Managing Qualys Scanners

Similar documents
IBM Security QRadar SIEM Version MR1. Vulnerability Assessment Configuration Guide

IBM Security QRadar Version Vulnerability Assessment Configuration Guide IBM

Managing Vulnerability Assessment

Setting Up Scan to SMB on TaskALFA series MFP s.

Extreme Networks Security Vulnerability Assessment Configuration Guide

PineApp Surf-SeCure Quick

IIS, FTP Server and Windows

IBM Security QRadar SIEM Version MR1. Administration Guide

Installing and Configuring vcloud Connector

Discovery Guide. Secret Server. Table of Contents

SOA Software API Gateway Appliance 7.1.x Administration Guide

WatchDox Administrator's Guide. Application Version 3.7.5

NSi Mobile Installation Guide. Version 6.2

ShadowControl ShadowStream

IBM Security QRadar Vulnerability Manager Version User Guide

Migration Manual (For Outlook 2010)

Migration Manual (For Outlook Express 6)

Juniper Secure Analytics

QUANTIFY INSTALLATION GUIDE

Web Application Firewall

Siteminder Integration Guide

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

Secret Server Qualys Integration Guide

F-Secure Messaging Security Gateway. Deployment Guide

What is the Barracuda SSL VPN Server Agent?

Request Manager Installation and Configuration Guide

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

escan SBS 2008 Installation Guide

Startup guide for Zimonitor

Active Directory Integration

Virtual Appliance Setup Guide

Configuring Steel-Belted RADIUS Proxy to Send Group Attributes

CompleteView Admin Console Users Guide. Version Revised: 02/15/2008

Pcounter Web Report 3.x Installation Guide - v Pcounter Web Report Installation Guide Version 3.4

Trend Micro Worry-Free Remote Manager Agent Installation Guide

WhatsUp Gold v16.1 Installation and Configuration Guide

BusinessObjects Enterprise XI Release 2

The data between TC Monitor and remote devices is exchanged using HTTP protocol. Monitored devices operate either as server or client mode.

Setting up Hyper-V for 2X VirtualDesktopServer Manual

ez Agent Administrator s Guide

Acunetix Web Vulnerability Scanner. Getting Started. By Acunetix Ltd.

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Fasthosts Internet Parallels Plesk 10 Manual

F-SECURE MESSAGING SECURITY GATEWAY

Elluminate Live! Access Guide. Page 1 of 7

A Guide to New Features in Propalms OneGate 4.0

Merak Outlook Connector User Guide

Configure Cisco Unified Customer Voice Portal

Phone Inventory 1.0 (1000) Installation and Administration Guide

Fax User Guide 07/31/2014 USER GUIDE

Remote Application Server Version 14. Last updated:

F-Secure Internet Gatekeeper Virtual Appliance

RoomWizard Synchronization Software Manual Installation Instructions

Basic Exchange Setup Guide

QualysGuard Asset Management

AV Management Dashboard

WhatsUp Gold v16.3 Installation and Configuration Guide

Chapter 11 Managing Core Database Downloads

Thinspace deskcloud. Quick Start Guide

To enable an application to use external usernames and passwords, you need to first configure CA EEM to use external directories.

McAfee Directory Services Connector extension

Using LifeSize systems with Microsoft Office Communications Server Server Setup

Juniper Secure Analytics

How-to: HTTP-Proxy and Radius Authentication and Windows IAS Server settings. Securepoint Security System Version 2007nx

V Series Rapid Deployment Version 7.5

Sentral servers provide a wide range of services to school networks.

