AnsweredAssumed Answered

Logic behind Authentication Reports

Question asked by Nitin Gopinathan on Jan 20, 2016
Latest reply on Jan 21, 2016 by Nitin Gopinathan

Me and a few of my colleagues have been having a rather difficult time explaining to our clients what the Authentication Report actually does. We have gone through the reference material published here but it appears misleading. The document seems to suggest that Authentication Reports accurately reflect the authentication status for each compliance scan host. However, it does not mention how recent or accurate this data is. One would expect that the report provides up to date information about the authentication status for a PC host. For e.g., if I scanned a host yesterday, the Authentication Report I generate today should accurately reflect the latest authentication status that has been observed by Qualys scanner.

 

However, through multiple trials, we have tested and found this to be untrue. After failing to comprehend what was going on behind the scenes, we started conversations with Qualys support to get better insights into the working of these reports. However, even this has proved to be useless since the only conclusion we could come to was that Authentication Reports do not reflect up to date authentication status (actual reply by support personnel).

 

It has been quite a while since these discussions started and it has not led us anywhere till now. Our client has been using Authentication Reports to track the total number of active hosts and their authentication status since quite some time. We do not have a good enough reason to tell him why this is a bad idea and how the data they are referring to is inaccurate.

 

I am hoping I can find some help here in the community, since all other options have been exhausted.

Outcomes