1 2 3 Previous Next 150 Posts tagged with the qualysguard tag

The QualysGuard EU platform experienced a total outage starting around 12:00 CEST (10:00 UTC) on Sunday, 28th July. This was caused by unexpected failure of cooling systems in the data center in Geneva. The cooling system failure caused high temperatures and had a cascading effect which caused multiple systems in the data center to shut themselves down (as expected) to protect themselves. Qualys Operations team worked actively with the Data Center Operator to get the cooling system back up and working. Safe temperatures were achieved around 18:30 CEST after which Qualys operations team has been working actively to bring up all equipment, databases and services. This is a complex set or procedures that are being executed to systematically restore the platform. We are in final phase of recovery and we are performing exhaustive testing to ensure a smooth return to service. Unfortunately we expect all running and scheduled scans during this outage period to be impacted. We recommend you review your account carefully to verify your scan activity.

 

We will be working closely with our data center service provider to get to the bottom of the issue with failure of cooling system. The provider has redundant fail over systems that seem to have failed. Once we get the details from the provider we will be reviewing the entire procedure to ensure we take steps to avoid this kind of issue in the future. We apologize for any inconvenience this may have caused you.

 

Please feel free to contact our customer support team for any further questions.

 

Qualys Operations Team

Qualys regularly upgrades the QualysGuard Cloud Platforms for capacity expansion and maintenance purposes.

 

We are implementing an upgrade that will allow Qualys to apply database and network enhancements to US Platform 1.

 

This upgrade will happen on May 29, 2014 and requires a 12-hour downtime starting at 12:00 PM PDT (19:00 UTC) and ending at 12:00 AM PDT the next day (07:00 UTC the next day).

 

The administrative UI and API of the QualysGuard services on US Platform 1 will be unavailable during this maintenance window.  This includes:

 

  • QualysGuard Vulnerability Management (VM)
  • QualysGuard Policy Compliance (PC)
  • QualysGuard Web Application Scanning (WAS)
  • QualysGuard Web Application Firewall (WAF)
  • QualysGuard Malware Detection Service (MDS)
  • QualysGuard Asset Management (AM) incl. Dynamic Asset Tagging
  • QualysGuard Continuous Monitoring (CM)
  • QualysGuard SECURE Seal (SEAL)
  • QualysGuard PCI Compliance (PCI)

 

The following Qualys service will also be impacted and unavailable during this maintenance window:

 

  • Qualys FreeScan

 

 

Some active security services will be impacted by the maintenance window:

 

  • All "external" scanning services--VM, WAS, MDS, PCI, SEAL.  Any scans already in progress are at risk of being cancelled at some point during the maintenance window and may need to be manually restarted.  Any scans scheduled to begin during the maintenance window will start immediately following the conclusion of maintenance.  Customers should ensure that the revised start time of these scans does not interfere with their normal network operations.

 

Other active security services will not be impacted by this maintenance window:

 

  • "Internal" scanners. Any scans already in progress from customers' deployed internal scanners will continue, and results will automatically be uploaded and processed after the Platform maintenance is complete.  Any scans scheduled to begin during the maintenance window will start immediately following the conclusion of maintenance.  Customers should ensure that the revised start time of these scans does not interfere with their normal network operations.

 

  • Web Application Firewall sensors.  Deployed sensor appliances will continue to inspect and protect web traffic using their currently-active policies.  Collected inspection data and events will be available for review in the Platform UI after maintenance has concluded.

 

  • SECURE Seal logo and verification.   SECURE Seal logos will remain in place on customer sites and the seal verification service will remain active during the maintenance window.

 

 

We appreciate your patience and if you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +1 (866) 801 6161 (US and Canada) or +44 (0)1753 872102 (UK) or +33 1 41 97 35 81 (France).

 

We thank you for your continued support and look forward to your feedback.

qg2.qualys.com

Qualys regularly upgrades the QualysGuard Cloud Platforms for capacity expansion and maintenance purposes.

 

We are implementing an upgrade that will allow Qualys to apply database and network enhancements to US Platform 2.

 

This upgrade will happen on May 22, 2014 and requires a 12-hour downtime starting at 12:00 PM PDT (19:00 UTC) and ending at 12:00 AM PDT the next day (07:00 UTC the next day).

