Hi there.
Our security people are asking if we can stop the use of the UDP protocol within BigFix and replace it with TCP. What would be the impact of this change please? Is it something that can be achieved with BigFix still performing all of its functions?
Wayne S-R
You can disable the UDP notifications at the client side and the Server/Relay side.
The effect will be that your clients are not notified of new or updated content, and instead only download and evaluate new actions, fixlets, analyses, etc. when they perform a scheduled gather. By default that is every twelve hours.
You can reduce this gather interval by configuring Command Polling on the clients, but ensure you do not overload your relays with the extra request traffic. That is a balance based on how many clients are attached to each relay. If you have more than a couple of hundred clients on a relay, Iād suggest those clients should poll no more frequently than every half hour (and your mileage may vary).
Thanks Jason. I will put that to the security folk.
Basically i have a query
UDP was blocked in my environment for CentOS patching, for a 6 Mb patch the Cent OS system used to take 30 mins to download and install.
can you just tell me how the patching works (downloading of a patch) in BigFix if UDP is blocked. What is know is when UDP is blocked, client will go to its relay or server every after 10 mins to check if there are any downloads available.