BigFix MCM and BigFix Mobile v3.5: Expanding Device Management and Enhancing Security

Release Announcements MCM (Release Announcements)
1

BigFix Mobile and Modern Client Management

We are thrilled to announce the release of BigFix Modern Client Management (MCM) and BigFix Mobile v3.5!

This release introduces ChromeOS device management, enhanced application management controls, and expanded SAML authentication support strengthening security, and simplifying operations for IT teams.

New Features and Enhancements

ChromeOS Device Management

BigFix MCM now supports management of ChromeOS devices, extending unified endpoint management through integration with Google Workspace.

Key capabilities include:

  • Support for ChromeOS as a managed platform

  • Installation and management of the ChromeOS MDM Server and Plugin via WebUI

  • Enterprise enrollment integrated with Google Workspace

  • ChromeOS device visibility in the Devices page

  • ChromeOS policy management:

    • Network policies

    • Restriction policies

    • Password policies

    • OS update policies

    • Organization Unit (OU)–based deployment

  • Remote device actions:

    • Restart

    • Wipe users

    • Remote powerwash

    • Unenroll

Plus Health checks and prerequisite scans for ChromeOS MDM services

Remove App Policy

BigFix MCM introduces a Remove App Policy that allows administrators to uninstall previously deployed applications from managed devices.

Supported platforms:

  • Android

  • iOS

  • iPadOS

  • macOS

  • Windows

Administrators can deploy the Remove App Policy directly to devices or through Policy Groups.

VPP License Reclamation

When removing Apple VPP applications:

  1. The application is uninstalled from the device.

  2. The associated VPP license is automatically revoked.

  3. The license is returned to the available pool for reassignment.

This ensures proper license tracking and prevents orphaned licenses.

PingFederate SAML Authentication Support

BigFix MCM now supports SAML-based authentication using PingFederate as an Identity Provider (IdP).

This enhancement extends existing SAML integrations (such as Okta) and enables secure single sign-on (SSO) aligned with enterprise identity infrastructures.

For configuration steps and detailed guidance, refer to the BigFix MCM documentation What’s new - Latest Features & Enhancements .

1 Like
2

Does MCM yet support DDM (declared device management) methods for doing OS updates on Apple platforms?

1 Like
3

Not yet Andrew, Please give us a list of specific features you’d want most and we’ll prioritize them.

4

Hi @MDG,

I suggest focusing on items called out in Apple's "What's new for enterprise in ...OS 26" documents:

  • Software update management using mobile device management commands, restrictions, the com.apple.SoftwareUpdate payload, and queries is deprecated and will be removed next year. Going forward, software updates can be managed and enforced using only declarative software update management.

The above item will be an Apple platforms blocker in the 27 OSes.

  • Organizations can deploy App Store apps, Custom Apps, and packages using declarative device management.

macOS: https://support.apple.com/en-us/124963
iOS: https://support.apple.com/en-us/125073
iPadOS: https://support.apple.com/en-us/125074

Thanks,
Andrew