Article

IBM to acquire BigFix for configuration, vulnerability management

by Robert Westervelt, News Director

IBM has entered into an agreement to acquire configuration and vulnerability management vendor BigFix Inc. in a deal that the company says will bolster its data center software business with endpoint protection services.

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

[Tivoli is] more focused on servers and data center level things when it comes to configuration management and compliance, instead of the wider range of devices that BigFix applies to.
,

Terms of the deal were not disclosed. IBM said it will integrate BigFix into the IBM Software Group adding endpoint management capabilities to its portfolio of data center management software.

Emeryville, Calif.-based BigFix specializes in software that detects devices that fail to meet corporate IT policies. BigFix uses agents to detect devices that don't have the latest antivirus, antimalware signatures or other vendor patches and aren't configured properly to operate on the network.

The BigFix software can recommend security fixes and timely software updates to 500,000 machines in a matter of minutes, said Al Zollar, general manager of IBM Tivoli software. Zollar called security and vulnerability management a high growth segment for IBM.

"[Our customers] are really worried about the risk associated with these endpoint devices and looking to do things that really work to protect themselves," Zollar said. "BigFix intelligence gives the kind of visibility, control and automation that our clients say they need."

Zollar said IBM liked the design of the BigFix architecture, built on a single platform. The BigFix software also gives IT managers a centralized view of devices running on the company network. It supports Windows, Mac, UNIX and Linux operating systems. In addition, the vendor has a large presence in the power management market with software that can power down servers and devices when they are not needed.

Michael Cote, an analyst with RedMonk, called IBM's acquisition of BigFix a good fit to extend IBM's data center capabilities. Tivoli hasn't been known for managing endpoints, he said.

"They're more focused on servers and data center level things when it comes to configuration management and compliance, instead of the wider range of devices that BigFix applies to," Cote said. "In that sense, they're filling a nice whitespace."

Possible integration issues
IBM may have some challenges ahead. Mainly, integration issues as IBM works BigFix into its product set, said Eric Maiwald, research vice president at the Burton Group. The management of endpoint devices is becoming more important as more employees turn to personal devices to access corporate email or sign into corporate systems.

"What we've been seeing is a realization in this industry that the better managed endpoints have fewer problems," Maiwald said.

Managing the different devices on the network becomes more complicated and often involves virtual machines, he said. BigFix solves the issue by deploying an agent onto endpoint devices, enabling IT to manage a number of common protections, including antivirus, encryption, licenses and asset checks.

BigFix has approximately 200 employees and over 700 customers. The vendor's software is mainly used by large enterprises with diverse networks, said Dave Robbins, president, CEO and chairman of the board of BigFix. Robbins said the company competes with Microsoft's System Center Configuration Manager, Symantec's Altiris line of software as well as LANDesk Software among midmarket companies.

"When you look across our customer base, it is the compliance drivers, cost drivers and risk management drivers where deploying BigFix software makes sense for BigFix customers," Robbins said. "We've been working hard on building a great company and this is vindication for all that hard work over the years."