 

The administrative UI and API of the QualysGuard services on US Platform 2 will be unavailable during this maintenance window.  This includes:

 

  • QualysGuard Vulnerability Management (VM)
  • QualysGuard Policy Compliance (PC)
  • QualysGuard Web Application Scanning (WAS)
  • QualysGuard Web Application Firewall (WAF)
  • QualysGuard Malware Detection Service (MDS)
  • QualysGuard Asset Management (AM) incl. Dynamic Asset Tagging
  • QualysGuard Continuous Monitoring (CM)

 

Active security services will not be impacted by this maintenance window.

 

  • Scanning services. Any scans already in progress will continue, and results will automatically be uploaded and processed after the Platform maintenance is complete.  Any scans scheduled to begin during the maintenance window will start immediately following the conclusion of maintenance.  Customers should ensure that the revised start time of these scans does not interfere with their normal network operations.

 

  • Web Application Firewall.  Deployed sensor appliances will continue to inspect and protect web traffic using their currently-active policies.  Collected inspection data and events will be available for review in the Platform UI after maintenance has concluded.

 

 

We appreciate your patience and if you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +1 (866) 801 6161 (US and Canada) or +44 (0)1753 872102 (UK) or +33 1 41 97 35 81 (France).

 

We thank you for your continued support and look forward to your feedback.

qg2.qualys.com

A new release of QualysGuard, Version 8.0, will be available in production on QualysGuard US Platform 2 on April 29, 2014. The deployment is completely transparent to users and will require no downtime. The release will occur between 12:00 PM PDT (20:00 UTC) and 6:00 PM PDT (02:00 UTC next day).


Featured Enhancement: Overlapping IP Support

QualysGuard 8.0 brings support for managing overlapping IP ranges within a single QualysGuard subscription, providing the user with the ability to define discrete private Networks to keep overlapping blocks isolated from each other.

 

Also in 8.0, QualysGuard enhances its support in Vulnerability Management (VM) for SSL Certificate status reporting and for maintaining multiple PCI Option Profiles at different performance levels.

 

QualysGuard Policy Compliance (PC) receives improvements to the organizational structure of golden images.  QualysGuard Express receives a variety of usability enhancements.  All solutions benefit from an improved method for defining and selecting groups of IP addresses in the UI.

 

API enhancements include the addition of virtual appliance lifecycle management and automation of the Amazon EC2 Scan workflow.

 

See QualysGuard 8.0 New Features and QualysGuard® API Release Version 8.0 - 15 day notification for more details.

 

To continue to receive notifications by email, please subscribe at

https://community.qualys.com/community/notifications-us2

QualysGuard 8.0 adds the following capabilities to the QualysGuard Cloud Platform and its suite of services:

 

  • Featured Enhancement: Overlapping IP support
  • Vulnerability Management
    • Improvements to the SSL Certificates List
    • Configure Multiple PCI Option Profiles
    • Security Risk Score Summary Added to XML and CSV Reports
  • Policy Compliance
    • Golden Image Policy Organized Into Sections
    • Select Individual IPs for Your Policy Reports
    • Control Checksum Requirement Removed from Policy XML
  • QualysGuard Platform
    • New Look and Feel for QualysGuard Express
    • Improved IP Selection
    • QualysGuard API Enhancements

 

QualysGuard 8.0 will be released in production in the coming weeks and  includes enhancements to QualysGuard Vulnerability Management (VM) and  Policy Compliance (PC), QualysGuard Cloud Platform and the API.

 

For release notifications containing details about the release dates  for specific platforms and to subscribe to release notifications by  email, please see the following:

 

 

 

Featured Enhancement: Overlapping IP Support

With QualysGuard 8.0 customers can now manage overlapping IP ranges within a single QualysGuard subscription, providing the user with the ability to define discrete private networks to keep overlapping blocks isolated from each other.  This is a common need that appears in many use cases including:

 

  • M&A events;
  • Air gap networks;
  • Business continuity/disaster recovery
  • Dev/test,
  • IaaS environments;
  • "Cloned" small office networks.

 

These different network zones can now be easily defined and separated within QualysGuard through the UI and API.

 

To take advantage of this new capability, the administrator uses the new “Networks” tab under Assets, defines a new network, and assigns a scanner.   Once defined, one can perform asset discovery, launch a vulnerability scan, run reports, and track mitigation on that network as a specific entity.  Assigning scanners to networks resolves the issue of duplicate IP addresses occurring in different networks, but allows the administrator to maintain centralized management across the entire organization.

