Getting Started with Qualys Container Security from AWS Marketplace

Document created by Hari Srinivasan Employee on Jan 15, 2019Last modified by Robert Dell'Immagine on Mar 8, 2019
Version 2Show Document
  • View in full screen mode

Introduction


Qualys Container Security is now available in AWS Marketplace under BYOL. Users can buy the licenses from Qualys and deploy the Container Sensor 'side-car' to secure their Container deployments in AWS. Learn about Qualys Container Security.

 

Users can use Qualys Container Security to secure their Build - Ship - Run environments

  • Analyze Docker Images for vulnerabilities in the CI/CD pipelines in AWS
  • Detect vulnerabilities in Images in the AWS Elastic Container Registry (ECR)
  • Secure the container deployments in AWS ECS and EKS or custom EC2 container deployments

 

 

 

 

Getting Started with deploying the Container Security

 

At the end of the exercise, you would have the Container Sensor 'side-car' deployed in your AWS environment.

 

If you do not have a Qualys Container Subscription, signup or subscribe to the solution to get started.
Qualys supports 30day free trial, if you want to start off with a Trial

Free Trial | Qualys, Inc. 

 

 

From the AWS Marketplace, look for Qualys Container Security. Click 'Continue to Subscribe'

 

After subscribing, continue to configure the solution

 

From the configuration screen, choose a Fulfillment Option.

 

Select the fulfillment option depending upon your subscriptions Qualys platform.

What's my platform? Identify your Qualys Platform 

Select the software version, always pick the latest. Click 'Continue to Launch'

 

 

Click 'View container image details', to view the details for Container Sensor (side-car) docker image.

 

Follow the instructions to pull the image from the AWS Container Registry.

The Qualys Container Sensor can be deployed as a side-car container on AWS ECS, AWS EKS or on your regular EC2 environment that is dockerized.

 

The deployment templates for deploying the Qualys container sensor on AWS ECS and EKS are available from the links. 

 

 

In order to deploy the container sensor under your Qualys subscription, you need the Activation Id and the Customer Id.

 

Log into your Qualys Subscription, navigate to Configurations > Sensors. Choose the sensor type depending upon the use case you are using it for.

 

 

From the instructions for the Sensor, retrieve your subscription specific Activation Id and Customer Id.

 

Update the deployment templates for ECS or EKS with the Activation Id and Customer Id before you deploy the Qualys Container Sensor.

 

For more information on deployment and using the Qualys Container Security, follow the Qualys Container Security User Guide.

 

 

FAQ

  1. Is the listing specific to US only, when it will be available for other regions?
    Current listing only offers Container sensors that can talk to Qualys platforms in US. Soon the other Qualys platforms will be supported.

  2. Is the Container Sensor side-car run as Privileged?
    No, the Container Sensor side-car doesn't run as privileged. It requires only persistent storage for its deployment.
  3. What is the cost of the Qualys Container Security solution?
    The Qualys Container Security solution is licensed by average number of nodes secured. It doesn't count Containers or Images on the nodes. For information on pricing and licensing contact Qualys Sales.

 

 

For any support related queries, reach out to Qualys Support
Customer Support and Training | Qualys, Inc. 

Attachments

    Outcomes