Skip to content Skip to site navigation Skip to service navigation

Endpoint Configuration Management (BigFix)

Stanford uses IBM BigFix — to deploy patches and updates to Windows and Macintosh computers. BigFix is administered by the Information Security Office in collaboration with IT organizations across the University.


The Endpoint Configuration Management service provides the following benefits:

  • It allows Stanford to install critical security patches on computers as soon as they're made available by Microsoft and Apple and tested here.
  • Release of patches occurs after targeted, campus-wide testing.
  • BigFix is an agent-based software solution. Each computer communicates with the BigFix server to determine its patch status.
  • Certain basic inventory information about the computer—such as the presence or absence of critical security updates, IP address, operating system, and some hardware data—is collected. A complete list of collected information is always available.

Designed for

BigFix is designed for current faculty, staff, and students.



Data security

May be used with Low, Moderate, and High Risk Data, as defined by the Information Security Office.


Free of charge

Get started

Client software must be installed on all computers that are to be managed by the BigFix system administrators. Download and install the BigFix client software for Windows and Mac.

Get help

For assistance, please submit a Help request.

Learn more

See also

For IT Providers, view Information for Console Operators (Restricted Access).

Last modified August 13, 2021