 

 

Create a Network

2.create a new network.png

 

 

Discover Assets on Your New Network

4.new network wizard.png

 

 

Scan Your Network

5.scan launch showing networks.png

 

 

QualysGuard Vulnerability Management (VM)

Improvements to the SSL Certificates List

We’ve made several improvements to the SSL Certificates list to make managing your certificates even easier.  Relationships are now maintained between a given certificate and the ports, services, or even different hosts on which it is found, which helps prevent duplicate entries and simplifies reporting and remediation efforts.  The reason for an invalid status now appears in a preview pane.

 

certificates_list.png

 

Configure Multiple PCI Option Profiles

With the QualysGuard 8.0 release you can configure multiple PCI option profiles with different performance settings.  For example, you can create one profile set to High performance, another set to Normal performance, and a third set to Low performance. Then apply the appropriate profile to each scan based upon your network requirements.

 

pci_profile_new_menu_cropped.png

 

 

Security Risk Score Summary Added to XML and CSV Reports

With this release vulnerability scan reports now include a security risk score summary for the report as a whole and per host, in all available report formats.  Previously security risk metrics were not included in XML or CSV output types.  As before, the risk score summary appears when your report template is configured for host based findings (automatic data) and the Text Summary option is selected. The corresponding asset_data_report.dtd was updated.

scan_report_csv.jpg

 

 

 

QualysGuard Policy Compliance (PC)

Golden Image Policy Organized Into Sections

When you create a golden image policy, we automatically add controls to the policy for you. In the QualysGuard 8.0 release we now go one step further and organize those controls into sections based on the control category, giving your policy structure within the Policy Editor.

 

policy_sections.png

 

 

Select IPs for Your Policy Reports

You can now select individual IP addresses or ranges to include in your policy compliance report.  Simply select the policy you want to report on and click the “Select IPs in policy” option. Then tell us which IPs/ranges from the policy you want to include in the report.

 

policy_report_select_ips.png

 

 

Control Checksum Requirement Removed from Policy XML

Now it’s possible to manually import policies without the requirement to have a checksum for control configurations. We’ve updated the XML output of the EVALUATE element. We’ll use the new XML output without the checksum when you export policies. No changes were made to the policy export output DTD (https://<base_URL>/api/2.0/fo/compliance/policy/policy_export_output.dtd).

 

 

QualysGuard Cloud Platform

New Look and Feel for QualysGuard Express

The QualysGuard Express UI has a new look and feel – you’ll notice more tips and details throughout the UI to help you with your configurations and tasks.

 

express_quick_start_tips.png

 

Here’s a look at the Scans section. Helpful details and links are shown on the screen to help you understand the different scan configuration options available to you in the Scans section. Similar details appear in the Reports and Remediation sections.

 

express_scans.png

 

 

Improved IP Selection

You’ll now see a simple text field where you can directly enter IPs/ranges or paste them in. This new method for IP selection is used throughout the UI. You’ll see it when setting up your asset groups, configuring approved hosts lists for your domains, removing IPs from your subscription, and so on. If it seems familiar that’s because we introduced this change in authentication records in the last release.

 

ip_selection_callouts.png

 

 

QualysGuard API Enhancements

The QualysGuard API delivers these new capabilities and enhancements with this release.  More information is available at QualysGuard® API Release Version 8.0 - 15 day notification.

 

  • VM – “Security Risk Score” summary added to XML and CSV reports
  • VM – Manage the EC2 Scan Workflow using the API
  • VM and PC – Select Multiple Scanner Appliances for Scans
  • VM and PC – Launch Reports using Asset Tags
  • PC – Limit Policy Reports to Selected IPs
  • PC – Compliance Scorecard Report XML – added NetBIOS name and DNS name
  • PC – Policy XML updated to remove control checksum requirement
  • PC – Posture Info API improvements
  • Cloud Security Platform – Manage your Virtual Scanners using the API
  • Cloud Security Platform – Network Support API

 

VM – “Security Risk Score” summary added to XML and CSV reports
VM – Manage the EC2 Scan Workflow using the API
VM and PC – Select Multiple Scanner Appliances for Scans
VM and PC – Launch Reports using Asset Tags
PC – Limit Policy Reports to Selected IPs
PC – Compliance Scorecard Report XML – added NetBIOS name and DNS name
PC – Policy XML updated to remove control checksum requirement
PC – Posture Info API improvements
Cloud Security Platform – Manage your Virtual Scanners using the API
Cloud Security Platform – Network Support API

aly

Qualys regularly upgrades the QualysGuard Cloud Platforms for capacity expansion and maintenance purposes.

