IBM BigFix is pleased to announce an update to the WebUI. This release contains a number of features that makes WebUI resilient to higher data latency conditions and increases operational efficiency with exciting features, such as Automatic Patching and personalized Self-Service Application.
View nearly real-time (NRT) data: The Overview dashboard, Executive Dashboard and other views now show nearly real-time (NRT) data. For a majority of the workflows and views, the data is in real-time as it is directly sourced from the BigFix database. This release will significantly address data latency issues by eliminating the dependency on ETL transactions.
WebUI Core Framework
• Support for DB2 as source of WebUI data for platform versions 9.5.5+
• Support for MS SQL Server as source of WebUI data for platform versions 9.5.5+
• Allow the removal of ETL as the WebUI DB for platform versions 9.5.5+
Deploy personalized self-service applications: Master operators or Content creators can now configure the self-service application and add personalized attributes, such as icons, organizational branding, help links, etc. This will support the deployment of multiple self-service applications across the organization.
Specific Self-Service Application (SSA) release features include:
• Updated UI for enhanced usability
o New sleek and modern theme
o Improved Catalog view with large, icon-based tiles
o Responsive design as SSA UI windows are resized
• Support rebranding
o SSA now supports rebranding. You can change the SSA theme color, name, and icon.
• Support help message
o You can now add a custom help message in the SSA.
• SSA configuration page in WebUI
o New page in WebUI for creating a SSA configuration task that will deploy and/or customize the SSA.
Manage software distribution packages: Content creators can now edit certain custom content, such as software distribution packages and update the associated action script, relevance clauses, and personalize with an icon. This will eliminate the need to use Windows console for editing these packages.
WebUI Software Distribution application
• Support .appx file type
o WebUI SWD now provides a default installation command for .appx files.
• Option to cache URL-based files during Task runtime
o For URL-based files, the user now has the option to cache the file during Fixlet runtime. Previously, users cached the file during package creation.
WebUI Custom Application
• Edit and delete custom Tasks
o Users can now edit and delete custom Tasks in the WebUI. This feature is currently not supported in Baselines and Tasks created by the WebUI Profile Management app.
• Add icons to custom Tasks
o Users can add icons to custom Tasks in the WebUI. Icons are restricted to the WebUI and will not appear in the BigFix Console.
Automate routine patch tasks with Automatic Patching Automatic Patching Policies provides an easy do-over for the ongoing patch cycles. The policy settings such as patch criteria, roll-out schedules, targeted endpoints, and patch exceptions can be easily re-used. It provides a way to make very little adjustments to the patch policies and thus reduces the cost of patching.
Getting Started with Patch Policy
Use the Patch Policy-related screens to list policies, find specific policies, and view detailed policy information. A BigFix patch policy is a collection of Fixlets that meet defined criteria for patching. A policy defines how often patch updates are deployed to devices and provides an overall patch deployment status for compliance.
Patch policies help establish and maintain a process for continuous security compliance for endpoints.
Define a patch execution strategy and workload for devices by setting the criteria for the policies based on organization security guidelines to gain compliance.
The following workflows are supported:
• Adding a new policy
• Setting the policy schedule for rollout
• Setting the target device list
• Viewing the patch list
• Managing patch exclusion
• Editing a policy
• Deleting a policy
• Refreshing a policy
• Activating a policy
• Suspending a policy
This release addresses the following CVEs associated with third party dependencies;
- CVE-2016-10000232 (sqlite3)
- CVE-2017-1000381 (node)
- (Low Severity CVEs present in zlib) - outlined here: http://seclists.org/oss-sec/2016/q4/602
Action to take:
WebUI will update automatically be default unless configured otherwise.
For existing WebUI customers to migrate to the new platform schema, look for the Deploy/Update WebUI Database Configuration Fixlet (ID 2687) in the latest BES Support site.
WebUI Administration Guide
WebUI Users Guide
Self Service Application Installation & Configuration Guide
Managing BigFix Offers on Your Device
Published Site Version for content enablement: BES Support v1360
For customers using the Delayed updates feature, this update impacts all applications and all must be updated together.
For customers with air-gapped environment, follow these instructions to get new WebUI sites.