Jump to main content
HCL Logo Product Documentation
Customer Support HCLSoftware U Community Forums Customer Idea Portal
BigFix Platform
  • BigFix Documentation Homepage
  • BigFix V9.5 Platform Documentation
  • Getting Started
  • Platform guides in PDF format
  • Detailed system requirements
  • HTTPS across BigFix applications
  • Installation Guide
  • Configuration Guide
  • Console Operator's Guide
  • Asset Discovery User's Guide
  • Web Reports Guide
  • Glossary
  1. Home
  2. Configuration Guide

    Learn how to configure BigFix according to your needs.

  3. Configuring secure communication

  4. Customizing HTTPS on Web Reports

 Go to Feedback
  • Configuration Guide

    Learn how to configure BigFix according to your needs.

    • Introduction

      This guide explains additional configuration steps that you can run in your environment after installation.

    • BigFix Site Administrator and Console Operators

      In BigFix there are two basic classes of users.

    • Integrating with LDAP

      You can add Lightweight Directory Access Protocol (LDAP) associations to BigFix.

    • Enabling SAML V2.0 authentication for LDAP operators

      Starting from Version 9.5.5, BigFix supports SAML V2.0 authentication via LDAP-backed SAML identity providers.

    • Using multiple servers (DSA)

      Here are some of the important elements of multiple server installations:

    • Server object IDs

      The BigFix server generates unique IDs for the objects that it creates: Fixlets, tasks, baselines, properties, analysis, actions, roles, custom sites, computer groups, management rights, subscriptions.

    • Customizing HTTPS for Gathering

      You can gather license updates and external sites by using the HTTP or HTTPS protocol on a BigFix server or in an airgapped environment.

    • Configuring secure communication

      • Configuring custom certificates

        Things to consider when configuring custom certificates.

      • Customizing HTTPS on Web Reports

      • Customizing HTTPS on REST API

        The BigFix root server is configured to use HTTPS by default when it gets installed and creates its own certificate during the installation. If you want to replace it, you need to configure HTTPS manually.

    • Real Time AV Exclusions

      BigFix Console, Server and Relay components of the architecture perform high volume file operations.

    • Downloading files in air-gapped environments

      In air-gapped environments, to download and transfer files to the main BigFix server, use the Airgap utility and the BES Download Cacher utility.

    • Getting client information by using BigFix Query

      The BigFix Query feature allows you to retrieve information and run relevance queries on client workstations from the WebUI BigFix Query Application or by using REST APIs.

    • Persistent connections

      Starting from Patch 11, the capability to establish persistent connections was added to the product.

    • Relays in DMZ

      Starting from Patch 13, the capability to establish a persistent TCP connection between the parent relay in the more secure zone and its child relay inside the DMZ network was added to the product. This allows you to manage systems in a demilitarized zone (DMZ network).

    • Working with PeerNest

      The BigFix client includes a new feature named PeerNest, that allows to share binary files among clients located in the same subnet. The feature is available starting from BigFix Version 9.5 Patch 11.

    • Archiving Client files on the BigFix Server

      You can collect multiple files from BigFix clients into an archive and move them through the relay system to the server.

    • BigFix Configuration Settings

      A number of advanced BigFix configuration settings are available that can give you substantial control over the behavior of the BigFix suite. These options allow you to customize the behavior of the BigFix server, relays, and clients in your network.

    • Additional configuration steps

      These topics explain additional configuration steps that you can run in your environment.

    • Migrating the BigFix Server (Windows/MS-SQL)

      This section details the steps and operational procedures necessary for migrating the BigFix Server from existing hardware onto new computer systems.

    • Migrating the BigFix Server (Linux)

      This section provides basic information on migrating your BigFix Server from existing Linux hardware onto new systems.

    • Server audit logs

      Starting with BigFix version 9.5.11, the server audit logs include the following items:

    • List of advanced options

      The following lists show the advanced options that you can specify in the Advanced Options tab of the BigFix Administrative tool on Windows systems, or in the BESAdmin.sh command on Linux systems using the following syntax:

    • Security Configuration Scenarios

      BigFix provides the capability to follow the NIST security standards by configuring an enhanced security option.

    • Client Authentication

      Client Authentication extends the security model used by BigFix to encompass trusted client reports and private messages.

    • Maintenance and Troubleshooting

      If you are subscribed to the Patches for Windows site, you can ensure that you have the latest upgrades and patches to your SQL server database servers.

Customizing HTTPS on Web Reports

For details about how to customize HTTPS on Web Reports, see Customizing HTTPS on Web Reports.

  • Share: Email
  • Twitter
  • Disclaimer
  • Privacy
  • Terms of use
  • Cookie Preferences