Using BigFix to apply patches in workstations

Hi guys!

What’s up?

So, I need you guys tips or advises how to manage Microsoft Updates using just BigFix in my workstations environment, avoiding to use WSUS or SCCM technologies, considering this questions:

  1. What’s the best practice to do that? Put all Microsoft patches inside a baseline and apply it?

  2. How can we manage it, if we have technician guys installing new workstations everyday on our environment considering that these new workstations usually isn’t fully updated from Microsoft patches if BigFix infraestruture isn´t like WSUS (like an open library… all patches available whatever you want) needing to take an action for each deploy?

Well, before you guys answer, I still need to say a couple more things:

  • We have a “weak” workstation preparation process. I mean, we don’t have an WDT and WDS to manage our OS images. We use a not centralized software. Then, it’s a little difficult to make them up to date with every Microsoft patches deploy that we do.
  • I know we could apply our baseline patches like a policy (no end action) but our infrastructure team say it’s not healthy for our server where is running the master action site.

Thank you!

Regards,

Fontoura, Joatan