In this article, we would like to present solution for distinguishing between two release types of Firefox: Firefox and Firefox Extended Support Release (ESR) on Windows platform. We have created 2 CIT custom signatures that provide this functionality.
Mozilla Firefox signature link: https://bigfix.me/signature/details/1255
Mozilla Firefox ESR signature link: https://bigfix.me/signature/details/1256
There are a couple of limitations, the first would be the inability to report installed version in the “Component Version” thus it is reported as 0.any_version and the properly installed version is shown in “Component Detailed Version”.
The second limitation is that there will be a duplicated discovery shown (due to an already existing discovery in the official catalog that doesn’t distinguish between normal and extended support release).
The third limitation is that those custom signatures don’t offer usage information.
As you can see on the screenshot below detection is doubled. Discovered software that has “standard” component version is detected by signatures that already exist in BFI. Discovered software with component version 0.any_version, but correct component detailed version is software detected by custom signatures. You can suppress detection from non-custom signatures, but in such situation, you will lose information about usage.
Process how to import custom signatures is presented below:
- Download the signature file from URL provided under every type of discovery described.
- Login to BigFix Inventory.
- Go to Management → Catalog Customization.
- Import the file with the custom signature.
- Run an import process.
- Make sure that the catalog was propagated to the endpoints (automatically created action for propagation the endpoint executed on all applicable endpoints).
- Run a software scan on the endpoints.
- Ensure the Upload Software Scan Result fixlet is running.
- Run an import process to import the scan results.
- Verify the results on the reports.
To suppress software detected by non-custom signatures and create custom rule to avoid double detection in the future, follow the steps below:
- Login to the BigFix Inventory then head to Reports → Software Classification and on the right side choose the Configure → Configure View
- Apply a good filter to view all the necessary records:
• Component Name contains firefox
• Component Definition Source not in set Custom
• Operating System contains win (because custom signatures distinguish Mozilla Firefox only for Windows)
- Select all the records that are showing after applying the filter by clicking ctrl + a or the checkbox on the left
- Click on the Exclude → Suppress Component from Inventory and on the suppression window you will see an option to “Create a custom rule” (Make sure you have selected all the records otherwise the option won’t appear)
- After confirming Suppression in the Management → Custom Rule you will see a new rule created
- After opening Software Classification once again you will see that software detections from non-custom signatures were suppressed
Kamil
BigFix Inventory Team