The documentation about Qualys or Cyber-Ark (CyberArk) that I have found so far discusses how to use C-A for auth records. What I wanna know is how to scan the thing. It appears to rename the standard Windows firewall to I think it "Cyber-Ark Hardened Windows Firewall". Port scans come back with only ICMP replies, no open ports, interesting.
C-A seems baffled that I would just not trust their host altogether, which is funny. I do have a local Windows admin acct that is proven good. The sysadmin guys say they have allowed by Qualys IP address full IP (65535 TCP & UDP, plus ICMP) access to the thing, and port scans then come back with only TCP 135 open. I think 135 should be enough for Qualys to remotely log in to it, but am unsure.
Either way, my q: really is has anyone been able to do an authenticated scan of a Cyber-Ark host, and if so, how? Any suggestions?
This, for now, is on a local test network, no network firewall or IPS between Qualys appliance and C-A host, just straight Ethernet switching. The C-A web site is my next stop.