Ibm Bigfix Placement Papers - Ibm Bigfix Interview Questions and Answers updated on 02.Mar.2024

Yes. Click Import Options under Datasource in the Control Panel, and click Run Now, or wait for the next scheduled import. Some changes to the catalog require that you Reset Import Sequences, accessible on the Import Options tab of the Control Panel.

For medium to larger size deployments, the main limiting factor is most likely going to be the CPU. As long as it is something running quad cores, the machine should be able to handle all of the management extender tasks.

The default CPU usage settings are optimized to avoid using too much CPU on your server. You can expect the BigFix client to use at most 2% of the CPU, calculated based on a single processor, so if you have multiple processors, the overall % of agent CPU is reduced significantly.

The BigFix icon will appear on the System Tray (Windows) or Menu Bar (Mac OS X. The BigFix Client will run in the background and report the initial status of your system to the BigFix Server. If the system needs patching, you will be prompted to accept the patching task. You can defer the task, but if the task is deferred for too long, the patching task window will stay in the foreground, and you will not be able to dismiss it. The system will reboot after the patching task has completed. If the system is significantly behind in patching, multiple reboots may be necessary. BigFix will run in the background, consuming minimal CPU resources, periodically checking in with the server to provide ongoing updates of the system status as well as check for new tasks.

The algorithm for determining if two scanned devices match is as follows:

  1.     if they both have mac addresses that are equal, then they match
  2.     if they both have hostnames that are equal, then they match
  3.     if they have neither mac address information nor hostname information, then they match if their ip addresses match

Finally, if the newly scanned asset does not match on any of the above, it will be considered a new asset.

The Android Agent (IBM Mobile Client app) will have no knowledge of the code page (language) of the TEM Deployment, even after it is enrolled. The current IANA client setting on Android devices defaults to English (Windows-1252), unless it is configured. If this setting is not the same as the TEM deployment, data sent from the Android devices may be unreadable even if the devices have the same code page (language) as the TEM deployment.

To set the IANA Client setting automatically for all Android devices upon enrollment, create a policy action from the Android Device Language Setting wizard. Click Create Policy Action.

The list below highlights the currently supported languages/IANA settings:

ENU - windows-1252

CHS - gh2312

JPN - Shift_JIS

ESN - windows-1252

ITA - windows-1252

FRA - windows-1252

DEU - windows-1252

CHT - big5

KOR - ks_c_5601-1987

Check that you have the following items setup:

  1.    The TEM agent is installed on each of the machines targeted by the offline patch window.
  2.    A patch window is set through the offline patch window dashboard.
  3.    The Enforce Offline Patch window task is set as a policy action.

ITAM stands for information technology asset management, which includes an accounting of all IT assets, such as hardware, software, network facilities, telecommunications, and digital assets. SAM, on the other hand, stands for software asset management, a practice that primarily focuses on the “software” asset area of ITAM.

The BigFix client is common for all IBM products that are based on the BigFix platform, and it is used to perform multiple tasks on the endpoints. The client provides information about a set of computer properties like the host name or the IP address, and it is a tool that is used to install the scanner on the computers, and manage the scanner through fixlets.
The scanner, on the other hand, is an independent component that is used by LMT/BFI. It collects information about the hardware and software that is installed on the computers in your infrastructure. The data that is then sent to the BigFix server, can be imported to the LMT/BFI server.

The device refresh interval should be at least 5 minutes. On a medium to large size deployment, this refresh interval time should be set to 15 minutes or beyond. The Enforce Management Extender policy action should be set to however long it takes to run a substantial amount of TEM actions before it is forced to power down. The maximum time limit that can be set is an hour long.

Yes. You can have two different management extenders on the same relay, but they cannot be the same type of extender. For example, you could have iOS and Lotus Traveler extenders on the same relay, but not two iOS extenders.

Check to see if you are at the maximum number of concurrent running machines. That setting can be found by default in this directory: C:Program Files BigFix Enterprise Management Extender Plugins VMware ESXi Patch Windows. For 64-bit systems, it is found in C:Program Files BigFix Enterprise Management Extender Plugins VMware ESXi Patch Windows. The number inside represents the number of concurrently running virtual machines per host. If the number is at the limit that was initially set, consider setting a higher concurrent virtual machine number.

The vCenter plug-in grabs data directly from the VMware APIs and then trlates them into TEM properties. However, because a lot of these fields are set by the user, sometimes they can mismatch what gets reported in the TEM Agent. For example, it is possible to set the Guest Operating System version to be something very different from what is actually installed on virtual machine.

Having visibility into all devices on the network is critical to protecting UCSF data and computing resources. This will provide UCSF IT with an accurate inventory of what devices are on the network, their patch status, and to whom they belong. Unknown or unidentified (i.e. unregistered) devices on the UCSF network are a risk to every other device on the UCSF network and will be subject to removal from the UCSF network.

Very often, license regulators initiate software license investigations based on consumer leads. Each association and agency has their own criteria. To learn about these and how to keep your enterprise protected, check their individual websites.

Any number of things could cause this behavior – for example:

  1.     The asset has been deleted and ignoredeletedassets is set to 1 in the registry (HKLMSOFTWAREBigFixEnterprise ServerAssetDiscoveryNMAP)
  2.     The asset has become managed, then unmanaged from scan to scan.
  3.     Firewall policies changed on said workstations from scan to scan.

If you scan one asset that is unmanaged – that asset will be stored in the database and appear in the unmanaged assets table. If you scan the same asset when it is down (e.g. that IP is unresponsive to ping), it will still persist in the unmanaged asset table. If the asset is scanned once again, it will again, still remain in the table but have an updated last scan time.

