IBM BigFix

Patch Management

PoC Report – Tokio Marine Life Insurance

Dimas Wibisono | Solutions Architect

 Goals

1. Support patch untuk Windows dan RHEL OS

2. Filtering fixlet
3. Automatic grouping client by OS
4. Scheduling patch
5. Notifikasi email terkait sukses atau gagal dalam deploy patch
6. Schedule email report

2 IBM Security
 1. Supported Microsoft Windows 7, 10 (all variant), Linux Redhat, CentOS, SUSE Ya

The following supported operating systems for the patch content :

https://www.ibm.com/software/reports/compatibility/clarity-reports/report/html/softwareReqsForProduct?deliv
erableId=8E6CD460A43F11E5B45ECE73969C6316&osPlatforms=AIX|Linux|Mac%20OS|Solaris|Windows&
duComponentIds=A004&optionalCapIds=26

Third-party applications patch content available for:

- Mac OS X
https://www.ibm.com/support/knowledgecenter/en/SS6MER_9.5.0/com.ibm.bigfix.patch.doc/Patch/Patch_M
acOSX/c_supported_os_and_applications.html

- Windows
https://www.ibm.com/support/knowledgecenter/en/SS6MER_9.5.0/com.ibm.bigfix.patch.doc/Patch/Patch_Wi
ndows/c_system_requirements.html

3 IBM Security
 2. Filtering fixlet Ya

IBM BigFix dapat melakukan filtering fixlet untuk mempermudah dalam pembuatan baseline dan take
action.

4 IBM Security
 3. Auto grouping client by OS Ya

IBM BigFix mampu untuk grouping device by OS untuk memudahkan dalam melakukan pengecekan
terhadap jumlah client tertentu.

5 IBM Security
 4. Scheduling patch Ya

IBM BigFix dapat melakukan otomatis patch dengan melakukan scheduling pada baseline yang akan di
eksekusi untuk melakukan patch.

6 IBM Security
 5. Notifikasi email terkait sukses atau gagal dalam deploy patch Ya

IBM BigFix dapat melakukan notifikasi email dengan menambahkan task untuk notifikasi email apabila
patch berhasil atau gagal.

7 IBM Security
 6. Schedule email report Ya

IBM BigFix dapat mengirimkan report dari hasil patch yang sudah dilakukan dan dapat meng-custom hasil
report seperti yang diinginkan. Sebagai contoh by CVE.

8 IBM Security
Gartner has recognized IBM as a leader
Magic Quadrant for Client Management Tools LEADER - Four Years in a ROW!!

Gartner Magic Quadrant Report

June 2015

Analyst(s): Kevin Knox, Terrence Cosgrove

Link to Gartner MQ report

Note: This Magic Quadrant graphic was published by Gartner, Inc. as part
of a larger research note and should be evaluated in the context of the entire report.
The Gartner report is available upon request from IBM. G00264801.

Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest
ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed
or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

9 IBM Security
 The Collaborative Endpoint Security and Management Platform
IT SECURITY
IBM BigFix
IT OPERATIONS

IBM BigFix
FIND IT. FIX IT. SECURE IT… FAST

Compliance Lifecycle Inventory Patch

Continuous policy enforcement Software patching, Audit authorized and Automated patching with high
and reporting distribution and provisioning unauthorized software first pass success

• Asset discovery • Asset discovery • Software / hardware inventory • OS patching

• Patch management
• Query
• Security configuration management
• Vulnerability assessment
• Compliance analytics
• Third-party anti-virus management
• Self quarantine
• Add-on: PCI DSS
• Patch management • Software usage reporting • Third-party application patching
• Software distribution • Software catalogue correlation • Offline patching
• Query • ISO 19770 software tagging
• Advanced patching / Task
Automation
• Remote control
• OS deployment
• Power management
• Self-Service App & Profile
Management

10 IBM Security
 An integrated and intelligent security immune system
Indicators of compromise SECURITY ECOSYSTEM
Malware analysis
Threat sharing
Endpoint detection Network forensics and threat management
and response Firewalls
Endpoint patching THREAT Sandboxing
and management INTEL Virtual patching
Malware protection
Mainframe security Network visibility and segmentation
ENDPOINT NETWORK
Security analytics
Vulnerability management
Threat and anomaly detection

Transaction protection
SECURITY Fraud protection
Device management ADVANCED
MOBILE ORCHESTRATION
Content security FRAUD Criminal detection
& ANALYTICS

User behavior analytics

Incident response
Threat hunting and investigation
IDENTITY
APPS
Application & ACCESS Privileged user management
scanning Identity governance and administration
Application Access management
security management DATA
IDaaS

Data protection
Data access control

11 IBM Security
 IBM Security Immune System
THREAT INTELLIGENCE SECURITY ECOSYSTEM
X-Force Exchange App Exchange
SECURITY Malware Analysis
TRANSFORMATION
SERVICES
• Management consulting
ENDPOINT NETWORK
• Systems integration
BigFix QRadar Incident Forensics
• Managed security zSecure QRadar Network Insights

SECURITY ORCHESTRATION
& ANALYTICS

MOBILE ADVANCED FRAUD

MaaS360 Trusteer

QRadar | Watson | Resilient | i2

APPLICATIONS IDENTITY & ACCESS

AppScan Identity Governance and Access
Application Security Cloud Identity
on Cloud

DATA
Guardium | Multi-cloud Encryption | Key Manager

12 IBM Security
13 IBM Security
14 IBM Security
 Questions?

15 IBM Security
THANK YOU
FOLLOW US ON:

ibm.com/security

securityintelligence.com
xforce.ibmcloud.com

@ibmsecurity

youtube/user/ibmsecuritysolutions

© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's
current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both.
Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered,
destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be
completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems,
products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.