEO Award.