How To Backup In Cisco Uk Central And Cisco Cusd (Cisco) Cusm (Custodian) (Cusd) (Uk) (Usd).Com) (Ucs) (Cyse

Product Version 1.0 Document Version 1.0-B

Kramer Electronics, Ltd. Site-CTRL and Web Access Online User Guide (Documentation Revision 2)

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

Net Protector Admin Console

CRM Migration Manager for Microsoft Dynamics CRM. User Guide

IBM Security QRadar Vulnerability Manager Version User Guide IBM

App Orchestration 2.5

Accessing Personal Web Folders Macon State College

Using MailStore to Archive MDaemon

Background Deployment 3.1 (1003) Installation and Administration Guide

How To - Implement Single Sign On Authentication with Active Directory

Remote Application Server Version 14. Last updated:

Basic Exchange Setup Guide

Audits. Alerts. Procedure

Web Application Vulnerability Testing with Nessus

BlackBerry Enterprise Service 10. Universal Device Service Version: Administration Guide

Test Automation Integration with Test Management QAComplete

OpenVPN over SSH tunneling

TECHNICAL NOTE SETTING UP A STRM UPDATE SERVER. Configuring your Update Server

Configuration Guide. BES12 Cloud

Investment Management System. Connectivity Guide. IMS Connectivity Guide Page 1 of 11

Defender Token Deployment System Quick Start Guide

Configuring the Samsung SDS CellWe EMM cloud connector

Vess A2000 Series. NVR Storage Appliance. Windows Recovery Instructions. Version PROMISE Technology, Inc. All Rights Reserved.

Managing Identities and Admin Access

MultiSite Manager. User Guide

Check current version of Remote Desktop Connection for Mac.. Page 2. Remove Old Version Remote Desktop Connection..Page 8

RSA Security Analytics

IBM Security QRadar Version WinCollect User Guide V7.2.2

For Active Directory Installation Guide

ManageEngine IT360. Professional Edition Installation Guide.

Delegated Administration Quick Start

Transcription:

Q1 Labs Help Build 7.0 Maintenance Release 3 documentation@q1labs.com Managing Qualys Scanners Managing Qualys Scanners A QualysGuard vulnerability scanner runs on a remote web server. QRadar must access the remote web server through an HTTPS connection to run and retrieve scan results. QRadar supports Qualys version 4.7 to 6.17. For more information, see your Qualys documentation. Once you configure the Qualys device and the Qualys scanner in the QRadar interface, you can schedule a scan. The scan schedule configuration allows you to configure potency, however, the Qualys scanner does not consider the potency parameter when performing the scan. For more information, see Managing Scan Schedules. This chapter includes information on configuring a Qualys scanner, including: Adding a Qualys Scanner Editing a Qualys Scanner Deleting a Qualys Scanner Adding a Qualys Scanner To add a Qualys scanner: Step 1 Step 2 Step 3 Step 4 Step 5 Click the Admin tab. In the navigation menu, click Data Sources. Click the VA Scanners icon. Click Add. The Add Scanner window is displayed. Enter values for the following parameters: Scanner Parameters Parameter Scanner Name Type the name you want to assign to this scanner. The name may be up to 255 characters in length. Type a description for this scanner. The description may be up to 255 characters in length.

Managed Host Type Using the drop down list box, select the managed host you want to configure this scanner. Using the drop down list box, select Qualys Scanner. The list of parameters for the selected scanner type is displayed. Step 6 Enter values for the parameters: Qualys Parameters Parameter Qualys Server Host Name Type the Fully Qualified Domain Name (FQDN) or IP address of the QualysGuard management console based on your location. When specifying the FQDN, you must specify the hostname and not the URL. For example: Type qualysapi.qualys.comfor a QualysGuard server host name located in the United States. Type qualysapi.qualys.eufor a QualysGuard server host name located in Europe. Type qualysapi.<management_console>if you are

