QualysGuard Asset Management



Similar documents
How To Tag Assets In A Microsoft Qoq On A Microsq.Com (For Free) On A Pc Or Macbook Or Macsoft.Com On A Macbook (For Paid) On An Ipad Or Ipad (

Security and Compliance Suite

QualysGuard WAS. Getting Started Guide Version 3.3. March 21, 2014

QualysGuard WAS. Getting Started Guide Version 4.1. April 24, 2015

Policy Compliance. Getting Started Guide. January 22, 2016

Web Application Firewall

Elastic Detector on Amazon Web Services (AWS) User Guide v5

Managing Qualys Scanners

Qualys PC/SCAP Auditor

Overview and Deployment Guide. Sophos UTM on AWS

KeyControl Installation on Amazon Web Services

Discovery Guide. Secret Server. Table of Contents

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard

Offline Scanner Appliance

Security and Compliance Suite Evaluator s Guide. August 11, 2015

VX 9000E WiNG Express Manager INSTALLATION GUIDE

Security and Compliance Suite Rollout Guide. August 4, 2015

WebSphere Business Monitor V6.2 KPI history and prediction lab

Deploying Virtual Cyberoam Appliance in the Amazon Cloud Version 10

PCI Compliance. Network Scanning. Getting Started Guide

USER CONFERENCE 2011 SAN FRANCISCO APRIL Running MarkLogic in the Cloud DEVELOPER LOUNGE LAB

MATLAB on EC2 Instructions Guide

Drobo How-To Guide. Cloud Storage Using Amazon Storage Gateway with Drobo iscsi SAN

Lync Online Deployment Guide. Version 1.0

TechNote. Configuring SonicOS for Amazon VPC

Installing and Configuring vcloud Connector

VXOA AMI on Amazon Web Services

StarWind iscsi SAN Software: Challenge-Handshake Authentication Protocol (CHAP) for Authentication of Users

SENDING S & MESSAGES TO GROUPS

How To Create A Virtual Private Cloud On Amazon.Com

Charter Business Desktop Security Administrator's Guide

Quick Start Guide to Logging in to Online Banking

Professional Mailbox Software Setup Guide

XMPP Instant Messaging and Active Directory

File Management Utility User Guide

Drobo How-To Guide. Topics. What You Will Need. Prerequisites. Deploy Drobo B1200i with Microsoft Hyper-V Clustering

A-AUTO 50 for Windows Setup Guide

Enabling VPN on your VPS

Remote Online Support

Lab Configuring Access Policies and DMZ Settings

Online Backup Guide for the Amazon Cloud: How to Setup your Online Backup Service using Vembu StoreGrid Backup Virtual Appliance on the Amazon Cloud

Installing the Panini Universal Scanner Driver

Set Up Setup with Microsoft Outlook 2007 using POP3

Deploy Remote Desktop Gateway on the AWS Cloud

Microsoft Office 365 with MailDefender

Hosted VoIP Outlook TAPI Integration

How to set up Outlook Anywhere on your home system

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Cyberoam Virtual Security Appliance - Installation Guide for XenServer. Version 10

Installing and Configuring vcloud Connector

Configure the idrac Remote Access Console

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

Enterprise. Insights. Active Directory Integration: Installation and Setup Guide. v1.0.5

Informatica Cloud & Redshift Getting Started User Guide

Creating Reports with Microsoft Dynamics AX SQL Reporting Services

ODBC Client Driver Help Kepware, Inc.

Nessus Enterprise Cloud User Guide. October 2, 2014 (Revision 9)

escan SBS 2008 Installation Guide

Setting up Remote Desktop

SHAREPOINT 2013 IN INFRASTRUCTURE AS A SERVICE

Strategic Asset Tracking System User Guide

Installing Intercloud Fabric Firewall

OneLogin Integration User Guide

Installing the TAPI Support Software

Setting up Hyper-V for 2X VirtualDesktopServer Manual

Freshservice Discovery Probe User Guide

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Setting up a Virtual Private Network (VPN) connection Windows 8

V Series Rapid Deployment Version 7.5

System Administration Training Guide. S100 Installation and Site Management

YSU Secure Wireless Connect Guide Windows XP Home/Professional/Media Center/Tablet PC Edition

Quick Start Guide v4.0 Client Outlook Connection

CTERA Agent for Windows

Guide to Setting up Internet Connection Sharing for Windows

MARKETO LEAD MANAGEMENT APP INSTALLATION AND SYNCHRONIZATION WITH SALESFORCE. Installation Guide Version 1.2

XStream Remote Control: Configuring DCOM Connectivity

Installing Policy Patrol on a separate machine

Professional Mailbox Software Setup Guide

Installing Remote Desktop Connection

Legal Notes. Regarding Trademarks KYOCERA MITA Corporation

Installation & Configuration Guide Professional Edition

The service note describes the basic steps to install a ip camera for the DVR670

This is a training module for Maximo Asset Management V7.1. It demonstrates how to use the E-Audit function.

