BigFix, now supported by HCL Technologies since the acquisition of BigFix from IBM in 2018, is an endpoint management solution providing endpoint visibility and IT asset discovery, automated endpoint patching (BigFix Lifecycle and BigFix Patch) policy enforcement (BigFix Compliance), and software asset discovery for licensed and unlicensed software (BigFix Inventory).
N/A
Ansible
Score 9.2 out of 10
N/A
The Red Hat Ansible Automation Platform (acquired by Red Hat in 2015) is a foundation for building and operating automation across an organization. The platform includes tools needed to implement enterprise-wide automation, and can automate resource provisioning, and IT environments and configuration of systems and devices. It can be used in a CI/CD process to provision the target environment and to then deploy the application on it.
Patch Management for Diverse Devices: HCL BigFix is ideal for organizations with a diverse range of devices, including laptops, desktops, cloud, virtual machines, and mobile devices. Its endpoint management functionality enables seamless patching across various operating systems such as Windows, MacOS, ChromeOS, and Linux.
Comprehensive Patch Management: With HCL BigFix, organizations can achieve comprehensive patch management across their IT infrastructures. It ensures that all endpoints, regardless of the operating system, receive timely and secure patches, reducing vulnerabilities and enhancing overall security.
Troubleshooting and Monitoring: HCL BigFix excels in providing a dashboard that effectively displays problematic and functional machines. This feature allows IT teams to quickly identify and address issues, improving overall troubleshooting efficiency. However, there are some scenarios where HCL BigFix may be less appropriate or areas for improvement: 1. Coverage Expansion: It is important for HCL BigFix to continue expanding its coverage to include all possible resources installed within the IT infrastructure. Ensuring comprehensive coverage can enhance its effectiveness. 2.On-Site and OS Upgrades: Optimizing the process of on-site and operating system upgrades can help streamline the deployment process further. Improvements in this area would contribute to a smoother and more efficient upgrade experience. 3.Communication Speed: Enhancing the speed of communication between the HCL BigFix agent and the server can help improve the overall responsiveness and efficiency of the solution.
Pricing Optimization: Adjusting the pricing of HCL BigFix to be more cost-effective would make it more accessible and attractive to organizations of different sizes and budgets.
I'm going to say it is best suited for configuration management. Like I said, patching even with security, things of that nature. Probably less suited is hardware management, but Red Hat IBM/IBM has Terraform for that. So it's a trade off.
Debugging is easy, as it tells you exactly within your job where the job failed, even when jumping around several playbooks.
Ansible seems to integrate with everything, and the community is big enough that if you are unsure how to approach converting a process into a playbook, you can usually find something similar to what you are trying to do.
Security in AAP seems to be pretty straightforward. Easy to organize and identify who has what permissions or can only see the content based on the organization they belong to.
Better documentation of how all the options/parameters are meant to be used (when creating things like jobs, templates, inventories, etc)
More recommendations of best practices as far as the best way to organize job templates, workflows, roles. Much can be found on how to organize pure Ansible, but not so much for AAP specifically.
I have found some things that seem like they should be easy but are not possible. Things like moving a host from one inventory to a different inventory. As far as I know this is not possible and requires deletion and recreation. Maybe I just don't know how this could be done or don't understand the design decisions behind this?
Even is if it's a great tool, we are looking to renew our licence for our production servers only. The product is very expensive to use, so we might look for a cheaper solution for our non-production servers. One of the solution we are looking, is AWX, free, and similar to AAP. This is be perfect for our non-production servers.
It's overall pretty easy to use foe all the applications I've mentioned before: configuring hosts, installing packages through tools like apt, applying yaml, making changes across wide groups of hosts, etc. Its not a 10 because of the inconveinience of the yaml setup, and the time to write is not worth it for something applied one time to only a few hosts
Great in almost every way compared to any other configuration management software. The only thing I wish for is python3 support. Other than that, YAML is much improved compared to the Ruby of Chef. The agentless nature is incredibly convenient for managing systems quickly, and if a member of your term has no terminal experience whatsoever they can still use the UI.
There is a lot of good documentation that Ansible and Red Hat provide which should help get someone started with making Ansible useful. But once you get to more complicated scenarios, you will benefit from learning from others. I have not used Red Hat support for work with Ansible, but many of the online resources are helpful.
We have significantly enhanced our ability to patch desktops, including laptops, desktop, cloud, virtual machines and other mobile devices used by end-users. BigFix's endpoint management functionality allows us to seamlessly patch a wide range of operating systems, such as Windows, MacOS, ChromeOS, and Linux systems, ensuring comprehensive patch management across IT infrastructures. We have established a track record of delivering secure and hassle-free patching solutions to our clients
I used puppet prior to moving to open source Ansible and eventually to Red Hat Ansible Automation Platform. I appreciate the agentless approach of Red Hat Ansible Automation Platform and feel that its deterministic approach to applying code is superior to puppet
POSITIVE: currently used by the IT department and some others, but we want others to use it.
NEGATIVE: We need less technical output for the non-technical. It should be controllable or a setting within playbooks. We also need more graphical responses (non-technical).
POSITIVE: Always being updated and expanded (CaC, EDA, Policy as Code, execution environments, AI, etc..)
