SCCM vs BigFix. Pros and cons

Tory 2022-05-12 12:05:45 UTC #1

Hi all, glad to be here on this forum! I’m new here, have a question for more experienced users. SCCM vs BigFix? What are the advantages of BigFix?

DerrickD 2022-05-12 14:19:10 UTC #2

I spent no less then 3 years discussing this internally with my colleagues & managers running both side by side.

For some context, we only manage servers, but do so in a global environment with API based automations.

Our takeaway is there is NO clear winner. It’s all based on the business goals and requirements, Period, full stop. They both suck and are awesome in their own rights. Neither fixes all problems and both have their stregths and weakness.

We went with BigFix. A few reasons why. Cost (was NOT our primary driver), much easier operational management of the infrastructure, less infrastructure requirements (server specs, mainly), BigFix can do things NOW much better then SCCM, cross platform capable, REST API & other API, less integration requirements/limitations within AD. We also like the plugins to SNOW, VMware, AWS, Azure, Google, but are till building that stuff out. What’s not as good? Patch validation reporting for Windows (based on our needs), the fact that patches sometimes lag behind or are missing from BigFix while available in WSUS (this is normally not an issue but occasionally, like last month, a patch was missing for 9 days post release due to bad relevance), propriety Actionscript & Relevance (but then SCCM has that weird OS SQL stuff and MOF we don’t have to deal with), and it’s way easier to just turn something around quickly in our experience.

I think it’s worth mentioning again… the BigFix infrastructure is cakewalk in comparison to SCCM to maintain. I am sure if you are an SCCM super admin, you may not agree, but in my opinion a large organization requires nearly a full time person to just maintain SCCM. With BigFix, it is only a small portion of an administrators time. For example, we run a failover (DSA) environment. I can upgrade BigFix and all clients to a new release starting in the morning and be completed by lunch.

Tory 2022-05-13 12:09:21 UTC #3

Thanks for the reply! It was interesting to hear the opinion of someone who has tried both options in practice!

DanieleColi 2022-05-13 14:32:31 UTC #4

Tory, obviously you are asking a comparison to a product forum; probably you’ll get a different answer if you post your question to the MS forums

Just to give you an independent insight (and market recognized): https://www.hcltechsw.com/bigfix/experts?referrer=www.hcltechsw.com

Gartner

brolly33 2022-05-16 11:23:15 UTC #5

I work for BigFix, but before I joined I had a similar experience and opinion.

Back in 2005, when SCCM was SMS, our SMS administrator left the company and within 3 months, the SMS infra was in such bad shape that it was effectively non-op. BigFix was brought in to replace it.

I recall needing to compile and distribute a Def.Mof to get new information flowing up from my SMS clients, and then wait for the next inventory cycle. It took a week to get data back. I recall vividly when the BigFix expert came and helped us write a quick analysis that did the same data pull using BigFix in 20 minutes to data collection across 95% of our endpoints.