SOURCE: BigFix, Inc.

October 17, 2007 12:00 ET

BigFix Expands SCM Best Practices and Security Standards Libraries for Windows and UNIX

BigFix 7.0 Customers Gain Access to Ready-to-Deploy CIS, NIST and DISA STIG Policy Content

EMERYVILLE, CA--(Marketwire - October 17, 2007) - BigFix Inc., a leader in real-time IT security and management solutions for the distributed enterprise, announced it will provide expanded security configuration management (SCM) best practice baselines in its BigFix Discovery 7.0 platform, which will include pre-packaged policy content to support IT industry and U.S. government sponsored standards. The BigFix policy content, packaged as user-customizable BigFix Fixlet™ messages, shorten time-to-compliance information security standards and best practices. Both public sector and private industry organizations follow these best practices, either to comply with formal requirements or to better leverage information security knowledge.

BigFix Discovery 7.0 will provide ready-to-deploy support for DISA STIG (Defense Information Security Administration Security Technical Implementation Guide), NIST (the National Institute of Standards Technology) guidelines, and CIS (the Center for Internet Security) configuration templates. These leading government and industry standards bodies develop and encourage the widespread use of SCM benchmarks through a global consensus process involving participants from the public and private sectors. In addition to providing SCM best practice baselines, BigFix 7.0 enables enterprises to preempt threats and lower risk levels by deploying a wide spectrum of defenses -- anti-virus, anti-spyware, firewall, asset discovery, vulnerability management, software patch, data leak prevention, network access control, etc. -- in a consolidated, massively scalable, real-time visibility and control platform.

"Large, highly distributed organizations not only need real-time visibility and control of their on- and off-network endpoints, they need guidelines on the most secure and 'approved' approach to configuring those endpoints," said Dave Robbins, BigFix president and CEO. "They want to align and audit internal practices with recommendations and requirements of leading standards bodies to stay current with changing threats and newly discovered vulnerabilities. The BigFix SCM Fixlet message libraries reduce cost, complexity, and latency in shoring up IT infrastructures against a multitude of security threats."

BigFix Discovery 7.0 will provide comprehensive SCM settings that will enable customers to successfully manage the security configurations in their Windows and UNIX environments. BigFix 7.0 will include a defined set of dashboards, reports, and analyses to provide customers visibility into these standards. Customers can apply the industry standards as defined or customize the controls to meet their specific organizational requirements. If additional controls are required, BigFix has the capability to add new controls into the framework and easily deliver them to customers.

The CIS, NIST and DISA best practices libraries join several new features and capabilities in BigFix Discovery 7.0, a real-time visibility and control, security and system management platform. These include new business continuity/high availability support features, help desk/remote control functions, and expanded virtualization support. The best practices libraries represent a significant addition to ready-to-deploy content already available to BigFix customers, which includes software patches and updates, vulnerability fixes, and special-purpose policy libraries.

"The SCM best practice libraries are another way that BigFix is leading the industry to comprehensive, correlated information security programs," said Amrit Williams, BigFix chief technology officer. "To preempt threats and lower risk levels, enterprises need to deploy a wide spectrum of defenses and integrate these defenses through consolidated deployment, visibility, and management. We've seen a lot of imitators enter the market this fall with what they claim are unified security suites, but BigFix provides the first and only real-time, single-agent, single-infrastructure approach to delivering information security defense in depth and at massive scale."

About BigFix

Founded in 1997, BigFix® Inc. offers the only converged IT security and operations platform that enables real-time visibility and control of globally distributed desktop, mobile and server computers. BigFix enables large-scale enterprises to continuously enforce IT security, IT policy compliance, and systems management on all computers, anytime, anywhere. Designed for highly distributed and complex IT infrastructures, BigFix delivers real-time endpoint visibility and control through its single-agent, multi-function, on-demand architecture. Its award-winning technology is proven in production at more than 600 companies, government agencies, and public sector institutions worldwide, and currently manages over 7,000,000 desktop and mobile clients, workstations, and servers. More information can be found at

Contact Information

  • Rosemary Miller
    Citigate Cunningham for BigFix, Inc.
    Email Contact