All Stanford faculty, staff, and students are entitled to and should install the BigFix client software on any personally-owned or Stanford-owned laptop or desktop computers that are connected to the Stanford network or that are used to transact University business, even if the ISP (Internet Service Provider) is not Stanford.
Stanford uses the BigFix Enterprise Suite (BES) to deploy patches and updates to Windows and Macintosh computers to keep your computer and our network safe. BigFix also provides a consistent and reliable way to remotely configure power settings.
Client computers that do not make network contact with Stanford's central BigFix server for 45 days will have their records deleted from the central BigFix database. Service will resume as before if the BigFix client remains installed and it re-establishes contact with the central server after the record is deleted. No information is lost.
The BigFix client installer makes an educated guess at your group assignment based on the current network location of your computer. If you are unsure about which group or subgroup to select, contact your local IT support staff. You can always run the BigFix installer again to select another group.
Students should select 'Students' as their group for all personally owned computers.
The BigFix service at Stanford provides updates for all Windows platforms currently supported by Microsoft, including the most common non-English editions of Windows.
The BigFix client installer will attempt to configure the personal firewall that is provided with your operating system. See the BigFix client installation instructions for details and the manual configuration procedure.
Yes. The BigFix service at Stanford provides updates for all Windows platforms currently supported by Microsoft, including the most common non-English editions of Windows.
Consult with your local technical support staff before installing BigFix on a server or any computers running specialized software or connected to specialized equipment. Your local BigFix administrator can 'lock' or 'unlock' such computers, so that they can be patched and rebooted, or not, as may be appropriate in a given case.
The BigFix client self-installation wrapper is available on the BigFix download and installation web page.
Technical support staff who already have administrative rights for the computers they manage also have a remote installation utility available to them.
The main purpose of having BigFix is to provide a very robust patch management service for computer operating systems to the University community. It is also used to distribute updates to the antivirus software licensed for use at Stanford. It collects a small amount of inventory information that is necessary in the service of its main function.
If the visitor will be here for more than just a brief stay, the technical support person should discuss installing BigFix. Don't forget to remove the BigFix client software when the visitor leaves. Console operators can remove the client remotely.
BigFix helps keep Stanford's computers and network secure.
Departing students should remove the BigFix client upon leaving Stanford.
BigFix is more reliable than the Windows Automatic Updates service, which is easy to use incorrectly under the best of circumstances. The BigFix system can also detect whether an installed operating system patch is corrupt, since it makes a much more thorough check of patch file versions and Windows registry entries than does Automatic Updates.
Console operators are expected to use BigFix to maintain the security and integrity of the computers they manage and safeguard them from malicious attacks. Console Operators can use BigFix as a security tool to help maintain a baseline for security patches and anti virus software, and to watch for potential exploits.