BigFix: No Small Feat

By Baselinemag  |  Posted 2005-12-06 Print this article Print

BigFix has a staff of just 70, but the company's patch management products have made a huge impression on companies many times its size.

It's a company of just 70 people, but BigFix has blown the socks right off customers more than 200 times its size. "They're fabulous—I love BigFix," says David Giambruno, director of engineering and security at Pitney Bowes. With the BigFix software, his team's average time to deploy a patch to 20,000 desktops and servers (after testing) is 45 minutes. "Operationally, it's one of the best technologies we've put in," Giambruno says.

BigFix also turned heads at Progress Energy. The Raleigh, N.C.-based utility planned to take eight months to roll out the software to 13,000 computers. The project took just half that time, largely because the deployment tools were very easy to use and the software required little customization, according to Scott Meyer, manager of architecture and integration services. "BigFix has actually exceeded our expectations," he says.

Parrish Medical Center in Titusville, Fla., installed BigFix on 880 systems in January. The software reduced the time network administrator Tom Coffy and his team needed to keep the machines patched from 30 hours per week to less than five—"and we're doing a much more thorough job," he notes.

The 210-bed hospital, which paid about $26,000 for a two-year enterprise license, has also used BigFix to distribute updates to its medical imaging application and to track desktop software licenses. "We feel like we received more than we paid for," Coffey says.

One catch: BigFix's reporting features "are not really great," says A.J. Fried, senior vice president of servers and infrastructure for Bessemer Trust, a financial management firm in New York. For example, there's no simple way to discover which patches are missing on a specific group of machines or to find the patch history of a single system. "You have to dig through the interface to find that data," Fried says. "If you're trying to do an official audit report, it's not that good." (BigFix says it's enhancing report capabilities in future versions.)

Pitney Bowes' Giambruno also wants to see more sophisticated analysis features. For example, while the software shows what percentage of machines lack critical patches, it's unable to assess risk based on a system's importance to the business. As Giambruno puts it: "They're a great company, but they have to switch from a tool to a solution at some point."

Security Patch Management

6121 Hollis St.
Emeryville, Ca 94608
(510) 652-6700

TICKER: Privately held


Dave Robbins
President & CEO
Formerly COO, he replaced founder David Hindawi in 2003. Before joining BigFix, he was CEO of Quippe Technologies, a now-defunct online procurement services firm. Has also worked for Automatic Data Processing and the Progressive Group of Insurance Cos.

David Hindawi
Chairman & Founder
Founded BigFix in 1997. Previously CEO of Software Ventures, a telecommunications software firm acquired by Internet service provider PSINet, which filed for bankruptcy in 2001.

BigFix Enterprise Suite provides patch management, vulnerability scanning, software distribution, hardware and software inventory, and configuration management for Windows, Linux, Solaris, HP-UX, AIX and Macintosh systems. The software can enforce custom policies to require certain programs to run and block others.
Reference Checks

Pitney Bowes
David Giambruno
Dir., Engineering & Security
Project: Mailing supplies and services company has one staff member who uses BigFix part-time to patch and monitor 20,000 Windows machines.
Bessemer Trust
A.J. Fried
Senior VP, Servers & Infrastructure
Project: Personal wealth management firm in New York uses BigFix to distribute patches for Windows and other applications to 200 servers and 600 desktops.

Duke School of Medicine
Tim Rice
Network Systems Analyst
Project: Medical school and affiliated hospital use BigFix to patch 8,000 Windows machines, with the goal of deploying critical patches 72 hours after release.

Progress Energy
Scott Meyer
Mgr., Architecture & Integration Services
Project: Power utility based in Raleigh, N.C., pushes patches to 13,000 Windows desktops and 600 Windows servers with BigFix; also evaluating using BigFix for its Unix systems.

Darden Restaurants
Bob Gentry
Dir., Corporate Infrastructure
Project: Operator of 1,400 Red Lobster and other "casual dining" restaurants uses BigFix to update 8,000 Windows-based point-of-
sale terminals.

Parrish Medical Center
Tom Coffy
Network Administrator
(321) 268-6333
Project: Hospital in Titusville, Fla., uses BigFix to update patches for 800 Windows desktops and 80 servers.

Executives listed here are all users of BigFix's products. Their willingness to talk has been confirmed by Baseline.

Revenue, 2004: Less than $15M (Baseline est.)
Funding: $18M to date
Investors: Levensohn Capital Management,
St. Paul Venture Capital, Selby Venture Partners
No. of customers reported: 370

CenterBeam, Computer Associates International, Fiberlink Communications, IBM, InfoExpress, Microsoft, Red Hat, SecureInfo, Sun Microsystems, Unisys

Financial services: Countrywide Financial, Deutsche Bank, Lehman Brothers, Merrill Lynch
Government: Miami-Dade County Public Schools, NJ Transit, San Mateo County, Calif. Hospitality: Marriott International
Manufacturing: Tempur-Pedic,
TRW Automotive
Retail: American Eagle Outfitters, Staples

Emeryville, Calif. (headquarters); Bangalore, India; Singapore; Beijing; Fleet, U.K.


Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.