How-to setup a proxy in the cloud

Defender Token Deployment System Quick Start Guide

IQSweb Reference G. ROSS Migration/Registration

Accessing the Online Meeting Room (Blackboard Collaborate)

Scan to Quick Setup Guide

Xerox Global Print Driver. Installation Guide

client configuration guide. Business

Lumension Endpoint Management and Security Suite

Aeries.net Teacher Portal User Documentation July 31, Access Teacher Portal. 2. Utilizing the Navigation Tree

Eucalyptus User Console Guide

TRIPWIRE PURECLOUD. TRIPWIRE PureCloud USER GUIDE

The steps will take about 4 hours to fully execute, with only about 60 minutes of user intervention. Each of the steps is discussed below.

InventoryControl for use with QuoteWerks Quick Start Guide

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Transcription:

QualysGuard Asset Management Quick Start Guide January 28, 2014 Dynamic Asset Tagging provides a flexible and scalable way to automatically discover and organize the assets in your environment and make them available for scanning, reporting and ticketing within QualysGuard. The Asset Management application allows you to easily manage your assets using dynamic asset tagging capabilities: Support for multiple hierarchies (by OS, region, line of business, etc.) Custom attributes such as location, business function, owner Dynamic tags automatically assigned based on any detectable attribute Synchronizes your scans and reports with your dynamic business environment By creating Amazon EC2 Asset Data Connectors within the Asset Management application, QualysGuard will continuously import and synchronize your Amazon EC2 and VPC virtual machine Instance inventories into your QualysGuard asset database. See Amazon EC2 Asset Inventory and Scanning. Requirements: The Asset Management application and Dynamic Asset Tagging MUST be enabled for your subscription. Please contact your Technical Account representative or Support representative for assistance. It will take 24 to 48 hours for the Qualys support team to enable this for your account. First Steps Opt in to New Data Security Model A user with the Manager role needs to opt in to the New Data Security Model by going to Users > Setup > Security. After opting in, users will see the Asset Management application in the application picker. (If not, Asset Management has not be added to your subscription yet; please contact Support or your Account Manager). Be sure to scan assets in your account so tags can be assigned to them. Copyright 2013-2014 by Qualys, Inc. All Rights Reserved. 1

Go to Asset Management Select the Asset Management application. Your Assets Click the Assets tab to view the assets in your account. Your assets list may include a combination of IP addresses, web applications and malware detection sites. Is your assets list empty? A Manager user must opt in to the New Data Security Model. If this is not done you ll notice there aren t any IP addresses in the list. Go to VM > Users > Setup > Security to check this setting and opt in for your subscription (or ask a Manager to do it). Are your IP addresses missing? You (or another user) needs to run scans using the VM application before your IP addresses will appear within the Asset Management application. If you have IP addresses listed under VM > Assets > Host Assets and the IPs are not listed in Asset Management, you should run vulnerability scan(s) of your hosts. Your Tags Click the tag tree icon to display the "Assign tags" list, which displays all the tags currently in your subscription. To display child tags, click the triangle to the left of a parent tag. Tags You Start With We create some initial tags based on the existing objects (configurations) in your account. The tags you start with are not assigned to assets. You can assign these tags to assets manually, and you can also edit the tags to create tagging rules for them. QualysGuard Asset Management Quick Start Guide 2

Business Units. We create a Business Units tag and a sub-tag Unassigned Business Unit. For each custom business unit, we create a sub-tag with the business unit's name. For example, if your custom business units are called EU and US, you'll have a tag called Business Units, which will have sub-tags called Unassigned Business Unit, EU and US. Scanned assets in your custom business units will automatically be assigned their business unit tags. Asset Groups. We create an Asset Groups tag and a sub-tag for each of the asset groups defined in your subscription. For example, if you have asset groups called Unix and Windows, you'll have a tag called Asset Groups, which will have sub-tags called Unix and Windows. Scanned assets in your asset groups will automatically be assigned their asset group tags. Powerful Search Capabilities You can always find the assets you're looking for using the search and filter features of the assets list. You ll be searching the assets in your account and the most recent scan data for them. In the field provided use natural syntax to enter search criteria. Examples: "Firefox Excel" finds assets with both Firefox and Excel installed. "Firefox -Excel" finds assets with Firefox installed but excludes those with Excel installed ("-" makes the term an exclusion). "80" Finds assets with port 80 open, or with "80" in their IP address or in their DNS name. Click above search assets field to display the filters. Filters represent field-level information saved in your account as part of the auto scan data (latest host scan results). Filters include tags, attributes, operating system, tracking method and open ports (multiple entries are comma separated). The assets list changes dynamically as you specify filters. QualysGuard Asset Management Quick Start Guide 3

