Showing posts with label BigFix. Show all posts
Showing posts with label BigFix. Show all posts

Thursday, September 6, 2018

Some of our current projects

We work with a pretty wide array of products, so I wanted to highlight some of the projects we're working on right now

ServiceNow Architecture and Implementation

We're working with a communications company to implement their procurement, installation and change processes within ServiceNow, with asset feeds from multiple external systems.

ServiceNow Incident Response integration with QRadar

We're helping our client customize both products and the integration between them to best leverage their existing investment and people.

IBM Control Desk for Field Service Management

We're helping a different communications customer with their field service management through workflows and custom user interfaces defined in IBM Control Desk.

Netcool Operations Insight Implementation

We're actually working on several of these at the moment. The most work on these goes into identifying the different event sources, what (if any) automated actions need to be performed and who needs to be notified.

BigFix Steady State

A medical client of ours has been leveraging our BigFix Managed Services for several years to ensure that all IT equipment is both known and is running software at the appropriate patch level.

ICD and BigFix Implementation with Airgap

We're working with a defense contractor to ensure that their Asset Management and Change Management processes continue to work smoothly leveraging ICD and BigFix

Tuesday, July 10, 2018

It only takes an hour to get a test BigFix environment installed and working

The only caveat (which they've maybe fixed now) is that the SQL Server that's bundled with the BigFix Eval is borked, so you first need to install an eval version of MSSQL Server 2014, which is available from Microsoft.

But the whole process is really easy:

1. Create/clone a Windows 2012 or 2016 server (you can download an eval copy of Windows Server 2016 if needed)
2. Google MSSQL Server 2014 evaluation download and download it
3. Install MSSQL with all the defaults
5. Follow IBM's instructions for installation.
6. Once it's up and running (takes about 10 minutes), continue through the install instructions to add all of the available Sites. The site named IBM BigFix Inventory v9 is actually the one that will get you the BigFix Inventory install files.
8. Optionally create/clone a Windows or Linux VM to be an additional client in your environment

That's it, and even if you need to install Windows Server from scratch, it only takes at most 1.5 hours.

There are other parts you can also install now, such as BigFix Inventory or the WebUI (both are available via fixlets in one of the available Sites).

Monday, July 9, 2018

How to change the BigFix WebUI database userid and password

I recently installed the BigFix WebUI with the wrong password and needed to fix it. I found the encrypted information in the db_config.json file in the folder:

C:\Program Files (x86)\BigFix Enterprise\BES WebUI\WebUI

However, this is what the contents of that file are:

{"user":"96\u002fzY1rPfE40v69uFttQAg==","password":"MwKBDmT00BEwEZm1ctZahg==","hostname":"WIN-5M6866TPST1.mynet.foo","port":1433}

And while those look like Base64 encoded values, there's also some encryption going on (try putting either of those strings through an online Base64 encoder/decoder and you'll see).

So the first thing I tried was to just put the information in the file in cleartext and restart the WebUI service, so the file looked like:

{"user":"sa","password":"passw0rd","hostname":"WIN-5M6866TPST1.mynet.foo","port":1433}

Amazingly, that worked, and here's the logfile entry that shows it:

Wed, 04 Jul 2018 13:14:24 GMT bf:dbcredentials-error Failed to decrypt database credentials, attempting to use inputted credentials as plaintext

However, the file kept the cleartext data (I had hoped that it would re-encrypt the values on startup, but it did not).

Then I found the solution in the place I should have looked to begin with - in the BigFix console! There's a task defined in the BES Support site specifically for this purpose. The task is named "Deploy/Update WebUI Database Configuration". Run the action associated with that task and it will create a new db_config.json file with the properly encrypted data and you're good to go.

Wednesday, July 12, 2017

Using IBM Agile Service Manager and BigFix to obtain and display application communication topology data

Background

We've been working with a client who owns BigFix and Netcool Operations Insight, and who recently purchased the optional Agile Service Manager component of NOI. Up until now, we've been helping this customer obtain communication data (network/port/process connection information) in their environment through BigFix. A valid question you may have is: Doesn't TADDM do that and more? And the answer is yes it does, but the customer has some fairly severe obstacles that prohibit a successful deployment of TADDM.

Why are we doing this?

Any Operations group needs as much contextual information as possible to allow them to do their job effectively. Some of the information that Operations teams need is:

- Which systems are communicating with (dependent upon) Server X?

- What processes and applications are running on Server X?

- What is the impact to other systems if we reboot Server X?

etc. There are many, many more questions that come up, and often the best way to answer those questions is with a topology view of the environment. TADDM gives you this topology information, but again, this client is not able to install TADDM, so wanted another way to get similar data.

How are we doing it?

The first challenge was getting the communication information via BigFix. With just a little searching, we realized that this was actually very easy. The 'netstat' command in both Windows and Linux will actually show you information about which ports are owned by/in use by which processes, and then it's just a matter of getting more details about each PID. Linux has the 'ps' command, and Windows PowerShell does too, though the output is different, of course. We also found that PowerShell has a few functions that will directly convert command output into XML. This is important because BigFix includes an XML inspector that lets you report on data that's in an XML file. On Linux, a little Perl scripting was used to accomplish the same goal.

So with the IP/port/process information in had, we then needed to display that data in the ASM Topology Viewer. To do that, we used the included File Observer. Specifically, we wrote a script to create the appropriate nodes and edges so that this information can be displayed by ASM.

What's it look like?


Here you can see that a java process on client.gulfsoft.com has opened TCP port 40474 to communicate with a DB2 process listening on port 50000 on db2srv.gulfsoft.com.

Conclusion

Topology data is absolutely crucial to a Operations team for numerous reasons. In this case, we were able to provide this visualization to our client in a very short amount of time (a week or so) while leveraging software they already owned. They now have better insight into their environment and are better prepared to address events in their environment.

Friday, April 22, 2016

The easiest way to work around the problem of having one VM on a NAT network and one on a host-only network in VMWare Workstation

The Situation


I have a BigFix environment with a Windows BigFix server on the host-only network, and I've got IBM Control Desk installed on a Red Hat VM on one of the NAT networks. I want to integrate the two for asset management, which requires the Integration Composer, which has to communicate with both servers simultaneously. (We've done an air-gapped integration for a couple of customers, but I wanted to use the out-of-the-box mechanism).

Bad Solutions

Some of the solutions that I considered, but threw out because of the work involved:

Change an IP address

Simply move one server to the other network and then add routes to communicate between different subnets IP addresses on the same network

Easy Solution

I added a network card on the NAT network to the BigFix Windows server. VMWare Workstation quickly suspended and resumed the VM, the adapter was seen, and it got a DHCP address on the NAT network. And then I could communicate between the two machines!