As the number of endpoints and the threats that can compromise them continue to grow at an unprecedented rate, BigFix® Compliance provides unified, real-time visibility and enforcement to protect complex and highly distributed environments.

Designed to ensure endpoint security across the organization, BigFix Compliance can help organizations both protect endpoints and meet security compliance standards. This easy-to-manage, quick-to-deploy solution supports security in an environment that is likely to include a large variety and large numbers of endpoints—from servers to desktop PCs, and “roaming” Internet-connected laptops, as well as specialized equipment such as point-of-sale devices, ATMs and self-service kiosks.

BigFix Compliance can reduce the costs and complexity of IT management as it increases business agility, speed to remediation and accuracy. Its low impact on endpoint operations can enhance productivity and improve the user experience. By constantly enforcing policy compliance wherever endpoints roam, it helps reduce risk and increase audit visibility. Its intelligent agent’s speed and efficiency provides continuous compliance with automated audit cycles measured in minutes versus weeks.

BigFix Compliance Highlights:

  • Ensure continuous configuration compliance using thousands of out-of-the-box security controls based on industry
    best-practice security benchmarks with effective remediation of configuration drifts
  • Analyze and report on policy compliance status and historical trends to assess endpoint security risks and evaluate compliance
    effort effectiveness
  • Manage and distribute patches to all end- points for a variety of operating systems and software applications
  • Track and report on patching activity status and historical trend to assess security posture and demonstrate compliance
  • Monitor and manage the deployment status and health of various third party endpoint protection solutions such as anti-virus
    and anti-malware tools
  • Assess Windows endpoints against standardized, OVAL based security vulnerability definitions to report vulnerabilities more
  • Quarantine endpoints that are out of compliance to minimize risk of compromised endpoints contaminating the network
  • Provide PCI DSS specific checklists, dashboards, and report to accelerate achieving PCI compliance

Enforce security compliance

Continuous, real-time enforcement of security policies across all endpoints, regardless of network connection status, and eliminate compliance drift immediately

Adhere to best practices

Provide more than 13,000 compliance checks to support over 50 platforms and middleware applications, based on best practice benchmarks

Reduce security risks

An intelligent agent on every endpoint monitors, enforces and reports on the security configuration status of the endpoints in real-time

Lower costs

Share the same management console and infrastructure with other BigFix applications, and lower administration and operational costs


Lower Costs

Continuous compliance reduces the potential fines and penalties imposed by regulatory agencies resulting from non-compliance

Enforce Compliance

Real-time enforcement of security policies across all endpoints, regardless of their network connection status

Reduce Effort

Reduce the effort in monitoring, remediating and reporting on compliance of servers and workstations across the enterprise

Provide PCI-DSS Compliance

Provide Payment Card Industry Data Security Standard (PCI-DSS) compliance with BigFix Compliance Payment Card Industry (PCI) add-on

Enhance Security

Security configuration management helps detect and enforce security configurations; and enables management of third-party endpoint security clients and agents

Reduce Security Risk

An intelligent agent on every endpoint monitors, enforces and reports on security configuration status of endpoints in real-time