Cloud Agent for Windows

Similar documents
Offline Scanner Appliance

Web Application Firewall

Qualys PC/SCAP Auditor

Security and Compliance Suite Rollout Guide. August 4, 2015

Policy Compliance. Getting Started Guide. January 22, 2016

Bringing Continuous Security to the Global Enterprise

EM Single Sign On 1.2 (1018)

Qualys API V1. User Guide. Version 8.6

Secret Server Qualys Integration Guide

NE T GENERATION CLOUD SECURITY PLATFORM

Asset Management and Tagging API v2. User Guide Version 2.9

Remote Filtering Client Guide. iprism Web Security

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

VMware vcenter Support Assistant 5.1.1

QualysGuard WAS. Getting Started Guide Version 3.3. March 21, 2014

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

Core Protection for Virtual Machines 1

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

QualysGuard WAS. Getting Started Guide Version 4.1. April 24, 2015

Zanibal Plug-in For Microsoft Outlook Installation & User Guide Version 1.1

FREQUENTLY ASKED QUESTIONS

Copyright 2012 Trend Micro Incorporated. All rights reserved.

Table of Contents. OpenDrive Drive 2. Installation 4 Standard Installation Unattended Installation

Symantec LiveUpdate Administrator. Getting Started Guide

SOA Software API Gateway Appliance 7.1.x Administration Guide

Appendix E. Captioning Manager system requirements. Installing the Captioning Manager

NETWRIX USER ACTIVITY VIDEO REPORTER

VMware Identity Manager Administration

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

TIBCO Spotfire Automation Services Installation and Configuration

NovaBACKUP Central Management Console

Pearl Echo Installation Checklist

How To Install Caarcserve Backup Patch Manager (Carcserver) On A Pc Or Mac Or Mac (Or Mac)

XStream Remote Control: Configuring DCOM Connectivity

Contents Release Notes System Requirements Administering Jive for Office

Quick Start Guide for Parallels Virtuozzo

COMMANDS 1 Overview... 1 Default Commands... 2 Creating a Script from a Command Document Revision History... 10

Administration Quick Start


Reconfiguring VMware vsphere Update Manager

Scanner Appliance. User Guide. April 6, 2015

How To Use Saml 2.0 Single Sign On With Qualysguard

Freshservice Discovery Probe User Guide

Microsoft SQL Database

QualysGuard Asset Management

Quick Start Guide for VMware and Windows 7

Installing and Configuring vcloud Connector

Practice Fusion API Client Installation Guide for Windows

owncloud Configuration and Usage Guide

September 2012 Page 1 of 12

Microsoft Corporation. Project Server 2010 Installation Guide

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

Ipswitch Client Installation Guide

CYCLOPE let s talk productivity

Kaseya 2. User Guide. Version 1.1

Content Filtering Client Policy & Reporting Administrator s Guide

Parallels Transporter Agent

Adobe Marketing Cloud Bloodhound for Mac 3.0

User Profile Manager 2.6

Symantec Client Management Suite 8.0

Bitrix Site Manager ASP.NET. Installation Guide

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 3 Installing Windows

Storage Sync for Netgear Version Installation Guide for Netgear ReadyNAS 6.0 Intel Base NAS

RLP Citrix Setup Guide

Advanced Configuration Steps

SolarWinds Toolset Migrating Guide

System Administrative Manual

Managing Qualys Scanners

SAS 9.3 Foundation for Microsoft Windows

User guide. Business

GETTING STARTED WITH THE PCI COMPLIANCE SERVICE VERSION 2.3. May 1, 2008

Capture Pro Software FTP Server System Output

Setting up FileMaker 10 Server

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

// Mamut Business Software. Installation Guide

NovaBACKUP xsp Version 12.2 Upgrade Guide

Remote Management System

Windows Server Update Services 3.0 SP2 Step By Step Guide

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

DameWare Server. Administrator Guide

Quick Start Guide 0514US

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

ASUS WebStorage Client-based for Windows [Advanced] User Manual

2015 GAAP. Cash Flow. compliance. our customer. revolutionary. for the fourth. to existing. customers. Media Contact: Don McCauley

