The language used for crafting action scripts. Action can be crafted
in different scripting languages, including AppleScript and Unix shells.
BigFix Enterprise Suite (BES)
The previous name for IBM Endpoint Manager.
Client
Software installed on each networked computer to be managed under
the IBM Endpoint Manager. The Client accesses a pool of Fixlet
messages, checks the computer it is installed on for vulnerabilities,
and sends the Server a message when such a condition occurs. Previously
known as the BES Client, it is now known as the IBM Endpoint Manager
Client, or simply Client.
Console
A management program that provides an overview of the status of
all the computers with the Client installed in the network, identifying
which might be vulnerable and offering corrective actions. Previously
known as the BES Console, it is now known as the IBM Endpoint Manager
Console, or simply Console.
Custom Site
You can create your own custom content and host it in a custom
site. This can only be done by a Master Operator that has been granted
the rights to create custom content (use the Admin program to allocate
these users).
DSA
Distributed Server Architecture. Multiple Servers are linked to
provide full redundancy in case of failure.
Fixlet message
A mechanism for targeting and describing a problematic situation
on a computer and providing an automatic fix for it.
Fixlet servers
Web servers offering Fixlet site subscriptions. They can be either
internal to the enterprise network or external to the network (if
direct external web access is allowed).
Fixlet site
A trusted source from which the Client obtains Fixlet messages.
Generator Install folder
The directory on the installation computer where the Generator
places the installation files for the IBM Endpoint Manager system.
Installation Computer
A secure computer (separate from the IBM Endpoint Manager Server
computer) that hosts and runs the Installation Generator.
Installation Generator
An application that creates installers for the core IBM Endpoint Manager system components.
Management Rights
Ordinary Console Operators can be limited to a specified group
of computers. These limits represent the management rights for that
user. Only a Site Administrator or a Master Operator can assign management
rights.
Master Operator
A Console Operator with administrative rights. A Master Operator
can do almost everything a Site Administrator can do, with the exception
of creating new operators.
Masthead
Files containing the parameters of the IBM Endpoint Manager
process, including URLs that point to where trusted Fixlet content
is available. The IBM Endpoint Manager Client brings content into
the enterprise based on subscribed mastheads.
Mirror server
A server required in the IBM Endpoint Manager system if the
enterprise does not allow direct web access but instead uses a proxy
server that requires password-level authentication.
Operator
A person who operates the IBM Endpoint Manager Console. Ordinary
operators can deploy Fixlet actions and edit certain computer settings.
Master Operators have extra privileges, among them the ability to
assign management rights to other operators.
Relay
This is a Client that is running special server software. Relays
spare your server and the network by minimizing direct server-client
downloads and by compressing upstream data. Relays are automatically
discovered by Clients, which dynamically choose the best Relay to
connect to. Previously known as the BES Relay, it is now known as
the IBM Endpoint Manager Relay, or simply Relay.
Relevance Language
The language in which relevance clauses are written.
Root Server
Refers to the HTTP or HTTPS services offered by the main Server
as an alternative to IIS. The IBM Endpoint Manager Root Server
is specially tuned to Fixlet traffic and is more efficient than IIS
for this application. Previously known as the BES Root Server, it
is now known as the IBM Endpoint Manager Root Server, or simply
Root Server.
Server
A collection of interacting applications (web server, CGI-BIN,
and database server) that coordinates the relay of information to
and from individual computers in the IBM Endpoint Manager system.
The server processes may be hosted by a single server computer or
segmented to run on separate server computers or replicated on redundant
servers. Previously known as the BES Server, it is now known as the
IBM Endpoint Manager Server, or simply Server.
Signing password
The password (specified when the IBM Endpoint Manager system
was installed) used by a Console operator to sign an action for deployment.
It is called the action password in the Console interface.
Site Administrator
The person responsible for installing IBM Endpoint Manager
and with the permission to create new Console operators.
SQL server
A full-scale database engine from Microsoft that can be acquired
and installed into the IBM Endpoint Manager system to satisfy more
than the basic reporting and data storage needs. A step up from SQLite
Standard deployment
A deployment of the IBM Endpoint Manager that applies to workgroups
and to enterprises with a single administrative domain. It is intended
for a setting in which all Client computers have direct access to
a single internal server.
System install folder
The directory on the IBM Endpoint Manager Server where the
Server software and related files (including Console and Client installers)
will be installed.
IBM Endpoint Manager database
A component of the system that stores data about individual computers
and Fixlet messages. The IBM Endpoint Manager Server’s interactions
primarily affect this database, which runs on SQL Server.
IBM Endpoint Manager
A preventive maintenance tool for enterprise environments that
monitors computers across networks to find and correct vulnerabilities
with a few simple mouse-clicks.
VPN
Virtual Private Network. An encrypted channel (or tunnel) that
allows companies to extend their local-area networks across the world
by using an inexpensive Internet connection.
WAN
Wide-area network. Many offices are connected by WAN. The bandwidth
of your WAN determines the placement of Relays in your deployment,
with thin-client computing in a wide-area network requiring more relays
to aggregate downloads and reduce overhead.