 

We are now ready for a maintenance that will allow Qualys to apply database and network enhancements to the EU Platform.

 

This upgrade will happen on March 13, 2014 and requires a 12-hour downtime starting at 19:00 UTC (8:00pm CET) and ending at 07:00 UTC (8:00am CET) next day.

 

Please note that none of the QualysGuard services on the EU Platform will be available during this maintenance window.  This includes:

  • QualysGuard Vulnerability Management
  • QualysGuard Policy Compliance
  • QualysGuard Wep Application Scanning
  • QualysGuard Malware Detection Service
  • QualysGuard Asset Management, including Dynamic Asset Tagging

 

Any scans scheduled to begin during the downtime will start immediately following the scheduled downtime. Customers are advised to make sure that the restart of scheduled scans after the downtime does not interfere with normal network operations.

 

If your account has been enabled with New Scanner Services, your running scans will not be interrupted by this downtime and the results will be processed after service is returned.  If your account has not been enabled with the New Scanner Services, then any scans running at the start of the scheduled downtime will be canceled.

 

We appreciate your patience and if you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +44 (0)1753 872102 (UK) or +33 1 41 97 35 81 (France) or +1 (866) 801-6161 (US and Canada).

 

We thank you for your continued support and look forward to your feedback.

qg2.qualys.com

Qualys regularly upgrades the QualysGuard Cloud Platforms for capacity expansion and maintenance purposes.

 

We are now ready for a maintenance that will allow Qualys to apply database and network enhancements which will affect the Malware Detection Service on the EU Platform and several other Qualys services, as detailed below.

 

This upgrade will happen on March 6, 2014 and requires a 12-hour downtime starting at 12:00 PM Pacific (20:00 UTC) and ending at 0:00 AM Pacific next day (8:00 AM UTC next day).

 

Please note that the following QualysGuard services on the EU Platform will be impacted during this maintenance window:

 

  • scanning activity for QualysGuard Malware Detection Service (web UI should be unaffected)

 

The following additional Qualys services will also be impacted and unavailable during this maintenance window:

 

  • QualysGuard PCI Compliance
  • Qualys FreeScan
  • Qualys BrowserCheck
  • Qualys business web sites

 

Any scans scheduled to begin during the downtime will start immediately following the scheduled downtime. Customers are advised to make sure that the restart of scheduled scans after the downtime does not interfere with normal network operations.

 

We appreciate your patience and if you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +1 (866) 801 6161 (US and Canada) or +44 (0)1753 872102 (UK) or +33 1 41 97 35 81 (France).

 

We thank you for your continued support and look forward to your feedback.

qg2.qualys.com

Qualys regularly upgrades the QualysGuard Cloud Platforms for capacity expansion and maintenance purposes.

 

We are now ready for a maintenance that will allow Qualys to apply database and network enhancements which will affect the Malware Detection Service on US Platform 2 and several other Qualys services, as detailed below.

 

This upgrade will happen on March 6, 2014 and requires a 12-hour downtime starting at 12:00 PM Pacific (20:00 UTC) and ending at 0:00 AM Pacific next day (8:00 AM UTC next day).

 

Please note that the following QualysGuard services on US Platform 2 will be impacted during this maintenance window:

 

  • scanning activity for QualysGuard Malware Detection Service (web UI should be unaffected)

 

The following additional Qualys services will also be impacted and unavailable during this maintenance window:

 

  • QualysGuard PCI Compliance
  • Qualys FreeScan
  • Qualys BrowserCheck
  • Qualys business web sites

 

Any scans scheduled to begin during the downtime will start immediately following the scheduled downtime. Customers are advised to make sure that the restart of scheduled scans after the downtime does not interfere with normal network operations.

 

We appreciate your patience and if you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +1 (866) 801 6161 (US and Canada) or +44 (0)1753 872102 (UK) or +33 1 41 97 35 81 (France).

 

We thank you for your continued support and look forward to your feedback.

qg2.qualys.com

Update: (March 7, 2014 3:41 am PDT) We have completed the maintenance and services are restored.