Installation instructions for MERLIN Dashboard

Network Scanner Tool R3.1. User s Guide Version

InventoryControl for use with QuoteWerks Quick Start Guide

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Insight Video Net. LLC. CMS 2.0. Quick Installation Guide

Mobile Labs Plugin for IBM Urban Code Deploy

How To Backup Your Computer With A Remote Drive Client On A Pc Or Macbook Or Macintosh (For Macintosh) On A Macbook (For Pc Or Ipa) On An Uniden (For Ipa Or Mac Macbook) On

Yale Software Library

enicq 5 System Administrator s Guide

DriveLock Quick Start Guide

Customer Tips. Xerox Network Scanning TWAIN Configuration for the WorkCentre 7328/7335/7345. for the user. Purpose. Background

Virtual CD v10. Network Management Server Manual. H+H Software GmbH

FreeFlow Accxes Print Server V15.0 August P Xerox FreeFlow Accxes Print Server Drivers and Client Tools Software Installation Guide

Sophos Enterprise Console server to server migration guide. Product version: 5.1 Document date: June 2012

Installing and Configuring Lexia Reading Desktop Software

Transcription:

Cloud Agent for Windows Installation Guide Agent Version 1.4 November 14, 2016

Copyright 2016 by Qualys, Inc. All Rights Reserved. Qualys, the Qualys logo and QualysGuard are registered trademarks of Qualys, Inc. All other trademarks are the property of their respective owners. Qualys, Inc. 1600 Bridge Parkway Redwood Shores, CA 94065 1 (650) 801 6100

Preface Chapter 1 Get Started Qualys Cloud Agent Introduction... 5 A few things to know... 6 Cloud Agent Platform Availability for Windows... 6 Cloud Agent requirements... 6 What are the installation steps?... 6 Get help with troubleshooting... 6 Chapter 2 Installation Tips and best practices... 9 Cloud Agent Platform Windows hotfixes needed... 10 How to download Agent image... 11 Installation steps... 12 What you ll need... 12 Steps to install Agents... 12 What happens next?... 12 Certificate Support... 13 HIPS whitelisting... 14 Chapter 3 Proxy Configuration What do I need to know?... 16 QualysProxy syntax... 17 Use cases... 18 Example 1 Set proxy and port number... 18 Example 2 Set proxy and credentials... 18 Example 3 Tell agent to use PAC file... 18 Example 4 Specify credentials for use with PAC file... 18

Preface Welcome to Qualys Cloud Agent for Windows. This user guide describes how to install cloud agents on hosts in your network. About Qualys Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,200 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Fujitsu, HCL Comnet, HPE, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). For more information, please visit www.qualys.com. Contact Qualys Support Qualys is committed to providing you with the most thorough support. Through online documentation, telephone help, and direct email support, Qualys ensures that your questions will be answered in the fastest time possible. We support you 7 days a week, 24 hours a day. Access support information at www.qualys.com/support/.

1 Get Started Thank you for your interest in Qualys Cloud Agent! This document tells you all about installing Qualys Cloud Agent for Windows. We ll tell you about Requirements, Installation Steps, Proxy Support, Certificate Supports, HIPS whitelisting, Best Practices and more. Qualys Cloud Agent Introduction Qualys Cloud Platform gives you everything you need to continuously secure all of your global IT assets. Now with Qualys Cloud Agent, there s a revolutionary new way to help secure your network by installing lightweight cloud agents in minutes, on any host anywhere - such as laptop, desktop or virtual machine. Watch the overview for an introduction. Videos from the Qualys Community Cloud Agent Platform Introduction (2m 10s) Getting Started Tutorial (4m 58s) Get informed quickly about Qualys Cloud Agent (CA).. Learn more from the Qualys Community CA Platform Announcement Getting Started Guide

