Capability of Qualys for Automated PortTracing

Question asked by Magrabur Sofily on Nov 17, 2017
I have a special requirement from my customer.

There is a standard/baseline of some host IP (internet facing or within intranet) against it's required open port list (that is basically a list that tells which ports should be only open for a particular IP).

Now the requirement is below:

1. They want to perform automated port scan on the target IPs in a regular interval.

2. Once a port scan is done, the latest result will compare the open ports (against the IP) with the standard list/baseline.

3. If there is any deviation (any new port gets open which is not listed on the baseline), it will immediately send an alert to the service desk team.

4. Once in a month management will review the standard list/baseline and may be modify it for business purpose.

My customer looking for an automated solution to meet the above requirement (excluding No-4 obviously). Please let me know if it is possible using Qualys Cloud based agent solution. If yes, I would need your guidance on the same. My customer is already having Qualys license, however I am not sure if they have the Cloud agent subscription. But if it is possible using that, they will be surely ready to get the subscription.


