FireMon Asset Manager
Page tree

Versions Compared

Old Version 1

changes.mady.by.user user-05670

Saved on

compared with

New Version Current

changes.mady.by.user Dong Pak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This integration combines Lumeta’s index of your network with Qualys  to provide your security policy management software with a comprehensive set of network data. The two solutions work together to eliminate gaps in vulnerability coverage and improve your organization's security posture.

The Qualys integration provides Qualys customers with a way to ensure that the Qualys agent is installed comprehensively on all network devices in a particular segment (or multiple segments) as intended.  The integration reconciles Qualys findings with Lumeta findings and insodoing, uncovers:

  1. Assets lacking the Qualys agent, which show up in Lumeta-only dashboard widgets and in the Qualys console.
  2. Assets to which visibility is blocked, which show up in Qualys-only dashboards widgets and in the Qualys console.
  3. Assets with comprehensive management, which show up in both Qualys and Lumeta dashboards widgets and in the Qualys console. A Qualys user with read-only permissions for the following parameters will be able to configure and use this integration:
    • Queries & Reports
    • Software
    • Software Manager 
    • System Tree Access

Widgets on Lumeta's Vulnerability Management dashboard are populated using a combination of IPs indexed by Lumeta and IPs from the qualys_scanned_ips table and the qualys_subscribed_ips table, as follows:

IPs Unmanaged by Qualys

IPs indexed by Lumeta yet unmanaged by Qualys

(aka Lumeta-Indexed - Qualys-Subscribed table on Lumeta)

IPs Unmanaged by Lumeta
IPs managed by Qualys yet not indexed by Lumeta
(aka Qualys-Scanned/Managed table on Lumeta - Lumeta-Indexed)

IPs both indexed by Lumeta and in Qualys managed list
(aka Intersection of Lumeta-Indexed and Qualys-Scanned/Managed table on Lumeta)

Configuring the Qualys Integration

An Lumeta A Asset Manager admin or superuser can configure connectivity between the Lumeta Asset Manager Command Center and the Qualys server as followsBlueCat server to compare and share IP address management findings.

Here's how:

  1. Log in to Lumeta as a superuserAsset Manager as an admin or any user with superuser privileges.

  2. On the main menu, browse to Settings > Integrations  > Other Solutions > QualysBlueCat.
    Image Removed

  3. Complete the configuration form , including Polling Interval, Qualys Server Name, Username and Password, and then click Submit.
    Image Added

    FieldDescription
    Polling IntervalHow often (in hours)
    that Lumeta
    Asset Manager should poll
    Qualys for information
    the BlueCat gateway
    Server NameThe
    Server
    server name or IP address of
    the Qualys server. 
    the BlueCat gateway
    Username
    Image Removed

    User account to the BlueCat gateway

    PasswordPassword
    Your Qualys password

       

    Enable
    to the BlueCat gateway
    Retrieve ConfigurationsFetches network configurations from the gateway
    Add unmanaged devices with no network block defined
    • Select to create a new device in BlueCat Address Manager (BAM) even when there is not a container network address block for the device.

    • Clear to NOT create a device in BlueCat Address Manager (BAM) when a container block does not exist for the device.

    Option

    Behavior

    No zones are enabled

    No assets will be pushed to BAM

    One zone is enabled however, no configuration is selected under BlueCat Configuration Name

    User has to select a configuration in order to push assets to BAM. No assets will be pushed to BAM

    One zone and one configuration is selected

    Asset Manager would identify all ip addresses discovered under selected zone and add ip addresses under selected configuration

    Two zones and two configurations are selectedAsset Manager would identify all ip addresses discovered under selected zones and add ip addresses under selected configuration for the ip address that don't exist in selected configuration for that zone


  4.  Enable the integration by toggling the Active control from red to greenblue.
    The message "Product configured properly" displays when the Qualys has been successfully configured. 

  5. The Lumeta Extension installs on your Qualys server. See How to Confirm Installation for more.

  6. Results populate the Qualys Integration dashboard.

    7. Confirm this by browsing in your Lumeta UI to Dashboards > Qualys Management.
    Image Removed

    will display.

Install the BlueCat Plugin if you have not done so already. 

Review the results on the BlueCat Management dashboard.