Chapter 1 Get Started A few things to know... A few things to know... Cloud Agent Platform Availability for Windows Current Release: 1.4.5 Release Status: GA Vendor Operating System Arch Installer Microsoft Windows XP SP 3+, Vista, 7, 8/8.1, 10 Microsoft Windows Server 2003 SP 3+, 2008/2008 R2, 2012/2012 R2, 2016 TP5 Important Note Windows XP and Server 2003 do not have Cryptography Next Generation (CNG) Suite B algorithms (including SHA2) included in the operating systems. The Qualys certification uses SHA2-512 so any validation against that certification will fail because the platform doesn't have the algorithm to validate the certification installed or to install the certification. Hotfixes must be installed to add the necessary SHA2-256/318/512 support to the system. Click here for the hotfixes needed Cloud Agent requirements - Your hosts must be able to reach your Qualys Cloud Platform (or the Qualys Private Cloud Platform) over HTTPS port 443. Log into the Qualys Cloud Platform and go to Help > About to see the URL your hosts need to access. - To install Cloud Agent for Windows, you must have Local administrator privileges on your hosts. Proxy configuration is supported. Learn more What are the installation steps? Our Cloud Agent UI walks you through the steps to install agents on your hosts. Once the agent is installed you will need to provision it using our agent configuration tool. Get help with troubleshooting We recommend you inspect the agent s log file located here: C:\Program Data\Qualys\QualysAgent x86_64 x86_64 On XP and Server 2003 log files are located here: (.exe) (.exe) C:\Documents and Settings\All Users\Application Data\Qualys\QualysAgent 6 Qualys Cloud Agent for Windows

Chapter 1 Get Started A few things to know... You ll also find helpful information in Qualys online help. Qualys Help Troubleshooting Error messages Qualys Cloud Agent for Windows 7

2 Installation It s easy to install Cloud Agent for Windows. We ll walk you through the steps quickly. Keep in mind - Depending on your environment, you might need to take steps to support communications between agent hosts on your network and the Qualys Cloud Platform. Tips and best practices Cloud Agent Platform Windows hotfixes needed How to download Agent image Installation steps Proxy Configuration Certificate Support HIPS whitelisting

Chapter 2 Installation Tips and best practices Tips and best practices What is an activation key? You ll need an agent activation key to install agents. This provides a way to group agents and bind them to your subscription with Qualys Cloud Platform. You can create different keys for various business functions and users. Benefits of adding asset tags to an activation key Tags assigned to your activation key will be automatically assigned to agent hosts. This helps you manage your agents and report on agent hosts. Running the agent installer You ll need to run the installer from an elevated command prompt, or use a systems management tool. Be sure to activate agents to provision agents for modules - Vulnerability Management (VM), Policy Compliance (PC), or both. Activating an agent for a module consumes an agent license. You can set up auto activation by defining modules for activation keys, or do it manually in the Cloud Agent UI. What happens if I skip activation? Agents will sync inventory information only to the cloud platform (IP address, OS, DNS and NetBIOS names, MAC address), host assessments will not be performed. How many agents can I install? You can install any number of agents but can activate an agent only if you have a license. The Agents tab in the Cloud Agent UI tells you about your installed agents and license count: Total Agents - All installed agents that have successfully connected to the Qualys Cloud Platform (includes unlicensed agents) VM Agents/PC Agents - Count of licensed agents per module (i.e. activated/purchased licenses) Check to be sure agents are connected Once installed agents immediately connect to the Qualys Cloud Platform and register themselves. You can see agent status on the Agents tab - this is updated continuously. If your agent doesn t have a status, it has not successfully connected to the cloud platform and you need to troubleshoot. Qualys Cloud Agent for Windows 9