View Asset Details Mouse over an asset row and select View host details from the Quick Actions menu. Click the tabs on the left to view the host details: Asset Summary, Open Ports, Installed Software and Vulnerabilities. Add a Tag to an Asset Adding tags to assets enables you to control user access to those assets. When an asset is assigned one or more tags, users with any of those tags in their assigned scopes can access that asset. You can add tags to assets manually in the assets list or automatically by defining tagging rules. Add tags manually by either of these methods: Locate the asset you want to tag, select a tag in the tag tree and then drag and drop the tag onto the asset. Locate the asset you want to tag and click in that asset's row. In the Add tags pop-up type a tag name in the "Search for tag" field. Matching tags appear as you type. Click the tag you want to add to the asset and then click the Add tag button. QualysGuard Asset Management Quick Start Guide 4

Find Assets Associated with a Tag To find assets associated with a specific tag, hover over the tag on the Tags tab and select Find assets from the Quick Actions menu. The assets list appears and displays only the assets with the selected tag. If you click above the assets list, you ll see the tags filter. Click to display the complete assets list. QualysGuard Asset Management Quick Start Guide 5

Create Tags Click the Tags tab and then click the Create tag button. The Tag Creation wizard appears. Enter a name for the tag. You have the option to select a color. Colors can be useful for grouping tags with something in common, such as an asset group or business unit. If the tag you re creating a sub-tag, select the parent tag. Static and Dynamic Tags Static. A static tag can be manually assigned to assets in your account. To create the tag as a static tag, just click Continue twice and then click Finish. (Static tags do not have tag rules.) Dynamic. A dynamic tag is automatically assigned to scanned assets in your account according to its tag rule. To create the tag as a dynamic tag, click Continue and define a tag rule. QualysGuard Asset Management Quick Start Guide 6

When you define a dynamic tag, you have multiple rule engines to choose from. For example, you may define a rule for tagging hosts that have a specific operating system or a particular software application and version installed. For this example we've selected Operating System Regular Expression. In the Rule Text field, enter a regular expression (Perl format) to identify the operating system to be tagged. In our example we're creating a dynamic tag for assets with a Windows OS. Test Rule Applicability on Selected Assets. (optional) Select assets in your account to test the rule using the Add Asset drop-down menu. The result for each selected asset appears below the Add Asset drop down menu. A check mark indicates a selected asset matches the rule. A red indicates a selected asset does not match the rule. When you click Save, we automatically add the new tag to all scanned assets in your account that match the tag rule. Filter the Assets List. Another way to find the assets for a given tag is to use filters. On the Assets tab, click. Under Tags, select your new tag. The assets list is filtered to show only the assets your new tag has been added to. QualysGuard Asset Management Quick Start Guide 7

More Ways to Create Tags You can create a tag based on search criteria you enter. The tag will be created with a rule based on your search criteria. Click the Assets tab, type your search text in the field provided and then click the "Search assets" button. The assets list will display only assets that match your search string. Click and enter a name for the tag. You can create a tag based on asset filters. Click the Assets tab and click to display the filtering options. Define your filters and then click enter a name for the tag. above the assets list. When prompted QualysGuard Asset Management Quick Start Guide 8

Create Tags Using VM An easy way to create tags with tagging rules for automatic assignment to assets is through the Asset Search Portal in the VM application. Go to VM > Assets > Asset Search. Specify the host attributes you want to search for and then click Create Tag. When prompted enter a name for the tag and click OK. We create the tag with a tag rule based on your search criteria. Within the Asset Management application, the new tag appears in your tag tree as a sub-tag of the "Asset Search Tags" parent tag. The new tag is automatically added to all scanned assets in your account that match your search criteria. On the Tags tab, hover over the new tag s row and select Find assets from the Quick Actions menu. The assets list is filtered to display only assets that match the new tag. QualysGuard Asset Management Quick Start Guide 9

Using Tags to Launch a Scan You have the option to select tags when choosing the hosts to scans. We resolve the tags to host assets at scan time. Only hosts in your account will be scanned. Go to VM > Scans > Scans and select New > Scan. Under Choose Target Hosts from, select Tags and then add tags to identify hosts for the scan. Note: When "Use IP Network Range tags" is selected, only tags with IP address rule defined are shown for selection. In the Include hosts section, click Add Tag to select tags. Select "All" to include hosts that match all of the tags selected. Select "Any" to include hosts that match at least one of the tags. For example, let's say you've selected tags US-West Coast, Windows XP and Port80. If you pick All, only hosts that have all three tags will be included. If you pick Any, hosts that have at least one of the tags will be included. Add tags to the "Do not include" section. For example, you might include a tag called US-West Coast and exclude the tag California. Any host that has the California tag will be excluded from the scan even if it also has the US-West Coast tag. QualysGuard Asset Management Quick Start Guide 10