 


 

 

Qualys regularly upgrades the QualysGuard Cloud Platforms for capacity expansion and maintenance purposes.

 

We are now ready for a maintenance that will allow Qualys to apply database and network enhancements which will affect the QualysGuard US Platform 1 and several other Qualys services, as detailed below.

 

This upgrade will happen on March 6, 2014 and requires a 12-hour downtime starting at 12:00 PM Pacific (20:00 UTC) and ending at 0:00 AM Pacific next day (8:00 AM UTC next day).

 

Please note that none of the QualysGuard applications on US Platform 1 will be available during this maintenance window.  This includes:

 

  • QualysGuard Vulnerability Management
  • QualysGuard Policy Compliance
  • QualysGuard Wep Application Scanning
  • QualysGuard Malware Detection Service
  • QualysGuard Asset Management, including Dynamic Asset Tagging
  • scans running on QualysGuard External scanners (scans running on customer appliances will not be impacted)

 

The following Qualys services will also be impacted and unavailable during this maintenance window:

 

  • QualysGuard PCI Compliance
  • Qualys FreeScan
  • Qualys BrowserCheck
  • Qualys business web sites

 

Any scans scheduled to begin during the downtime will start immediately following the scheduled downtime. Customers are advised to make sure that the restart of scheduled scans after the downtime does not interfere with normal network operations.

 

If your account has been enabled with New Scanner Services, your running QualysGuard VM, PC, and WAS scans using deployed scanner appliances (but not the External scanners, as noted above) will not be impacted by this downtime and the results will be processed after the service is returned.

 

If your account has not been enabled with the New Scanner Services, then any scans running at the start of the scheduled downtime will be canceled.

 

We appreciate your patience and if you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +1 (866) 801 6161 (US and Canada) or +44 (0)1753 872102 (UK) or +33 1 41 97 35 81 (France).

 

We thank you for your continued support and look forward to your feedback.

qg2.qualys.com

Qualys will decommission its legacy platform scan distribution service, "Dispatcher", in favor of New Scanner Services, which has been in operation since 2010.  The vast majority of user subscriptions have already been migrated to New Scanner Services, and Qualys will now begin a final push to migrate all remaining subscriptions.  The migration action requires no user action and is non-disruptive except in special circumstances, as described below.

 

This document outlines the process that will occur and provides guidance on what to expect.  If you have further questions, you may contact your Qualys reseller contact; your Qualys account manager; and/or Qualys support. Details about the migration schedule are at the end of this blog post.

 

How do I know if my subscription is already using New Scanner Services?

In the QualysGuard UI, navigate to Help > Account Info > General Information to see whether your subscription has been migrated to New Scanner Services.  If your subscription is already registered as Enabled for New Scanner Services, then the remainder of this document does not apply to you.

 

If your subscription is still in a Disabled state for New Scanner Services, then you should read on.

nssDisabled.png

 

What is New Scanner Services?

New Scanner Services is a distributed service which, as part of the QualysGuard Cloud Platform, manages communications with deployed scanner appliances.  It is a more robust and scalable service than the Dispatcher service it replaces, and brings many benefits.

 

What are the benefits of New Scanner Services?

The benefits of New Scanner Services are many and include some of the following:

 

  • Performance.  Improved scanner capacity monitoring, queuing, and job “microslicing” optimize the distribution of scans across multiple appliances.  See Microslicing Operation and Performance for more.
  • Resiliency.  Scan jobs managed by New Scanner Services continue to execute even during outages to the QualysGuard Cloud Platform UI and API.  Further, scheduled scan pauses are pre-loaded.
  • Monitoring.  Improved monitoring and metrics for appliances, including scanner capacity charts.
  • Virtual appliance availability.  Qualys has virtual appliances available for deployment onto VMware, Amazon EC2, Microsoft Hyper-V, etc.  Virtual appliances require New Scanner Services to be enabled on your subscription.

 

What visible changes should I expect after I am migrated to New Scanner Services?

The QualysGuard New Scanner Services Description article provides detail on the expected changes, which on the surface are mostly cosmetic.  The changes include:

 

  • Changes to email alerts.  New Scanner Services includes an additional email alert, a Scan Completed message which arrives as soon as the scanning work is done to provide a status update.  The existing Scan Results message still arrives when the completed scan results are ready for viewing.
  • Updated scanner status icons in the scanner management UI.
  • Appearance of scanner capacity chart in scanner info tab.

    scannercapacity.png

 

What Must I Do To Prepare for Migration To New Scanner Services?

