Managing And Patching Neverfail Continuity Engine Clusters Using Passive Node Management Feature With IBM BigFix

Managing And Patching Neverfail Continuity Engine Clusters Using Passive Node Management Feature With IBM BigFix


This article provides information on how to manage or patch Neverfail Continuity Engine clusters through IBM BigFix (also known as IBM EndPoint Manager, Tivoli Endpoint Manager), using Passive Node Management feature.


An IBM BigFix server should be installed and configured.

Enable Passive Node Management through Identity

Neverfail Continuity Engine servers should be able to access IBM BigFix in order to be managed remotely from there.

  • On the active server this can be achieved through the Public IP address or through a Management IP Address. 
  • On the passive server, this can be achieved only through a Management Name and IP Address.

Thus, a Management Name and IP Address with access to IBM BigFix must be configured on each node, in order to be able to connect to IBM BigFix when both in active or passive role. The DNS name resolution option needs to be configured for the management IP address from Server Configuration Wizard.

Neverfail Continuity Engine passive server nodes can be managed through IBM BigFix only after performing one of the following configurations: from the IBM BigFix server side (1) OR from the managed node side (2). 

1. Configuring IBM BigFix server

Configure IBM BigFix server with IP Address

During the IBM BigFix Server installation, a DNS name will be requested, which will be recorded for license and it will be used by Clients for identifying the server. Neverfail recommends (if possible) to configure the IP address for identifying the IBM BigFix during installation - this way the BigFix client subsequently installed on the Neverfail Engine passive nodes will be able to connect successfully to the BigFix server, without any other additional settings.


2. On the Neverfail Engine cluster servers

Configure Neverfail Engine passive nodes to access IBM BigFix server

If during its installation the IBM BigFix server was configured with DNS Name then the Neverfail Engine nodes must be tweaked so that the IBM BigFix client installed on them may access the BigFix server, when the node is in passive node. A way of achieving this is by adding the IBM BigFix IP Address - DNS name mapping in the C:\Windows\System32\drivers\etc\hosts file, as follows:


Managing a Neverfail Engine Cluster

Deploy IBM BigFix client on Neverfail Continuity Engine Cluster

To deploy the IBM BigFix client from IBM BigFix Console: Go to Wizards> All Wizards> Client Deploy Tool Wizard> Add Targets

The Target IP addresses must include the Management IP addresses of the Engine cluster servers.

After the installation, the Engine cluster managed nodes are visible in the IBM BigFix Console in Computers tab: notice the same computer name ("AG-BIGFIXCLIENT") for both nodes - this  value corresponds to BigFix client computer name inspector and it's expected to be so in a Management Identity enabled server.


In order to tweak the IBM BigFix Console for displaying the Management/DNS name, right-click on the Computers table header and add the DNS Name column:


The result is:


Manage Neverfail Continuity Engine Cluster

All the Engine Cluster nodes registered in IBM BigFix server can be managed or patched no matter if they're active or passive.


Performing a Neverfail Engine switchover 

Here's an example of expected behavior when Neverfail Engine clusters changes the active server (switchover):

Management Identity configuration: 

Physical Hardware Identity

Management Name

Public Name

Primary ag-i-p AG-BIGFIXCLIENT
Secondary ag-i-s AG-BIGFIXCLIENT


Assets before switchover displayed in IBM BigFix Console:


Assets after switchover displayed in IBM BigFix Console:



Applies to

IBM BigFix 9.5.11

Neverfail Continuity Engine 8.5 and later