[BESAdmin-Announcements] IBM BigFix Inventory and IBM License Metric Tool application update 9.2.12 is now available

[Announcements for BES Administrators]

This  update  contains  features  that  extend  software discovery, enhance
license reporting and address security scenarios. The key features include:



   ·	Reporting detailed hardware information (BigFix Inventory only)


      BigFix  Inventory introduces a detailed hardware scan that allows you
      to   retrieve   detailed  hardware  information  related  to  memory,
      operating systems, storage, processors, partitions, network adapters,
      SMBIOS data, IP addresses and logical processor capacity data.


      Benefits: You can use the collected information to report and monitor
      hardware  in  your  infrastructure.  The  new  scan gives you a clear
      overview of your physical assets.


   ·  	Preventing  of  security  threats  with  information  about  Common
      Vulnerabilities  and  Exposures  (CVE)  added to the software catalog
      (BigFix Inventory only)


      Common  Vulnerabilities  and  Exposures  (CVE)  is  a  list  of known
      security  threats  that  are  assigned identification numbers. BigFix
      Inventory  uses  CVE  that  is provided by the National Vulnerability
      Database  to help you identify potential threats in your environment.
      In  this  release, BigFix Inventory presents initial integration with
      National Vulnerability Database as a preview feature.


      Benefits:   Thanks   to  the  visibility  of  potentially  vulnerable
      software, it is possible to identify and prevent potential threats.


   · 	Retrieving  information  about  the discovered software component as
      specified in the Common Platform Enumeration (CPE) dictionary (BigFix
      Inventory only)


      Common  Platform  Enumeration  is  a  standardized  naming scheme for
      software.  This  information is available in REST API for integration
      scenarios. BigFix Inventory uses the CPE dictionary to match CVEs and
      indicate known vulnerabilities in software products.


      Benefits:  You  can  analyze  and  compare the CPEs based on the data
      feeds  provided  by BigFix Inventory with other sources, such as CVEs
      that are available in the National Vulnerability Database.


   · 	Enhancements to reporting end of support dates for selected software
      products


      The  end  of  support  dates  for  selected IBM software products and
      components  for  which  the  information  has  been announced are now
      available  on  the Software Classification panel. Additionally, a new
      Predefined End of Support column indicates whether the end of support
      date was provided by IBM or was specified manually by a user.


      Benefits:  You  can  use  information  about end of support to easily
      define  license  demand  for  the  future.  You  can  also use it for
      security   purposes.  For  example,  to  determine  whether  software
      installed  on  a  computer  that  is  under  investigation  is  still
      supported or could be exposed to security vulnerabilities.


   · 	Using  Review Lite script for extended discovery of Oracle databases
      (BigFix Inventory only)


      Review  Lite  is  a  standard  script  used by the Oracle auditors to
      control  the  number  of  Oracle  licenses  within  a company. BigFix
      Inventory  allows  you  to  automatically  run  this  script  on  all
      computers  in your environment. The results are interpreted by BigFix
      Inventory  which provides you with an overview of the report that you
      are required to deliver to the auditors.


      Benefits:  You  can  use  BigFix  Inventory to prepare for the Oracle
      audit and better understand the results of the Review Lite script.


   ·	Automatic scanning of remote shared disks


      Until  now,  remote  shared disks could only be scanned with a manual
      procedure.  With  the  newest release of BigFix Inventory and License
      Metric  Tool,  you  can  optimize  this  process and set up automatic
      scans.  As  a  result,  a  single  computer  is  designated to scan a
      specific shared disk and discover the installed software. The data is
      then  automatically  populated  to  all  computers  on which the same
      shared disk is mounted.


       Benefits: The process of scanning remote shared disks is simplified.
      You can easily set up and maintain scans and monitor license usage on
      your shared disks.

   ·	Security enhancements


         -	Java upgrade which addresses the following CVEs: CVE-2018-2633,
            CVE-2018-2618,   CVE-2018-2603,  CVE-2018-2602,  CVE-2018-2579,
            CVE-2018-1417.


         - 	Update of the Xerces library to version 3.2.1 on Linux to keep
            the scanner secure and reliable.


   ·	Support for new virtualization technologies


         -	Power VM on Power9 on AIX, IBM i and Linux.


         -	KVM on IBM Power8.


         -	Management of Citrix Xen through VM manager.


Action to take


To learn how to get the application update and deploy it as well as to view
the full list of new features and APARs that were fixed in this application
update, see the following links:


BigFix Inventory: http://ibm.biz/bfi_update_9212


License Metric Tool: http://ibm.biz/lmt_update_9212


During  the upgrade, new versions of the software catalog and PVU table are
uploaded.  The  versions  that  are  uploaded are the newest ones that were
available  during  the  release  of the application update to which you are
upgrading.


Questions


If  you  have any product-related questions, please post them on one of the
following fora:


http://ibm.biz/BFI_Forum


http://ibm.biz/ILMT_Forum
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20180626/aa2d1f07/attachment.html>