AnsweredAssumed Answered

How to maintain authentication records?  Best Practices?

Question asked by Jake VanMast on Sep 19, 2019

Qualys provides a mechanism to associate an Asset Tag to a host, based on several *single* criteria.  You can even combine these multiple criteria for tagging using Groovy scripting (which they don't recommend using).  You can also configure your subscription to add tags per installed QAgent (per Activation key on install invoke)

 

There is a way to associate a single remediation user to the Host Asset, however no way to associate a remediation user to authentication records. 

 

Even if there is a single authentication record across your enterprise for all host types, the limited functionality of Qualys Authentication Records still requires creating different types (unix, Cisco, Checkpoint, Oracle, etc...) and maintaining the relationship between the record and host with a static list of IPv4 addresses (not reusing Asset Groups, but a second set of static lists, which doesn't work for DHCP hosts).

 

How are other customers handling this; API to dump IPv4 associated with each tag, and API to overwrite the static list on auth record?

 

Are any other customers pushing for better support/features in this area?

Outcomes