SOURCE: BigFix, Inc.

BigFix, Inc.

March 02, 2009 08:00 ET

BigFix Platform Achieves FIPS 140-2 Level 2 Security Certification for Deployment in Government Solutions

BigFix First Security and Systems Management Software Vendor to Meet Stringent National Institute of Standards and Technology (NIST) Encryption Standards

EMERYVILLE, CA--(Marketwire - March 2, 2009) - BigFix, Inc., a leader in high-performance enterprise systems and security management solutions, disclosed that the BigFix Platform has earned the highest possible validation for software products from the U.S. Government's National Institute of Standards and Technology (NIST) by obtaining a Federal Information Processing Standard (FIPS 140-2) Level 2 certification. FIPS 140-2 focuses on encryption, in this case, management communications between BigFix Agent-enabled endpoints and BigFix Servers. BigFix achieved FIPS 140-2 Level 2 validation for 12 Unix, Linux, Mac OS, and Windows operating systems, furthering the company's commitment to enable consolidated any time, any where, any platform management of heterogeneous IT infrastructures.

"The certification makes BigFix the only security and systems management company to receive FIPS 140-2 Level 2 validation for 12 operating systems," said Noah Salzman, Product Manager at BigFix. "This NIST certification paves the way for BigFix deployment in highly secure environments throughout civilian and military agencies throughout the Federal government. This is particularly important at a time when the government intensifies its efforts to protect public data and cyber infrastructure."

John Trauth, President, Technology Systems Division, Merlin International, a BigFix Partner, commented, "The BigFix Platform is designed to meet the unique security and system management needs of high-seat count, widely distributed infrastructures that we support throughout the federal government. The FIPS 140-2 Level 2 certification, combined with BigFix's established support for SCAP, FDCC, DISA STIG, and Common Criteria, ensure that our newly launched Network Infrastructure Optimization (NIFO) solutions for desktop, mobile and server management meet the latest compliance mandates while still maintaining a high level of performance and availability."

DOMUS IT Security Lab performed the FIPS 140-2 Level 2 validation work for BigFix, with their findings certified by NIST. "The FIPS 140-2 Level 2 testing and validation process is highly complex and always a challenge," said Chris Brych, Director, DOMUS IT Security Laboratory. "NIST requires cryptographic modules to be well designed and well documented which only adds to the pressure. Earning this certification is a true testament to the hard work and dedication put forth by both BigFix and DOMUS."

FIPS 140-2, Security Requirements for Cryptographic Modules, is a government standard for cryptographic products and solutions administered by NIST and the Communications Security Establishment Canada (CSEC). By law, U.S. government purchasing agents must purchase products validated for FIPS 140-2 in preference to those that lack this certification. FIPS 140-2 is also required by national agencies in Canada and recognized in Europe and Australia. The financial community uses FIPS 140-2 to measure the safety of products handling monetary transactions.

BigFix is the first IT infrastructure security and systems vendor to achieve FIPS 140-2 Level 2 validation for its products. A complete list of all FIPS validations can be found at

About BigFix

Founded in 1997, BigFix®, Inc. is the leading provider of high-performance enterprise security and systems management solutions. BigFix revolutionizes IT infrastructure management by replacing fragmented collections of single-purpose tools with the industry's only unified visibility and control architecture that consolidates up to 18 security, IT compliance, decision support, and green computing functions. A global portfolio of leading education, financial services, government, healthcare, manufacturing, and retail organizations has installed BigFix on millions of computers. Industry awards and distinctions include multi-year inclusion in the Deloitte Silicon Valley "Fast Fifty" high-growth companies list, recognition as a "Visionary" in the 2009 Gartner PC Lifecycle Management Magic Quadrant, multiple SIIA "Codie" awards, and numerous independent magazine product review "Best Buy" and "Editor's Choice" designations. For more information, visit

© 2009 BigFix, Inc. All rights reserved. All company and product names mentioned herein may be trademarks of their respective companies.

Contact Information

  • Press contact:
    Rosemary Wilson
    Citigate Cunningham for BigFix, Inc.
    Email Contact