No. SUA processes and applications are designed as a tool to protect your enterprise in the event of an audit, and to ensure your ongoing compliance.

Perform an internal audit on how much your organization currently spends on the ongoing maintenance of software asset management and software publisher license compliance. Create before and after metrics to track how much the automation of your SUA application is saving you overall in terms of direct costs, labor costs, and maintenance.

The BigFix client will not harm your PC or uninstall your applications. In a very small number of incidents (less than 1%), BigFix may be incompatible with an application and cause some minor issue. We will work with you to resolve these as issues as necessary.

Tivoli Endpoint Manager Configuration Management assesses servers, laptops, and desktops against a predefined set of configuration standards such as DISA STIG (Standard Technical Implementation Guides) and FDCC (Federal Desktop Core Configuration). Tivoli Endpoint Manager can also support configuration standards from NIST, NSA, and other standards organizations. Regulatory compliance regulations such as FISMA, PCI, and others can be supported by using the standard configuration controls provided through the Tivoli Endpoint Manager across Windows and UNIX environments.

The Tivoli Endpoint Manager Confirmation Management solution is designed to be flexible. However, the remediation functionality on both Windows and UNIX is limited to specific configuration settings. In some cases, there are controls that cannot be remediated. The parameter functionality on both Windows and UNIX is also limited to specific configuration settings. Similar to remediation, not everything can and must be parameterized.

Check to see that a TEM agent is installed on each of the machines targeted by the offline patch window. Check to see if you have multiple actions in the action history of the 'Enforce Offline Patch Window task' affecting the same endpoints.

You can import from the Image Library dashboard under Manage Images in the navigation tree. You can manually input operating system, architecture, and size on disk.
Size on disk in this case indicates the extracted size of the .wim file. This is typically about two and a half times the size of the actual .wim file.

The Patches for ESXi content is audit only. In order to resolve ESXi issues, use the VMware Update Manager or download and apply patches manually from the VMware website.

You can use Fixlets 195 and 196 to enable or disable data usage tracking by creating a client setting on a targeted iOS device. To access these Fixlets, click All Mobile Device Management Content from the navigation tree, click Fixlets and Tasks and type the Fixlet number in the search box on the right.

if you disable location tracking on an iOS App, it will also disable the data tracking, which me that the iOS App will not track any data usage.

Yes. The LMT/BFI server should run all the time to process data from endpoints in real time and ensure reporting accuracy. IBM pricing requires the capacity scan to run every thirty minutes on all endpoints for sub-capacity licensing. The capacity sc for up to five days back are kept on the BigFix server. Consequently, the server should not be stopped for a period longer than five days. The last successful software scan from each endpoint is also stored on the BigFix server. If new software sc are executed more than once during server maintenance, not all these sc are processed after restart.

Customers can avoid the need to issue a zero-dollar PO by having their PA/PAE site contact place an order via PA Online. For information on PA Online and management of site contact information, refer to IBM Passport Advantage Online for Customers.

Most simple download products provide little, if any, technical support. They are provided on the "as-is" basis. IBM provides the same support for LMT that we do for our other mission-critical middleware. Even though LMT is a no-charge product offering, an order must be still placed to establish an IBM entitlement record for the license as well as software subscription and technical support.

Designated UCSF IT Staff has access to the administrator controls for BigFix. All access to BigFix, and actions performed within, are logged and regularly audited.

In accordance with the University of California Electronic Communication Policy, administrator rights are limited to professional IT staff that follow industry best practices for system administration, including accessing the minimum amount of data to do their work. The BigFix system is housed in the Data Center with restricted physical access and continuous monitoring. Regular patches are applied to ensure system integrity. Administrator access logs are reviewed regularly to ensure appropriate access.

No, the tools are the same and allow parity and efficiency for reporting on the posture of UCSF security and risk. The same policies and procedures apply to all students, faculty and staff.

Normal machines have a full TEM agent installed on them, with the full standard set of inspectors and actions. Instead of a full TEM agent, proxied machines use APIs to pull back information about devices and feed that information into the console as a computer report. Proxied machines have a more limited set of inspectors and actions.

BigFix, formerly IBM Tivoli Endpoint Manager is software that runs on your computer and collects information about your computer. BigFix collects hardware and software information to help IT inventory devices that are attached to the network. Knowing what is attached to the UCSF network is critical to identify and remediate security vulnerabilities.  At UCSF, registration of desktops and laptops connected to the network is accomplished by installing BigFix.

BigFix will collect system configuration data such as operating system, CPU, RAM, hard drive space, patch status, and list of local accounts on the server. BigFix will not collect any personal data or information, such as browser history or user data, stored on the server. IT will not install patches, or alter files, without consulting with the system owner. However, IT reserves the right to disconnect servers from the network or install patches if the system owner has not responded in a timely manner.

You might see that items were deleted when you look at the Audit Log under Catalog Tools in the left pane of the Software Catalog tab. Each level in the Catalog hierarchy contains a View Deleted action. Click this link to view and then restore the deleted items.

See the IBM Endpoint Manager for Remote Control Installation Guide for some guidelines for consideration when planning your installation.

When you are adding package data to a software title version,Note field to indicate the package datasource (property) that this data comes from.

BigFix is a widely used system management tool with a proven track record to not interfere other server processes. UCSF has experienced running BigFix on tens of thousands of desktops and hundreds of servers over the past few years with minimal issues.

Ideally you have one domain user account with the following permissions:

  1.     Permission to install the application on your SUA server.
  2.     Permission to connect to your database server and create databases.
  3.     Permission to connect to your IBM Endpoint Manager database and read data.
  4.     Permission to read data from the IBM Endpoint Manager server upload manager directory.