Chapter 2 Installation Cloud Agent Platform Windows hotfixes needed Cloud Agent Platform Windows hotfixes needed The following hotfixes are required to install Windows Agent Windows XP SP3 x86 SHA2 Cert Hotfix KB Article Number: 968730 Language: English Platform: i386 Location: http://hotfixv4.microsoft.com/windows%20xp/sp4/fix251294/2600/free/375554_enu_i386_zip.exe Windows XP SP3 x86 SHA2 Cert Hotfix KB Article Number: 968730 Language: English Platform: i386 Location: http://hotfixv4.microsoft.com/windows%20server%202003/sp3/fix262679/3790/free/375510_enu_i386_zi p.exe Windows XP x64 & Windows Server 2003 x64 SP3 SHA2 Cert Hotfix KB Article Number: 968730 Language: English Platform: x64 Location: http://hotfixv4.microsoft.com/windows%20server%202003/sp3/fix262679/3790/free/375531_enu_x64_zip.exe KB Article Number: 968730 Language: English Platform: i386 Location: http://hotfixv4.microsoft.com/windows%20server%202003/sp3/fix262679/3790/free/375510_enu_i386_zi p.exe Microsoft KB Article to request additional hotpatches for this fix: http://support2.microsoft.com/hotfix/kbhotfix.aspx?kbnum=968730&kbln=en-us 10 Qualys Cloud Agent for Windows

Chapter 2 Installation How to download Agent image How to download Agent image Download an image of Qualys Cloud Agent for Linux Here s how to download an image from the Qualys Cloud Platform and get the associated Activation ID and Subscription ID. Log into the Qualys Cloud Platform and select CA for the Cloud Agent module. Choose an activation key (create one if needed) and select Install Agent from the Quick Actions menu. Click Install instructions next to Windows (.exe). What happens? The Agent image is downloaded to your local system, and in the UI you ll see the associated Activation key ID and Subscription ID - copy and paste this to a safe place, you ll need it to complete the installation. Qualys Cloud Agent for Windows 11

Chapter 2 Installation Installation steps Installation steps What you ll need To install cloud agents, you ll need to download the Cloud Agent image and get the associated ActivationID and CustomerID. Just log into the Qualys Cloud Platform, go to the Cloud Agent (CA) module, and follow the installation steps for Windows (.exe) to get everything you need. Cloud Agent requirements Steps to install Agents Copy the Qualys Cloud Agent image onto the host you want to monitor, and run the command or use group policy or a systems management tool. > QualysCloudAgent.exe CustomerId={xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx} ActivationId={xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} What happens next? We ll start syncing asset data to the cloud! Once installed an agent immediately connects to the Qualys Cloud Platform and registers itself. We would expect you to see your first asset discovery results within a few minutes. The first assessment scan in the cloud takes some time, after that scans complete as soon as new host metadata is uploaded to the cloud platform. You might also be interested in... Proxy Configuration Certificate Support HIPS whitelisting 12 Qualys Cloud Agent for Windows

Chapter 2 Installation Certificate Support Certificate Support Qualys Cloud Platform certification uses SHA2-512. Windows XP and Windows Server 2003 do not include SHA2 support by default so you must install a SHA2 hotfix on these systems, otherwise certification will fail. Download the SHA2 hotfix you need Windows XP SP3 x86 SHA2 Cert Hotfix Windows Server 2003 SHA2 Cert Hotfix Windows XP x64 & Windows Server 2003 x64 SP2 SHA2 Cert Hotfix Get more information Microsoft KB Article on SHA-256 support Microsoft Developer Troubleshooting help Qualys Cloud Agent for Windows 13

Chapter 2 Installation HIPS whitelisting HIPS whitelisting Have an HIPS system installed? You might need to whitelist certain directories and/or files on Windows. Agent processes QualysAgent.exe - this is the Qualys endpoint service setup.exe - non-msi installer needs access to disk and registry locations (see below) uninstall.exe - this is the Qualys endpoint service uninstaller - needs r/w/d access to following disk and registry locations File whitelisting %PROGRAMDATA%\Qualys\QualysAgent - we read/write/create/delete files in this directory and sub-directories %ProgramFiles(x86)%\Qualys\QualysAgent - this is where the service and uninstall live. The service will create processes so HIPS needs to make sure to unblock this action Registry whitelisting HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\QualysAgent - this is where the agent setup installs the service into the system. HKEY_LOCAL_MACHINE\SOFTWARE\Qualys - this is where breadcrumb information lives to merge agent and appliance scanner results. The agent needs c/r/w/d access here; setup needs to create the key; uninstall needs ability to delete the key. QualysAgent.exe Calls CreateProcess to launch external proceses on occasion Calls CoCreateInstance to instantiate COM objects Creates/Reads/Writes/Deletes files out of its programdata directory Creates/Reads/Writes/Deletes from the hklm\software\qualys registry key Enumerates and reads from all file and registry locations 14 Qualys Cloud Agent for Windows

