BigFix(R) Strengthens Customer Business Operations, Security, and Compliance With New Offering

BigFix, a leading provider of enterprise security configuration management solutions, has announced the BigFix Vulnerability and Security Configuration Management Suite, a comprehensive, single-agent, single-point-of-management approach to integrating multiple IT vulnerability and configuration detection, analysis, remediation and management functions. By aggregating a complete array of vulnerability management services on a single shared infrastructure, the BigFix solution helps customers remediate vulnerabilities quickly and surgically regardless of whether the vulnerability impacts only a few computers or strikes enterprise-wide, while at the same time reducing IT infrastructure management cost and complexity.

IT organizations and executives recognize that failing to rapidly find and fix vulnerabilities can disrupt business operations and interfere with attainment of compliance requirements. Furthermore, piecemeal approaches that address only individual sources of vulnerabilities -- antivirus/anti-spyware client management, asset discovery, network access control, policy enforcement, software configuration and patch, etc. -- may require redundant infrastructure, can be complex to administer and often result in inconsistent coverage of vulnerability risks.

"TRW has over 200 locations and more than 25,000 desktop and mobile PCs, so we require a comprehensive vulnerability management solution with the breadth of offerings and proven scalability to meet our needs. With our deployment of BigFix, we were able to automatically find and remove many types of vulnerabilities, which enables us to keep running without interruption even as we make IT changes to keep up with the pace of change in our business," said Joe Drouin, CIO at TRW Automotive.

The BigFix Vulnerability and Security Configuration Management Suite offers a feature-rich solution that:

-- Enables IT to quickly discover assets, configurations, and

vulnerabilities;

-- Provides ongoing control of managed computing assets to fix

vulnerabilities; and

-- Continually enforces secure configurations.

Furthermore, to reduce complexity and cost while improving the effectiveness of vulnerability and configuration management services, the BigFix solution delivers multiple capabilities using a single intelligent agent that helps reduce vulnerability risk windows from days or weeks to minutes.

"IT security organizations should implement a vulnerability management process that includes a vulnerability assessment and a security configuration baseline. The root cause of vulnerabilities should be identified and eliminated through improvements in network, server and PC configuration polices and better change management and administrative processes," commented Mark Nicolett, vice president of research at Gartner in his research report*.

Solution features and Benefits Overview

The BigFix Vulnerability and Security Configuration Management Suite includes:

-- Full spectrum multi-vulnerability, multi-platform coverage:

Addresses a wide range of vulnerability issues including viruses,

worms, spyware, network access control, rogue asset detection,

software patch for multiple client hardware/software platforms

including Microsoft Windows, Unix, Linux and Mac OS X.

-- Asset discovery: Allows customers to discover unmanaged computers

and rogue wireless access points that could introduce vulnerabilities

into enterprise networks.

-- Security standards and best practices, including configuration

compliance templates and baselines: Helps organizations to achieve

enterprise-wide compliance with accepted configuration and compliance

standards based on best practices identified by BigFix, the SANS

Institute, Microsoft, and emerging standards such as those defined

by the National Institute of Standards and Technology (NIST).

-- Client compliance for network access control: Helps protect customer

networks by providing configuration visibility, compliance

assessment, and automatic remediation in cooperation with Cisco

Network Admission Control (CNAC), Microsoft Network Access Protection

(NAP), and other leading network quarantine products.

-- Vulnerability assessment and remediation: Helps IT departments

assess and remediate operating system and application vulnerabilities

and configuration issues that may disrupt operational continuity.

Detects and remediates vulnerabilities identified by the SANS

Institute and over one thousand vulnerabilities included in a

consensus library standard sponsored by the Department of Homeland

Security US-CERT organization.

-- Vulnerability prioritization: Helps administrators prioritize

remediations based on administrators' view of assets' criticality to

the business. This also provides vulnerability severity information

as defined by the Common Vulnerability Scoring System (CVSS) for

thousands of OS, configuration, and application vulnerabilities on

Windows, Unix and Linux computers.

-- Endpoint security: Helps protect the network and distributed

computing assets whether off or on the network through continuous

monitoring and immediate vulnerability remediation at the endpoint.

