Skip navigation
Previous Next

EU Platform

April 23, 2012
0

A new release of QualysGuard®, Version 7.1, will be available in production on May 8, 2012. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 19:00 GMT(12 PM PDT) and 01:00 AM (6 PM PDT)GMT next day.

 

QualysGuard 7.1 includes several enhancements to scheduled reporting, Policy Compliance, APIs and other platform capabilities.

 

 

QualysGuard Enhancements

 

Scheduled Reporting: QualysGuard 7.1 allows Managers to add notification restrictions, link passwords, and format limits to Scheduled Reports, providing more granular control over the security of report distribution.

 

notifications.png



Scan and Map Notification Restrictions: QualysGuard 7.1 enforces Business Unit restrictions on Scan and Map notifications, ensuring that notifications are only sent to authorized Business Unit members.

 

scan and map notification.png

 

Automatic Scan Results Processing

QualysGuard 7.1 adds a new benefit for customers using the New Data Security Model - all your scan results are processed as near to the
completion of the scan as possible. Once you have opted in to the New Data Security Model, QualysGuard triggers data processing

automatically whenever new scan results are available in your account, without requiring any user action. This ensures that your scheduled

reports reflect the most current information available.


QualysGuard Policy Compliance Enhancements

Restrict Scans by Policy:

Beginning with QualysGuard 7.1, users now have the option to restrict a compliance scan to the controls in a policy. When Restrict by Policy is selected (optional), the service will only scan for the controls in the selected policy. If you add new controls to the policy, be sure to launch another scan to collect scan data for the new controls. When not selected (default), the service will scan for all controls including controls that have not yet been added to a policy.

 

restrict scans.png


Availability of Additional Policy Templates

Improvements have been made to the QualysGuard 7.1 platform that allows for easier delivery of pre-defined policies. In addition to the regular releases of new technologies and controls, additional policies will be delivered starting with the following:

 

  • Windows XP Professional Operating System Legacy, Enterprise, and SpecializedSecurity Benchmark Consensus Baseline Security Settings Version 2.01 August,2005 [Enterprise-level]
  • Microsoft Windows 7, Version 1.1.0, Aug. 26th, 2010, [Enterprise-level Desktop]
  • Microsoft Windows Server 2008 Version 1.0.0, March 3rd, 2010, [Enterprise-level]
  • Microsoft Windows Server 2008 Version 1.1.0, July 30th, 2010, [Enterprise-level]
  • Microsoft Windows Server 2008 Version 1.2.0, September 30th, 2011, [Enterprise-level]
  • Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers, Version 2.0, November 2007 [Enterprise-level]
  • Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers, Version 1.2, October 17, 2005 [Enterprise-level]
  • Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers, Version 2.0, November 2007 [Enterprise-level]
  • Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers, Version 1.2, October 17, 2005 [Enterprise-level]
  • Microsoft Windows 7, Version 1.1.0, Aug. 26th, 2010 [Enterprise-level]
  • Windows 2000 Server Operating System Level 2 Benchmark Consensus Baseline Security Settings (Stand-alone and Member Servers) Version 2.2.1 November 15, 2004 [Enterprise]

Range Operator:

A new “in range” operator is now available for policy compliance controls that return a single integer value or a list of integers. When using the “in range” operator in a policy, you may enter a range of integers for the expected control value or a single integer for the control value. The control will Pass if the value returned by the scan is in the range defined for the control.

QualysGuard API Enhancements:

Vulnerability user comments exposed in a dedicated section in XML outputs:

In the QualysGuard user interface, Manager users can add custom comments to the vulnerability Threat, Impact and Solutions sections. With QualysGuard 7.1, those custom comments will be exposed in a dedicated section for some XML outputs (listed below) generated via the API or via the download function of the User Interface. Separating the user comments from the descriptions provided by QualysGuard in the XML outputs helps users to extract the customized comments in a much easier way.

 

Enhancements to Detection API

The “detection” API v2 (/api/2.0/fo/asset/host/vm/detection/), which is the most recommended API function to download vulnerability information from the API, has been enhanced to simplify the existing differential update capabilities. In QualysGuard 7.1, the output of the “detection” API includes the “FIXED” vulnerabilities, and a new input parameter called “max_days_since_last_vm_scan=X” can be used to only download the hosts with vulnerabilities updated during the X past days.

 

Detection API enhancements in this release:

  • New “Fixed” value for <STATUS> in output and new input parameter “status={value}”
  • New input parameter “max_days_since_last_vm_scan=X"
  • New input parameter “suppress_duplicated_data_from_csv={0|1}”

 

Please note there are no DTD changes for the detection API enhancements for QualysGuard 7.1.

 

Policy Report XML Output- DTD Update

The policy report can be downloaded using: a) the QualysGuard user interface, and b) the report share API v2 (/api/2.0/fo/report/?action=fetch). The policy report XML output uses the posture_info_list_output.dtd. This DTD can be found at the following URL (where qualysapi.qualys.com is your API server URL): https://qualysapi.qualys.com/compliance_policy_report.dtd

 

 

Posture Info API XML Output- DTD Update

The posture info API v2 request (/api/2.0/fo/compliance/posture/info/?action=list) is used to view current compliance posture info records for a selected policy. This API returns XML output using the posture_info_list_output.dtd. This DTD can be found at the following URL (where qualysapi.qualys.com is your API server URL):

https://qualysapi.qualys.com/api/2.0/fo/compliance/posture/info/posture_info_list_output.dtd

 


Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 7.1, please visit the Qualys Community at https://community.qualys.comor contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

Bookmarked By (0)

Actions