3 Proxy Configuration Our lightweight QualysProxy tool lets you configure proxy settings for Windows Agent (available with Windows Agent 1.2 and later). This tool stores proxy information in a Qualys owned registry path that is ACL'd to SYSTEM and Administrators. Authentication credentials are encrypted and used by the agent. QualysProxy lets you: - Configure proxy username and password credentials - Configure PAC file URLs for cases when WPAD is not available - Configure a private proxy URL that the Agent communicates through Proxy configurations prior to Windows Agent 1.2 The QualysProxy tool replaces "netsh winhttp" usage. Setting the agent proxy using "netsh winhttp" will no longer work. Installations that previously used "netsh winhttp" (1.1 and older) will need to have proxy configuration set again by using the QualysProxy tool. This is to ensure that the agent does not inadvertently inherit proxy settings previously intended for other purposes.

Chapter 3 Proxy Configuration What do I need to know? What do I need to know? Tell me about installation The QualysProxy tool, and proxy tool updates, are downloaded to the cloud agent whenever the agent is self-patched. The tool is also distributed in the agent setup when manually installed. You ll find the tool here: C:\Program Files (x86)\qualys\qualysagent\qualysproxy.exe On Windows XP, you ll find the proxy tool here: C:\Program Files\Qualys\QualysAgent\QualysProxy.exe Run from elevated prompt The proxy tool must be run from an elevated command prompt by right clicking the command prompt start menu item: or by typing cmd into the Search/Run start menu edit control and right clicking on the cmd.exe menu item: Support for systems management software The command line interface (CLI) tool is designed to be used in shell scripts executed by systems management software. When execution of the tool completes, the ERROR_LEVEL will be set to 0 (zero) on success, and non-zero on error. No window d UI is displayed to the user. Changes made through the proxy tool happen automatically and there s no need to restart the agent service. Changes can be verified by inspecting the Agent s log.txt file: C:\ProgramData\Qualys\QualysAgent On XP and Windows Server 2003, the Agent's log.txt file is located here: C:\Documents and Settings\All Users\Application Data\Qualys\QualysAgent All connection errors will be logged and proxy configuration archived each time the Agent attempts to communicate with the cloud. 16 Qualys Cloud Agent for Windows

Chapter 3 Proxy Configuration QualysProxy syntax QualysProxy syntax QualysProxy [/u <proxy url> [/n <proxy username>] [/p <proxy password] [/a <PAC file url>]] [/d] Option Description /u Proxy URL. If set, do not set /x option. /n Username used to access proxy. If set, /u option must be set. /p Password used to access proxy. If set, /u option must be set. /a URL path to PAC file for proxy auto-configuration. If set, do not set /u option. /d Deletes all Qualys cloud agent proxy settings. Notes If any argument contains spaces, please surround that argument with quotes. If any argument contains a " character, precede that character with a backslash '\'. Qualys Cloud Agent for Windows 17

Chapter 3 Proxy Configuration Use cases Use cases Example 1 Set proxy and port number The following example shows how to set a proxy and port number: QualysProxy /u http://my-proxy:12345 Example 2 Set proxy and credentials The following examples shows hot to set a proxy (default port: xxx) along with proxy credentials: QualysProxy /u http://my-proxy /n ProxyUsername /p ProxyPassword Example 3 Tell agent to use PAC file The following example shows how to tell the cloud agent to use a PAC file directly in lieu of allowing it to be found through WPAD: QualysProxy /a http://my-pac-file-server/qualysagent.pac Example 4 Specify credentials for use with PAC file The following example shows how to specify credentials for use with a PAC file. The credentials will get passed to the resulting proxy URL: QualysProxy /n ProxyUsername /a ProxyPassword /a http://my-pacfile-server/qualysagent.pac 18 Qualys Cloud Agent for Windows

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information