Includes anti-spyware, antivirus, patch management, personal firewall

management, and the ability to disable use of removable drives,

wireless and other networking cards, USB devices, removable disks, CD

readers/writer drives, serial devices and parallel devices.

-- Expanded patch management support: Helps reduce

windows-of-vulnerability through automated distribution of

pre-packaged and pre-tested patches. Includes enhanced support for

Linux systems.

"Despite heightened awareness about the business impact of security vulnerabilities, companies still face significant financial losses and regulatory risks due to existing approaches that are expensive and difficult to use, or cannot provide the real-time visibility and control required to keep pace with new threats," said George Kellar, chief marketing officer, BigFix, Inc. "BigFix Vulnerability and Security Configuration Management Suite helps our customers meet security needs by providing a scalable, easy-to-deploy solution to rapidly discover and remove vulnerabilities. Our single architecture approach results in a more resilient and reliable IT infrastructure at lower cost, and improves security and compliance with regulatory and organizational policies."

BigFix Customer Value Proposition

Founded in 1997, BigFix provides comprehensive and innovative vulnerability and security configuration management solutions for real-time visibility and control of computers across the distributed enterprise. BigFix solutions are proven in production at more than 500 enterprises, government agencies and public sector institutions worldwide and currently manage over 5,000,000 servers, desktop workstations, and mobile laptops.

The company has received numerous awards and industry recognitions, including the 2005 Codie Award for Best Security Product and the SC Magazine Best New Security Solution for 2004.

Availability

The BigFix Vulnerability and Security Configuration Management Suite will be available in March 2006.

About BigFix, Inc.

BigFix enables organizations to better manage their global IT infrastructures with solutions to discover, analyze, change and maintain security and software configurations faster and more accurately, resulting in improved processes, greater visibility, better security and more reliable services while reducing costs. For more information, visit http://www.bigfix.com.

*Source: Gartner Core Research Note G00124126, Mark Nicolett, March 1, 2005

NOTE: BigFix and the BigFix logo are trademarks of BigFix, Inc. Other trademarks, registered trademarks and service marks are property of their respective owners.

Related Articles

• IBM Delivers Advanced Search and Business Insight Framework to Open Source Community
  Wednesday, 25 January 2006



• Email Marketing Pitfalls: Even Profitable Email Campaigns are Damaging your Business Reputation and Valuable Brand Name.
  Monday, 23 January 2006



• New Neoware Thin Clients Address Key Customer Requirements
  Friday, 20 January 2006



• SCO Exhibits MySQL on SCO OpenServer and Digital Services Leadership at Retail Industry's Largest Show
  Tuesday, 17 January 2006



• Symark Maximizes New Revenue Potential Within Its Existing Customer Base Using Sage CRM SalesLogix
  Saturday, 14 January 2006



• Coverity Selected in Department of Homeland Security Software Initiative
  Saturday, 14 January 2006



• Oracle Sets New World Record with SAP Business Information Warehouse Standard Application Two-Tier Benchmark on Fujitsu Siemens Computers PRIMEPOWER
  Tuesday, 10 January 2006



• London Business School Launches New Center for Corporate Governance
  Monday, 9 January 2006



• Apache Declares Cash Dividends on Common and Preferred Shares
  Sunday, 1 January 2006



• Boeing Delivers First Apache Combat Helicopter for Japan and Lockheed Martin Prepares to Deliver Two More New C-130J Aircraft
  Tuesday, 27 December 2005



• Run Your Own Web Server Using Linux & Apache -- SitePoint's Latest Release
  Sunday, 18 December 2005



• Alcatel Selects MySQL Cluster for its Multi-Access Data Server Platform
  Monday, 5 December 2005



• Business Objects and Red Hat Sign Global Technology Partner Agreement
  Tuesday, 29 November 2005



• MARVELit, a Leading Open Source Business Intelligence Vendor, to Integrate and Support IBM's WebSphere Application Server Community Edition
  Saturday, 19 November 2005



• Follow Oneir Solutions Into a World Where Linux and Windows Work Hand-In-Hand to Make Your Business Dreams Reality
  Friday, 18 November 2005