<html><body><p><font size="2" face="Arial">This update contains features that extend software discovery, enhance license reporting and address security scenarios. The key features include:</font><br>
<ul><br><font size="2" face="Symbol">· </font><b><font size="2" face="Arial">Reporting detailed hardware information (BigFix Inventory only) </font></b><ul><br><font size="2" face="Arial">BigFix Inventory introduces a detailed hardware scan that allows you to retrieve d</font><font face="Calibri">etailed hardware information related to memory, operating systems, storage, processors, partitions, network adapters, SMBIOS data, IP addresses and logical processor capacity data.</font><p><b><font size="2" face="Arial">Benefits: </font></b><font size="2" face="Arial">You can use the collected information to report and monitor hardware in your infrastructure. The new scan gives you a clear overview of your physical assets.</font></ul><br><font size="2" face="Symbol">· </font><b><font size="2" face="Arial">Preventing of security threats with information about Common Vulnerabilities and Exposures (CVE) added to the software catalog (BigFix Inventory only)</font></b><ul><br><font face="Calibri">Common Vulnerabilities and Exposures (CVE) is a list of known security threats that are assigned identification numbers. BigFix Inventory uses CVE that is provided by the National Vulnerability Database to help you identify potential threats in your environment. In this release, BigFix Inventory presents initial integration with National Vulnerability Database as a preview feature.</font><p><b><font size="2" face="Arial">Benefits: </font></b><font size="2" face="Arial">Thanks to the visibility of potentially vulnerable software, it is possible to identify and prevent potential threats.</font></ul><br><font size="2" face="Symbol">· </font><b><font size="2" face="Arial">Retrieving information about the discovered software component as specified in the Common Platform Enumeration (CPE) dictionary (BigFix Inventory only)</font></b><ul><br><font size="2" face="Arial">Common Platform Enumeration is a standardized naming scheme for software. This information is available in REST API for integration scenarios. BigFix Inventory uses the CPE dictionary to match CVEs and indicate known vulnerabilities in software products.</font><p><b><font size="2" face="Arial">Benefits: </font></b><font size="2" face="Arial">You can analyze and compare the CPEs based on the data feeds provided by BigFix Inventory with other sources, such as CVEs that are available in the National Vulnerability Database.</font></ul><br><font size="2" face="Symbol">· </font><b><font size="2" face="Arial">Enhancements to reporting end of support dates </font></b><b><font face="Calibri">for selected software products</font></b><ul><br><font size="2">The end of support dates for selected IBM software products and components for which the information has been announced are now available on the Software Classification panel. Additionally, a new Predefined End of Support column indicates whether the end of support date was provided by IBM or was specified manually by a user. </font><p><b><font size="2" face="Arial">Benefits:</font></b><font size="2" face="Arial"> </font><font size="2">You can use information about end of support to easily define license demand for the future. You can also use it for security purposes. For example, to determine whether software installed on a computer that is under investigation is still supported or could be exposed to security vulnerabilities.</font></ul><br><font size="2" face="Symbol">· </font><b><font size="2" face="Arial">Using Review Lite script for extended discovery of Oracle databases (BigFix Inventory only)</font></b><ul><br><font size="2">Review Lite is a standard script used by the Oracle auditors to control the number of Oracle licenses within a company. BigFix Inventory allows you to automatically run this script on all computers in your environment. The results are interpreted by BigFix Inventory which provides you with an overview of the report that you are required to deliver to the auditors.</font><p><b><font size="2" face="Arial">Benefits:</font></b><font size="2" face="Arial"> </font><font size="2">You can use BigFix Inventory to prepare for the Oracle audit and better understand the results of the Review Lite script.</font></ul><br><font size="2" face="Symbol">· </font><b><font size="2" face="Arial">Automatic scanning of remote shared disks</font></b><ul><br><font size="2" face="Arial">Until now, remote shared disks could only be scanned with a manual procedure. With the newest release of BigFix Inventory and License Metric Tool, you can optimize this process and set up automatic scans. </font><font face="Calibri">As a result, a single computer is designated to scan a specific shared disk and discover the installed software. The data is then automatically populated to all computers on which the same shared disk is mounted.</font><p><font size="2" face="Arial"> </font><b><font size="2" face="Arial">Benefits: </font></b><font size="2" face="Arial">The process of scanning remote shared disks is simplified. You can easily set up and maintain scans and monitor license usage on your shared disks.</font></ul><br><font size="2" face="Symbol">· </font><b><font size="2" face="Arial">Security enhancements</font></b><ul><ul><font size="2" face="Arial">- Java upgrade which addresses the following CVEs: CVE-2018-2633, CVE-2018-2618, CVE-2018-2603, CVE-2018-2602, CVE-2018-2579, CVE-2018-1417.</font><font face="Calibri"> </font><p><font size="2" face="Arial">- Update of the Xerces library to version 3.2.1 on Linux to keep the scanner secure and reliable.</font></ul></ul><font face="Symbol">· </font><b><font face="Calibri">Support for new virtualization technologies</font></b><ul><ul><font size="2" face="Arial">- Power VM on Power9 on AIX, IBM i and Linux.</font><p><font size="2" face="Arial">- KVM on IBM Power8.</font><p><font size="2" face="Arial">- Management of Citrix Xen through VM manager.</font></ul></ul></ul><b><font size="2" face="Arial">Action to take</font></b><p><font size="2" face="Arial">To learn how to get the application update and deploy it as well as to view the full list of new features and APARs that were fixed in this application update, see the following links:</font><p><font size="2" face="Arial">BigFix Inventory: </font><a href="http://ibm.biz/bfi_update_9212"><u><font size="2" color="#0000FF" face="Arial">http://ibm.biz/bfi_update_9212</font></u></a><p><font size="2" face="Arial">License Metric Tool: </font><a href="http://ibm.biz/lmt_update_9212"><u><font size="2" color="#0000FF" face="Arial">http://ibm.biz/lmt_update_9212</font></u></a><p><font size="2" face="Arial">During the upgrade, new versions of the software catalog and PVU table are uploaded. The versions that are uploaded are the newest ones that were available during the release of the application update to which you are upgrading.</font><p><b><font size="2" face="Arial">Questions</font></b><p><font size="2" face="Arial">If you have any product-related questions, please post them on one of the following fora:</font><p><a href="http://ibm.biz/BFI_Forum"><u><font size="2" color="#0000FF" face="Arial">http://ibm.biz/BFI_Forum</font></u></a><p><a href="http://ibm.biz/ILMT_Forum"><font size="2" color="#0000FF" face="Arial">http://ibm.biz/ILMT_Forum</font></a><font size="2" face="Arial"> </font><BR>
</body></html>