using the full scanning infrastructure including an internal management console, where <management_console> is the hostname of your internal management appliance. Qualys Username Qualys Password Scanner Name Configured Options Cache Retention Period (milliseconds) Bulk Import Interval (milliseconds) Max Report Age (days) Import File Collection Type Type the username necessary for requesting scans. This is the login to the Qualys server. Type the password that corresponds to the Qualys Username and is the login to the Qualys server. Type the name of the scanner that you want to perform the scanning, as the name appears in the QualysGuard management interface. To obtain the scanner name, contact your network administrator. If you are using a public scanning appliance, you must leave the Scanner Name field blank. Type a comma separated list of option profiles to determine which existing scan reports are downloaded from the Qualys scanner. By default, the Configured Options parameter is cleared. If the Configured Options parameter is cleared, then the list is not filtered based on option profiles. For more information, see your Qualys documentation. Note: If data is not retrieved from a option profile listed in your comma separated list, then the scan report is likely not available for download. The option profile must have completed the scan on the Qualys appliance for the scan report to download. Type the period of time, in milliseconds, that you want to store scans before they are deleted. The default is 172,800,000 milliseconds (2 days). Type the frequency, in milliseconds, that you want the importer to process a report. The default is 172,800,000 milliseconds (2 days). Type the maximum age of a report to include when performing a bulk import. Files that are older than specified time are excluded from the bulk import. Type the local path to store the report. If you specify an import file, the Qualys scanner imports the entire contents of the file. If this field is blank, the Qualys scanner attempts to retrieve the latest technical report using the Qualys API. This parameter applies if you select the Schedule Technical Report or Import Technical Report option from the Collection Type drop down list box. Using the drop down list box, select one of the following options: Scheduled Indicates if you want the scheduled scan to include the report data. Scheduled Technical Report Indicates if you want to schedule the scanner to retrieve latest technical report from the file specified in the Import File parameter.

Import Scan Report Indicates if you want the scan report list retrieved from Qualys and compile all the report results into one report. This option does not use the local file, as defined in the Import File parameter. Import Technical Report Indicates if you want to import all data from the file specified in the Import File parameter. If the Import File parameter is blank, the scanner retrieves the latest technical report from the Qualys web site and imports all the data. For more information, see your Qualys documentation. Scan Report Name Pattern Report Template Title Read Only Use Proxy Proxy Host Name Proxy Port Proxy Username Proxy Password Type the regular expression (regex) required to filter the scan report filenames. All matching files are included in the processing. Type a report template title to replace the default title when retrieving technical reports. Select the check box if you want to limit the scanner to retrieving existing scans. No new scans are generated. If the Read Only check box is clear, the scanner initiates a new scan if no existing scan is found for the IP address or CIDR. By default, the check box is clear. Note: If you are using a comma separated list for the Configured Options parameter new scans are not initiated if the Read Only check box is clear. You must launch the scans from the Qualys appliance based on the option profile. Select the check box if your scanner requires a proxy for communication or authentication. Type the host name or IP address of your proxy server if your scanner requires a proxy. Type the port number of your proxy server if your scanner requires a proxy. Type the username of your proxy server if your scanner requires a proxy. Type the password of your proxy server if your scanner requires a proxy. Step 7 To configure the CIDR ranges you want this scanner to consider: a b In the text field, enter the CIDR range you want this scanner to consider or click Browse to select the CIDR range from the network list. Click Add. If multiple CIDR ranges are specified for a Scheduled Technical Report, a scan schedule is generated for each CIDR range. For example, if a Scheduled Technical Report scan is created with two CIDR ranges, one scan for each CIDR range is generated with scan start times spaced apart equally based on the value of the Bulk Import Interval. Scans using multiple CIDR ranges only appear in the scan schedule once you complete Step 9.

Step 8 Step 9 Click Save. From the Admin tab, click Deploy Changes. Editing a Qualys Scanner To edit a Qualys scanner: Step 1 Click the Admin tab. Step 2 In the navigation menu, click Data Sources. Step 3 Click the VA Scanners icon. Step 4 Select the scanner you want to edit. Step 5 Click Edit. The Edit Scanner window is displayed. Step 6 Update parameters, as necessary. See Qualys Parameters. Step 7 Click Save. Step 8 From the Admin tab, click Deploy Changes. Deleting a Qualys Scanner To delete an Qualys scanner: Step 1 Click the Admin tab. Step 2 In the navigation menu, click Data Sources. Step 3 Click the VA Scanners icon. Step 4 Select the scanner you want to delete. Step 5 Click Delete. A confirmation window is displayed. Step 6 Click Ok. Step 7 From the Admin tab, click Deploy Changes.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information