Ensure that all of your appliances are ready for the migration.

In order for an appliance to be considered ready for the migration event, all of the following must be true:

 

 

icon_applnce_dispatcher_online.png

Each appliance is communicating with Dispatcher service.  If green, this icon indicates that an appliance can successfully connect to the Dispatcher service (i.e., orchestrator.qualys.com or orchestrator.qualys.eu).

 

Navigate to Vulnerability Management > Scans > Appliances to confirm that all appliances are Online.

 

Risk: An appliance that is not successfully communicating with Dispatcher at the time your subscription is migrated to New Scanner Services may be "orphaned" (see below).



icon_applnce_NonJDconnected.png

Each appliance is communicating with New Scanner Services.  If blue, this icon indicates that an appliance can successfully connect to New Scanner Services (i.e., scanservice1.qualys.com or scanservice1.qualys.eu).  Therefore, it is considered Ready for New Scanner Services.



ico_appliance_notready.gif

If red, this icon indicates that scanservice1 cannot be reached.

 

Risk: An appliance that is not successfully communicating with New Scanner Services at the time your subscription is migrated may be "orphaned" (see below).

 

Tip:You should ensure that your outbound firewall, URL filtering, and/or proxy policies are updated to allow appliance outbound connectivity via HTTPS to scanservice1.qualys.com or scanservice1.qualys.eu at TCP port 443.

 

 

See How to check scanner appliance status for more guidance on this topic.

 

 

When will my subscription be migrated to New Scanner Services?

  • If all of your appliances are currently online, Qualys may migrate your subscription at any time.  If you would like to prioritize or explicitly schedule your migration, please contact your representative or Qualys Support.
  • If any of your appliances are currently offline, Qualys will begin contacting you individually to make arrangements for the migration (i.e., to decide the fate of currently offline appliances).
    • If you have offline appliances which you know to be decommisioned and unwanted, please contact Qualys support so that they may be removed from your account.
  • If any of your appliances have been continuously offline for more than 90 days, Qualys may proactively choose to consider these appliances decommissioned and unwanted by the user and may execute the migration to New Scanner Services without making special arrangements.

 

What happens to appliances which are not successfully migrated?

As mentioned above, appliances which are not fully online (i.e., communicating with both Dispatcher and New Scanner Services) at the time of migration may become temporarily or permanently orphaned and become unavailable for use.

 

If any of your appliances lose sync during the migration because they were offline at the time or otherwise, Qualys support and/or your MSSP will attempt the following recovery steps:

 

  • Technical support will ask you to verify full connectivity between the appliance and the QualysGuard Platform, including routing, proxy, firewall, and URL filtering configurations.
  • Technical support will perform a "session reset" on the Platform which can often bring an orphaned appliance back into sync.
  • Technical support will ask that you perform a hard reset on your appliance.  You may need to physically visit the deployment location in order to execute this.
  • Finally, if all other efforts have failed, Qualys will recommend that your current appliance be RMA'ed and replaced with another one.

 

How long will the migration take?

The migration process consists of a single configuration change to your subscription by Qualys support personnel. After New Scanner Services is enabled, all of your appliances should show green for New Scanner Services within 30 minutes.

 

Any scans already underway at the time of the migration should be unaffected.  They will complete first, and then the scanners will re-register to New Scanner Services.

 

Migration Schedule

For details about the migration dates for specific platforms, please see the following:

 

Note: There are no outstanding migrations for US Platform 2.

Qualys will decommission its legacy platform scan distribution service, "Dispatcher", on or after 2014-02-28 on the EU Platform.

 

 

Dispatcher is being discontinued in favor of New Scanner Services, which has been in operation since 2010.  The vast majority of user subscriptions have already been migrated to New Scanner Services, and Qualys will now begin a final push to migrate all remaining subscriptions.  The migration action requires no user action and is non-disruptive except in special circumstances.

 

Details are available at Qualys To Decommission Scan Job "Dispatcher", Migrate All Subscriptions To "New Scanner Services". If you have further questions, you may contact your Qualys reseller contact; your Qualys account manager; and/or Qualys support.

