AnsweredAssumed Answered

How to define access structure and provision it in Qualys Tool for the users

Question asked by Masterchef chetu on Sep 2, 2015

Hi Friends,

 

Right now we have provided access to the client based on their request on qualys tool. Recently, couple of issues happened and client has requested us to define the access structure based on these parameters below marked in red. Can someone plz help me with this ? It's urgent

  • Within a single market (unit), able to launch ad hoc scans, view scan results and reports
  • Within a single market (unit) able to view scan results and reports
  • Within multiple markets (units), able to launch ad hoc scans, view scan results and reports
  • Within multiple markets (units) able to view scan results and reports
  • Global, able to launch ad hoc scans, view scan results and reports
  • Global, able to view scan results and reports.

The concept of “least privilege” should be considered when determing the configuration of the user access levels above.  Meaning, although “manager” level would grant users all of the functions above, it shouldn’t be used as it grants additional, unnecessary access to the users.  I’m looking forward to hearing more about the configuration to address these use cases.

Name

Current Access Level

SOC Manager

Manager- Based on shared model will delegate the work based on avialbility

Project Manager

Reader- will just review the report

SOC Analyst

Unit Manager- Will run the scan and add assets groups and monitor the qualys tool

CLIENT

Unit Manager- Will be  performing adhoc scans and download report

Security Officer

Manager- Will be recommeding and managing the applicances

Client

Manager

Client

Manager

Outcomes