Using Tags to Schedule a Scan Go to VM > Scans > Schedules and select New > Schedule Scan. Under Target Hosts, select Tags and then add tags to identify hosts to include in the scan and to exclude from the scan. See Using Tags to Launch a Scan above for information about tag selection. Using Tags to Run a Report Many reports now allow asset tag selection to specify report source, including VM reports (except the Map Report) and template based PC reports. Two scorecard reports, the Most Prevalent Vulnerabilities Report and the Most Vulnerable Hosts Report, also allow asset tag selection. Go to VM > Reports > Reports. Select New > Scan Report > Template Based. For Report Source, add tags to identify hosts to include in the report and to exclude from the report. See Using Tags to Launch a Scan above for information about tag selection. QualysGuard Asset Management Quick Start Guide 11

The Summary section of the finished report displays the names of the tags used to specify the report source. Amazon EC2 Asset Inventory and Scanning Here s the high level steps for getting started with the Amazon EC2 Pre-Authorized Scanning solution from Qualys, Inc. What are the requirements? The EC2 Scanning feature must be enabled for your account. Please contact your Technical Account Manager or Support if you would like have this feature turned on in your account. You'll need to be a Manager user with full rights. Step 1: Configure and activate a virtual scanner Configure a virtual scanner using Amazon EC2/VPC. If you haven't already done this, log into your account, go to VM > Scans > Appliances, and select New > Virtual Scanner Appliance. Our wizard will walk you through all the steps. Once deployed check to be sure the appliance is connected - you can see this on scanner appliances list (go to VM > Scans > Appliances). You ll see the icon once the appliance is connected and available for scanning. Step 2: Create an EC2 connector Our EC2 Connector wizard walks you through the steps for providing your AWS Access Keys, selecting EC2 Regions and activating your EC2 assets for vulnerability scanning. Go to the Asset Management application, go to the Connectors tab, and then select Actions > Create EC2 Connector. Our wizard will help you with selecting EC2 hosts to scan. You ll be prompted to assign them asset tags as part of this process. QualysGuard Asset Management Quick Start Guide 12

Authentication Provide a name and description for the connector and click Continue. You ll be prompted to create an authentication record including your Amazon Web Services (AWS) Access Keys to allow us to connect to the EC2 regions. Click Finish to return to the Create EC2 Connector window. Connect to Your EC2 Regions Select your authentication record and Click Test Connector to make sure we can connect to your EC2 regions. When the test is completed, click Continue. You ll see the EC2 regions list showing the number of assets that you have in each region. Select the regions you want to synchronize, or select All Regions. The assets in the selected regions will be added to your account and synchronized. Click Continue. QualysGuard Asset Management Quick Start Guide 13

Activate and Tag Your EC2 Assets Select the Automatically activate check box to activate your EC2 assets for VM scanning. (You can activate them later from your assets list.) Select tags to apply to your EC2 assets discovered by this connector. Tags are required to select EC2 hosts for vulnerability scans within QualysGuard VM. (You can assign tags manually if you wish.) Click Continue to review and confirm. View EC2 Hosts on the Assets List You'll see your EC2 hosts on the Assets Tab. View EC2 Hosts in VM Go to VM > Assets > Host Assets. Under Tracking, the EC2 host icon appears next to each EC2 host that has been activated. QualysGuard Asset Management Quick Start Guide 14

Step 3: Launch a vulnerability scan on your EC2 hosts Go to VM > Scans and select New > EC2 Scan. Simply enter your scan settings and click Launch. For the scan settings: 1) Select a virtual scanner appliance you ve configured for Amazon EC2/VPC, 2) Select the EC2 connector for the AWS integration you want to run the scan on, and select the EC2 region or VPC zone, and 3) Add tags to select the EC2 hosts to be scanned. Click Launch to start the scan. The scan process is the same as any vulnerability scan. Once the scan is complete, you ll notice each EC2 scanned host is listed in the scan results, under Detailed Results. For each host you ll see: 1) the host s IP address, and 2) the Amazon host ID(s). Still have questions? Want help with deploying your virtual scanner appliance? Check out the articles below to learn more. From our Community: How to subscribe to the virtual scanner AMI How to configure a virtual scanner appliance using Amazon EC2/VPC What if my EC2 instances have IP address changes? Your EC2 instances may have IP address changes. We can continue to scan your EC2 instances because we scan by EC2 instance ID (not by IP address). Just run a new EC2 scan and we'll look for any IP address changes. If changes are found, you'll see the new IP addresses in your scan results. Once these scan results are processed the new IP addresses are shown in your account and will be included in your scan reports. QualysGuard Asset Management Quick Start Guide 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information