Qualys will decommission its legacy platform scan distribution service, "Dispatcher", on or after 2014-02-28 on US Platform 1.

 

 

Dispatcher is being discontinued in favor of New Scanner Services, which has been in operation since 2010.  The vast majority of user subscriptions have already been migrated to New Scanner Services, and Qualys will now begin a final push to migrate all remaining subscriptions.  The migration action requires no user action and is non-disruptive except in special circumstances.

 

Details are available at Qualys To Decommission Scan Job "Dispatcher", Migrate All Subscriptions To "New Scanner Services". If you have further questions, you may contact your Qualys reseller contact; your Qualys account manager; and/or Qualys support.

Qualys regularly upgrades the QualysGuard Cloud Platforms for capacity expansion and maintenance purposes.

 

We are now ready for a maintenance that will allow Qualys to apply database and network enhancements to US Platform 2.

 

This upgrade will happen on February 20, 2014 and requires a 12-hour downtime starting at 12:00 PM Pacific (20:00 UTC) and ending at 0:00 AM Pacific next day (8:00 AM UTC next day).

 

Please note that none of the QualysGuard services on US Platform 2 will be available during this maintenance window.  This includes:

  • QualysGuard Vulnerability Management
  • QualysGuard Policy Compliance
  • QualysGuard Wep Application Scanning
  • QualysGuard Malware Detection Service
  • QualysGuard Asset Management, including Dynamic Asset Tagging

 

Any scans scheduled to begin during the downtime will start immediately following the scheduled downtime. Customers are advised to make sure that the restart of scheduled scans after the downtime does not interfere with normal network operations.

 

As all subscriptions on US Platform 2 are associated with New Scanner Services, your already-running scans will not be impacted by this downtime and the results will be processed after service is returned to the Platform.

 

We appreciate your patience and if you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +1 (866) 801 6161 (US and Canada) or +44 (0)1753 872102 (UK) or +33 1 41 97 35 81 (France).

 

We thank you for your continued support and look forward to your feedback.

qg2.qualys.com

An update to QualysGuard 7.12 will be released in production in the coming weeks to introduce improvements to the QualysGuard Cloud Platform and API:

  • New Permission to Manage External IDs
  • Dissolvable Agent Per Scan
  • QualysGuard API Enhancements

QualysGuard Cloud Platform

The following enhancements have been added to the platform:

 

New Permission to Manage External IDs

In this release, the Manager Primary Contact can now control which managers have permission to assign/edit external IDs for users. (In previous releases, any manager could change the external ID.)

 

 

External IDs

1.png

new security setting

Setting.png

User Extended Permission

3.png

 

 

Dissolvable Agent Per Scan

This release introduces the ability to enable the dissolvable agent on a per scan basis. You do this by selecting the dissolvable agent in your option profile (for vulnerability scans) and compliance profile (for compliance and SCAP scans). The dissolvable agent must first be accepted for the subscription.

 

The dissolvable agent will be enabled in your existing option profiles (and compliance profiles) automatically if the dissolvable agent was accepted for your subscription prior to this release. If it was not accepted, then it is not enabled in your option profiles.

 

Additionally, the dissolvable agent is not enabled by default in new option profiles.

 

 

QualysGuard Vulnerability Management - Scan Option Profile

VM Dissolvable.png

 

QualysGuard Policy Compliance

PC Dissolvable.png

 

QualysGuard API Enhancements

More details about the API feature in QualysGuard 7.12 update can be found in the QualysGuard 7.12 Update API Notification.

 

Compliance Posture Info - API v2 Enhancements

With this release we’ve added new input parameters to the “Compliance Posture Info” API v2 (with the endpoint /api/2.0/fo/compliance/posture/info/) to give you more flexibility with downloading compliance posture data from your account.

  • Using the new “policy_ids” parameter you can download compliance posture data for up to 10 policies.
  • Using the new “asset_group_ids” parameter you can filter compliance posture data to include certain asset groups. When used, posture data is downloaded only for hosts in the asset groups you’ve specified.

 

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

Release Schedule

For details about the release dates and to subscribe to release notifications by email, please see the following:

 

Tip: What's my platform

An update to QualysGuard, Version 7.12 will be available in production on the QualysGuard EU Platform on December 13, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur on December 12 between 20:00 UTC and 02:00 UTC next day.

 

Release Details: QualysGuard 7.12 Update includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.12 Update.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu.