A new release of QualysGuard®, Version 7.2, will be available in production on the QualysGuard US datacenter on on June 11th, 2012. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PDT (19:00 UTC) and 6 PM PDT (01:00 AM UTC next day).
QualysGuard 7.2 includes several enhancements to Asset Management, Vulnerability Management, Policy Compliance and API.
General Availability of QualysGuard Asset Management and Tagging
QualysGuard Asset Management module, featuring the Dynamic Asset Tagging engine is now available to all customers. New capabilities include:
- Scan, Report, and search hosts by Asset Tags: QualysGuard Vulnerability Management (VM) has integrated asset tagging into its core features and workflows. Users are now able to leverage static and dynamic asset tags in scanning and reporting workflows and also extends to scorecards, remediation reports, and Asset Search.
- Asset inventory search: The user can now search for hosts by specific attributes such as operating systems, applications, and open ports and services based on the data collected from the scans and indexed by the tagging engine.
QualysGuard Vulnerability Management (VM) Enhancements
Applications, Ports and Services Inventory: Computer attackers look in target organizations for vulnerable versions of software that can be remotely exploited. The new data security model enables QualysGuard to unveil what applications and services are installed in your environment through an easy to search inventory. Users have at their fingertips up to the minute visibility on software and network ingress points so the organization may properly defend and secure their assets.
QualysGuard Policy Compliance (PC) Enhancements
Support of Cyberscope report: Under the Federal Information Security Management Act of 2002 (FISMA), Governmental agencies are obliged to report on their information security statuses using a common tool called Cyberscope. With QualysGuard 7.2, customers with FDCC module enabled can scan their network and generate Cyberscope compatible XML reports, via new API functions, to meet these requirements.
Certified CIS benchmark policies for Microsoft Windows XP: In QualysGuard 7.2, PC users can use the Policy Library to import two new certified CIS benchmarks for:
- “Microsoft Windows XP Enterprise Desktop Domain Member”
- “Microsoft Windows XP Enterprise Desktop Standalone”
These two new certified policies will help users to meet CIS security standards by reporting any configuration settings that meet or are in violation with the policy for Windows XP operating systems in a standalone or domain member type of mode.
Import/Export capabilities for PC User Defined Controls: QualysGuard PC offers to customers an extensive control library that covers a large range of technologies, regulations, compliance frameworks and benchmarks.
For proprietary configuration settings, PC also offers to users the option to create their own User Defined Controls (UDC) for Windows or Unix operating systems (more information here: https://community.qualys.com/docs/DOC-2943).
The new UDC Import/Export functions available with QualysGuard 7.2 provide the user with the capabilities to:
- Create UDC in XML using any third party XML editor tool, and import UDC in a QualysGuard PC subscription
- Export existing UDCs from a QualysGuard PC account to an XML file
- Share UDCs with other PC users
New Default PC Scan Option Profile and Report Template: Starting with QualysGuard 7.2, PC customers will now have the option to use a new default PC scan option profile configured with the most recommended scanning settings and a new default PC report template with the most interesting options preconfigured.
This new default option profile and report template will help new and existing PC customers to easily create scan jobs and generate meaningful reports in few clicks.
QualysGuard Platform Enhancements
New “Loading” Scan Status: In order to provide customers with a better control and visibility over the scanning activity in QualysGuard, a new “Loading” status has been added to the list of the existing scan status (Queued, Running, Finished, Canceling, Canceled, Pausing, Paused, Resuming) for Vulnerability Management Scans and Maps, Policy Compliances Scans and Web Application Scans.
With this improvement, users can easily tell when scans are in progress, when scan results are being loaded on the platform (status “Loading”), and when scan results are available for viewing (status “Finished”).
Improvements to Scan Duration Reporting: The improvements of the internal scanning messaging capabilities, that enable the new “Loading” scan status, also allow with QualysGuard 7.2 to finely report the scan duration by only counting the time when the scanners are performing a scan job. The time taken to load the scan results from the scanners to the platform are not anymore counted in the scan duration.
QualysGuard API Enhancements
New “Loading” Scan Status: Similar to the new “Loading” status displayed in the User Interface to inform users on the progress of scans and maps, the “Loading” status is also displayed in the output of the following APIs:
- Scans List API v2: “/api/2.0/fo/scan/?action=list” (scan_list_output.dtd)
- WAS Scans List API v2: “/api/2.0/fo/scan/was/?action=list” (was_scan_list_output.dtd)
- Scan Reports List API v1: “/msp/scan_report_list.php” (scan_report_list.dtd)
- Map Reports List API v1: “/msp/map_report_list.php” (map_report_list.dtd)
- Running Scans List API v1: “/msp/scan_running_list.php” (scan_running_list.dtd)
- Scan Results Report API v1: “/msp/scan_report.php” (and XML scan results download from the user interface - scan-1.dtd)
Please note that no DTD has been altered to support this enhancement. The “Loading” status is a new possible value for the existing XML nodes used to provide Status information. Full information is provided in the API release note.
Updated to Oracle Authentication API: With QualysGuard 7.2 users of Oracle Authentication API (/api/2.0/fo/aut/oracle) now have the ability to define new input parameters to enable OS-dependent checks for compliance scans of Windows and Unix hosts, and to enable OPatch support for compliance scans of Unix hosts.
The XML output from a Oracle record list request includes the new scan parameters. The oracle_auth_list_output.dtd was updated.
Report DTD Updates to Support Asset Tagging when available: Using the new Asset Management and Tagging module, user now have the ability to create reports by selecting asset tags for the report source using the QualysGuard user interface, when the Asset Tagging feature is turned on for their account. These report DTDs were updated to include asset tags: Asset Data Report (asset_data_report.dtd), Asset Search Report (asset_search_report.dtd) and Compliance Policy Report (compliance_policy_report.dtd).
Full release notes will be available to customers from within the Resources section of your QualysGuard account.