Architecture
Qualys has built a Global Web Service Architecture developed from the ground up to automate network security auditing and vulnerability management.
THE ARCHITECTURE CONSISTS OF:
Web User Interface
The Web User Interface provides secure access to QualysGuard at any time, from anywhere. From a standard Web browser users can launch scans, examine vulnerability trends, access fix information and track vulnerability tickets.
Secure Operations Centers (SOCs)
Qualys SOCs provide secure storage and processing of vulnerability data on an n-tiered architecture of load-balanced application servers. High availability, continuously monitored safe datacenters host physically and logically secure databases with encrypted data storage. Click here to learn more about the unique security features of the QualysGuard architecture.
KnowledgeBase
The KnowledgeBase contains the intelligence that powers QualysGuard's comprehensive on-demand network security audits and vulnerability management. Qualys updates the KnowledgeBase daily with signatures for new vulnerabilities, validated fixes and signature improvements. Continuous automated updates ensure QualysGuard Web service users that they are always testing for the latest vulnerabilities.
Internet Remote Scanners
QualysGuard's Internet Scanners provide fast and efficient external scanning. Qualys hosts a collection of Internet Scanners optimized to scan publicly facing devices globally via the Internet. In this manner, QualysGuard scans and processes security audits in parallel for optimum speed of operations. The inference-based scanning engine employs an un-trusted approach for greater accuracy and scalability, delivering both accurate results and scalable performance.
QualysGuard Scanner Appliances
QualysGuard Scanners are appliance versions of the Internet Remote Scanners. Scanners enable customers to bring QualysGuard's assessment capabilities to their internal networks. Installed in minutes and requiring no maintenance by the user, the hardened Linux appliance needs no special firewall configurations to obtain updates and new vulnerability signatures and perform scan jobs, returning results securely over a standard SSL-encrypted channel.
QualysGuard Data Security
The QualysGuard Web service is the first and only solution to encrypt vulnerability data end-to-end, ensuring the data is secure at any time so only customers have access to the scan data. Two-factor RSA SecurID authentication is also available for enterprise customers seeking advanced user authentication in accessing the QualysGuard service.
QualysGuard's data security has undergone an SAS-70 audit and a comprehensive penetration test from trusted third parties confirming the security of the architecture. To read more about QualysGuard Data Security, please click here.
