22 December 2022 Alexandra Bourlier

SSI_Tr7.5_BigFix Compliance

Ref: SSI_Tr7.5

Targeted audience

This training is intended for project members using HCL BigFix to manage patch deployments.

Training objectives

The objectives of the training are:

  • Understand and manage the BigFix platform
  • Understand and generate Endpoints and patch management dashboards

Targeted skills

At the end of the training, the participant will be able to :

  • Access and filter endpoint properties
  • Create and update endpoint groups
  • Track patch deployments
  • Monitor deployment
  • Create reports

Duration

1 day, divided into 6 modules (the program can be adapted to the technological context and level of knowledge of the trainees).

  • The training can be assured in person or remotely
  • The training can take place on an inter-company or intra-company basis

Unfolding of the training : MORNING

Module 0 : Course objectives

Day 1

Introduction : Presentation of the objectives and the course of the training.

Round table : Presentation of the group, the participants, and their expectations.

Module 1 : Infrastructure and components of the BigFix system

Day 1

Objectives of the module :

  • What are the different roles of the BigFix server, relay, console and agent?
  • Difference b/n BigFix WebReport Server, BigFix Compliance Server & BigFix Server.
  • What is the purpose of the BigFix Relevance language.
  • What are the differences between Fixlets, Analyses, Tasks & Actions.
  • What are the different BigFix Agent groups and how are they used?
  • What is the purpose and behaviour in reference databases?
  • What is the use in application programming interfaces?
  • How to manage and schedule built-in and custom BigFix web reports?

Module 2 : BigFix Security Compliance Analytics

Day 1

Objectives of the module :

  • Overview of the software, hardware and connectivity requirements for the BigFix Compliance installation.
  • Describe how the BigFix Compliance Analytics component installation process works.
  • Assign user accounts, roles, groups and authorisations.
  • Explain how computer groups are used for security compliance.
  • Understand compliance results and analytical dashboards.
  • Describe the use of BigFix computer properties.
  • Produce BigFix compliance analysis reports.

Module 3 : Basics of BigFix Security Compliance

Day 1

Objectives of the module :

  • Describe the uses of the different security compliance standards – PCI-DSS, CIS, FDCC, OVAL, DISA STIG.
  • Summarise common vulnerabilities and exposures – CVE.
  • Explain the use of the Patch/security compliance task Description section of BigFix – show details of each control/vulnerability.
  • Understand the basic third party anti-virus management software used in the BigFix console.
  • Explain the importance of endpoint compliance and the need to increase endpoint security – e.g. patch management, third party AV software updates.
  • Describe endpoint device control – disable/restore use of removable media.
  • Describe common endpoint vulnerabilities – patches not applied, AV software not working, multiple local admin accounts.
  • Explain how to use/apply an ir exception

Unfolding of the training : AFTERNOON

Module 4 : BigFix Security Checklist

Day 1

Objectives of the module :

  • Clarify when custom checklists are created and implemented on a custom site – Custom Checks Synchronisation Assistant, Checklist Assistant Tool during custom site creation in the BigFix console.
  • Identify the tasks and assistants used for client compliance checks – BigFix Client Compliance – Compliance Test Update Task, BigFix Client Compliance Task Assistant.
  • Demonstrate the ability to register computers or groups of computers to a custom site in the BigFix Console.
  • Describe the use of applicability patches.
  • Describe how a Fixlet is used and set up in a security checklist.
  • Demonstrate the ability to activate the correct site based on the operating system of the endpoint.
  • Describe the relationship between a security policy and a custom site.
  • Describe the relationship between security controls and fixlets.
  • Implement a security compliance policy.
  • Demonstrate how to handle a security policy exception.
  • Describe how to implement a security control.

Module 5 : Work Items

Day 1

Objectives of the module :

  • Use and configure reports (Web Report and BigFix / Console / Web / UI interface)

Training, technical and supervisory resources

Each course module will be covered in a hands-on exercise that will be performed via a remote ELM server provided and installed by ABlogiX. Each participant will have a computer already installed to access the ELM server.

Training support will be provided for each module and will be presented via a video projector or large screen. A whiteboard or interactive whiteboard should be provided with pens.

The training is facilitated by a consultant-trainer, which allows participants to benefit from his field experience.

The trainer

Dominique is a computer engineer specialising in systems and networks. He has worked for more than 10 years in the deployment of asset management and patch management solutions for various sectors of the industry.

More information ?

Please contact us on + 33(0)2 85 29 43 44 or by email : formation@ablogix.fr for a quote.

The training activity of ABlogiX is "registered under number 52 72 01527 72. This registration is not equivalent to State approval", in accordance with Article L6322-48.

Find all our training courses here.

Download here the program of this training