© 2015 IBM Corporation

IBM SecurityEndpoint Manager- BigFix

Daniel Joksch

Security Sales

2© 2015 IBM CorporationIBM Internal & BP use only

Establish security as an immune system

Application securitymanagement

Application scanning

Incident and threat management

Device management

Transaction protection

Log, flow anddata analysis

Vulnerabilityassessment

Security research

Sandboxing

Firewalls

Anomaly detection

Antivirus

Fraud protection

Criminal detection

Network visibility

Virtual patching

Content security

Data access control

Data monitoringIdentity management

Access managementEntitlements and roles

Privileged identity management

Endpoint patching and management

Malware protection

3© 2015 IBM CorporationIBM Internal & BP use only

Global Threat Intelligence

Consulting Services | Managed Services

Cloud

Establish security as an immune system

Firewalls

Incident and threat management

Virtual patching

Sandboxing

Network visibility

Data access control

Data monitoring

Malware protection

Antivirus

Endpoint patching and management

Criminal detection

Fraud protection

Security Research

Access management

Entitlements and roles

Identity management

Privileged identity management

Application securitymanagement

Application scanning

Transaction protection

Device management

Content security

Log, flow and data analysis

Vulnerabilityassessment

Anomaly detectionSecurity

Intelligence

4© 2015 IBM CorporationIBM Internal & BP use only

Global Threat Intelligence

Consulting Services | Managed Services

IBM has the world’s broadest and deepest security portfolio

QRadar Risk Manager

QRadar Incident Forensics

SiteProtector

Network Protection XGS

Key Lifecycle Manager

Guardium

zSecure

BigFix

Trusteer Apex

MaaS360

Trusteer Mobile

Trusteer Rapport

Trusteer Pinpoint

IBM SecurityResearch

Identity Manager

Access Manager

Identity Governance and Intelligence

Privileged Identity Manager

DataPower Web Security Gateway

AppScanSecurity

Intelligence

Cloud

Cloud Security Enforcer

QRadar SIEM

QRadar Vulnerability Manager

QRadar Log Manager

© 2015 IBM Corporation

IBM BigFix

6© 2015 IBM CorporationIBM Internal & BP use only

Siloed IT Operations and Security Teams

IT OPERATIONS

• Deploy/Remove software, apply patches

and fixes

• Implement security and operational policy

• Manual process takes weeks / months

IT SECURITY

• Scan for compliance status

• Create security policies

• Identify vulnerabilities

Disparate tools, manual processes, lack of integration and narrow visibility

7© 2015 IBM CorporationIBM Internal & BP use only

IBM BigFix: Bridge the gap between Security and IT Ops

ENDPOINT SECURITY

Discoveryand Patching

Lifecycle Management

Software Compliance and Usage

ContinuousMonitoring

ThreatProtection

IncidentResponse

ENDPOINT MANAGEMENT

IBM BigFix®

FIND IT. FIX IT. SECURE IT.

…FAST

Shared visibility and control

between IT Operations

and Security

IT OPERATIONS SECURITY

Reduce operational costs while improving your security posture

8© 2015 IBM CorporationIBM Internal & BP use only

IBM BigFix Platform Elements

Single Intelligent Agent• Continuous self-assessment

• Continuous Policy enforcement• Minimal system impact (<2% cpu)

Single Server & Console• Highly secure, highly available

• Aggregates data, analyzes & reports• Manages >250k endpoints

Powerful policy language (Fixlets)• Thousands of out-of-the-box policies

• Best practices for ops and security

• Simple custom policy authoring

• Highly extensible / applicable across all platforms

Virtual Infrastructure• Designate any TEM agent a relay or scan point

• Built-in redundancy

• Leverage existing systems/ shared infrastructure

An existing TEM managed asset can become a relay in

minutes

8

9© 2015 IBM CorporationIBM Internal & BP use only

Heterogeneous Platform Support (Managed Assets)

Microsoft Windows

Windows XP - 10, Server 2000 – 2012 R2

SUSE Linux Enterprise

Red Hat Enterprise Linux

CentOS

Ubuntu

Oracle Enterprise Linux

Solaris

IBM AIX

HP-UX

Mac OS X

VMWare ESX

Linux on System z

Visibility into any IP enabled device through network scanning enabled in any

TEM managed asset (Unmanaged Assets)

9

IBM BigFix Supported OSes

10© 2015 IBM CorporationIBM Internal & BP use only

IBM BigFix – Unified Management and Security

Lifecycle Inventory Patch Compliance Protection

Everything from

provisioning and

SW distribution

to patching and

remote control

of Win, Mac and

*nix endpoints

Identify what

software is

installed and how

its used to reduce

costs and

increase

compliance

Compress patch

cycles to

minutes/hours

with 98-99% first-

pass success

Ensure

continuous

compliance of

security,

operational and

regulatory policies

Real-time protection

from viruses, Trojan

horses, spyware,

rootkits, and other

malware. Device

control and data loss

prevention available

IT OPERATIONS SECURITY

IBM BigFix®

FIND IT. FIX IT. SECURE IT… FAST

11© 2015 IBM CorporationIBM Internal & BP use only

Patch Management – content and process benefits

11

Review of MS

Patch

Tuesday and

other source

analysis

Publish related

Patch Fixlets

content on IBM

site

Patch Fixlet

content streamed

to TEM Server

and to Agents

accordingly

Patch Fixlet

Relevance

check and

reporting

Take Action on

Patch Fixlets for

relevant target

computers

Publish related

Patch Fixlets

content on IBM

site

12© 2015 IBM CorporationIBM Internal & BP use only

98% patch and update compliance rate on 4,000+ workstations

with 50% reduced labor costsInfirmary Health System

Continuous security configuration compliance Accurate, real-time visibility and continuous security configuration enforcement

BigFix was designed for Continuous Compliance!

Continuous compliance “set and forget”

• No high-risk periods

• Lower total cost

• Continued improvement

• Identify and report on any configuration drift

Traditional compliance “out of synch”

• High-risk and cost periods

• Manual approach causes endpoints

to fall out of compliance again

Traditional versus Continuous

Time

Co

mp

lian

ce

ContinuousTraditional

RISK

13© 2015 IBM CorporationIBM Internal & BP use only

Why Gartner has recognized IBM as a Leader

Magic Quadrant for Client Management Tools

Note: This Magic Quadrant graphic was published by Gartner, Inc. as part

of a larger research note and should be evaluated in the context of the entire report.

The Gartner report is available upon request from IBM. G00264801.

Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest

ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed

or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Gartner Magic Quadrant ReportJune 2015

LEADER - Four Years in a ROW!!

Analyst(s): Kevin Knox, Terrence Cosgrove

Link to Gartner MQ report

Why Clients Select BigFix over Competition:

•Less infrastructure = Lower operational and admin costs

•Automation tools = Faster ROI and payback

•Greater visibility = Complete coverage of all endpoints

•Real time visibility and control = Faster time to compliance

•More OOB content = Faster incident response

•Proven industry success and client references of all sizes

© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any

kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor

shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use

of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or

capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product

or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries

or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside

your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks

on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access.

IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other

systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE

IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

THANK YOUwww.ibm.com/security

15© 2015 IBM CorporationIBM Internal & BP use only

IBM BigFix Architecture