Skip navigation
Currently Being Moderated

Limitations when using Scan by Hostname

Created by Leif Kremkow on Feb 9, 2012 8:36 AM - Last modified by Leif Kremkow on Aug 30, 2012 6:37 AM

Currently it is recommended that the Scan by Hostname feature be used for scanning only. Features such as Report Trending, Asset Group Management, or Permissions were designed and implemented before Scan by Hostname was developed and have since not been re-designed for compatibility or tested in conjunction with this feature.

 

Possible side effects might arise if you build an Asset Group using the host name of target systems and then run scans and try to use the Asset Search Feature to report on these hosts by Asset Group; you would most likely not get correct results as the Asset Search section relies on IP’s to report back the data on the hosts.

 

Unless Host Tracking methods are adjusted (these default to IP tracking), results from different targets might be consolidated together when over the course of several scans, names share an IP. The ranges of the IPs that will be scanned by host name should be set to FQDN/NetBIOS tracking to reduce this phenomenon. Beyond simply impacting immediate scan results and false consolidation of results, setting the correct tracking method will also ensure trend reports remain coherent.

 

Other possible problems might arise when targets are entered by their name into an Asset Group and this Asset Group is used as a target for a scan job. It is possible that scan results from some targets are thrown away by QualysGuard because the IPs that were resolved during the scan are not part of the subscription. The IPs must all be listed in the Host Assets in your subscription to avoid this phenomenon. The QualysGuard database stores scan results based on IP address and failing to declare a target in the Hosts Assets section will mean that there is no container to store the scan results of a target.

 

This feature is only supported for scans from internal scanner appliances. Qualys External scanners will refuse the scan job. As of QualysGuard version 7.4, QualysGuard is also able to scan a hostname from the cloud scanner. See the QualysGuard 7.4 Release Notification for more information.

Comments (1)