QualysGuard General FAQ
- What is QualysGuard?
- What is Vulnerability Management?
- What is Vulnerability Assessment?
- Is QualysGuard a software product or a service?
- Is QualysGuard host-based or network-based?
- My company already deployed firewalls, Intrusion Detection Systems (IDS), and other security solutions. Why do we need vulnerability management?
- My company recently performed an annual security audit with the help of a consulting firm. Why do I need Qualys?
- How often is the vulnerability database updated?
- How do I know that the vulnerability database is up-to-date?
- What is the service availability for QualysGuard?
- What does Qualys do to protect my data?
- Our company is expanding internationally. Is QualysGuard restricted to the U.S. only?
- What happens if my network experiences rapid growth, for example through an acquisition?
- What type of company is typically in need of QualysGuard?
- Can I use QualysGuard and pay as I go?
What is QualysGuard?
Delivered as Software-as-a-Service (SaaS), QualysGuard is an on demand vulnerability management, policy compliance and asset management solution that enables organizations to assess and manage business risk. QualysGuard automates the network security auditing process across the enterprise both inside and outside the firewall, and across distributed networking environments. QualysGuard provides network discovery and analysis, asset prioritization, centralized reporting, and remediation workflow and verification. Executive-level reports allow security professionals to demonstrate effective security practices and verify compliance with data protection laws and regulations. QualysGuard's SaaS technology is far more accurate, cost effective, and easier to deploy than software-based alternatives.
What is Vulnerability Management?
Vulnerability management entails the six step, end-to-end process from (1) Host Discovery to (2) Asset Prioritization to (3) Vulnerability Assessment & Analysis to (4) Remediation, (5) Verification, and (6) Policy Compliance. Included in this process is the assessment of risk that any identified vulnerability introduces into the overall infrastructure.
What is Vulnerability Assessment?
Vulnerability Assessment (VA) is an integral component of vulnerability management. VA is the process of identifying network and device vulnerabilities before hackers can exploit them.
Is QualysGuard a software product or a service?
Qualys' Software-as-a-Service (SaaS) delivery model, allows users to access QualysGuard from any Web browser. This unique SaaS platform enables you to assess and manage your security exposures without requiring any capital outlay or infrastructure investment. QualysGuard is capable of managing Internet exposed vulnerabilities as well as vulnerabilities found on hosts that are not directly accessible from the Internet.
Is QualysGuard host-based or network-based?
QualysGuard is a network-based solution that detects vulnerabilities on all networked assets, including servers, network devices (e.g. routers, switches, firewalls, etc.), peripherals (such as IP-based printers or fax machines) and workstations. QualysGuard can assess any device that has an IP address. QualysGuard works both from the Internet to assess perimeter devices as well as from the inside of your network, to assess risk from an internal perspective, using secure, hardened QualysGuard Scanner Appliances.
My company already deployed firewalls, Intrusion Detection Systems (IDS), and other security solutions. Why do we need vulnerability management?
QualysGuard complements your firewalls, intrusion detection, antivirus, and other security solutions by providing a proactive, preventive approach to network security. Firewalls often permit threats and vulnerabilities, such as worms and viruses, to traverse un-trusted networks, such as the Internet, to your internal network. As worms get more intelligent, we will continue to see firewalls become an antiquated defense. Intrusion detection systems have already been deemed "yesterday's security tool," as they are reactive, "after the fact" technologies, much like antivirus solutions.
QualysGuard is a proactive solution which informs you of known vulnerabilities in your infrastructure. QualysGuard can even tell you if you are vulnerable to a new exposure before you perform a scan!
My company recently performed an annual security audit with the help of a consulting firm. Why do I need Qualys?
In the past, scanning your networks once a year or once a quarter was sufficient. However, with the average time between vulnerability detection and exploitation diminishing each year, annual audits are no longer frequent enough. With QualysGuard you can fully automate security assessments and reduce the time between audits from yearly or quarterly, to monthly, weekly or, perhaps for critical devices, even daily. You can decide how often a vulnerability assessment is required; varying from device to device, from network to network. Scans can be scheduled or performed on demand. Also, with the Qualys subscription, customers are entitled to an unlimited number of scans. Most customers schedule weekly scans and conduct on demand scans after a security policy change, or on a new device before it is deployed into a production environment.
How often is the vulnerability database updated?
Qualys updates its vulnerability database with multiple vulnerability checks each day, as new vulnerabilities emerge. An average of 20 new signature updates are delivered each week. We maintain the industry's largest, most comprehensive and up-to-date Vulnerability KnowledgeBase. Our CVE-compliant KnowledgeBase contains more than 11,000+ checks.
QualysGuard also supports the Open Vulnerability Assessment Language (OVAL) which is an industry standard for custom, customer specific vulnerability checks to verify mis-configurations and out-of-policy assets.
How do I know that the vulnerability database is up-to-date?
Qualys engineers develop vulnerability signatures every day in response to emerging threats. As soon as these signatures pass rigorous testing in the Qualys Quality Assurance Lab they are automatically made available to you for your next scheduled or on demand scan. No user action is required. In addition, as a part of the QualysGuard service, you can sign up to receive daily or weekly vulnerability signature update emails, detailing the new vulnerabilities QualysGuard is capable of detecting.
What is the service availability for QualysGuard?
QualysGuard is available 24x7x365 and can be accessed anytime from anywhere through a Web browser. Qualys consistently maintains 99% availability. The service is constantly updated transparently, without any interruption to users, and is only taken off-line once a quarter for maintenance and updates. This process usually lasts a few hours in duration.
What does Qualys do to protect my data?
All in-transit data, both between the QualysGuard Scanner Appliances and the QualysGuard platform as well as between each user's browser and the QualysGuard platform is encrypted using standard 128-bit SSLv3.
Stored data is kept in an encrypted format. Qualys encrypts each users' data uniquely, so that only the user who created the data can access it. Qualys has no insight into customer data. In fact, Qualys does not have access to the encryption key, so Qualys has no ability to decrypt the stored data.
The QualysGuard platform resides behind network-based, redundant, highly-available firewalls and intrusion monitoring solutions. In addition, each host runs a localized firewall on top of the customized, hardened Linux distribution which is unique to QualysGuard.
The QualysGuard platform is hosted in a data center that is subject to at least an annual SSAE 16 or industry standard alternative audit by an internationally-recognized accounting firm. All QualysGuard devices are located in physically secure, dedicated, locked cabinets protected by multiple-factor authentication, including biometrics.
Our company is expanding internationally. Is QualysGuard restricted to the U.S. only?
Qualys is a global company and our users are capable of assessing any network or system anywhere in the world. If the device resides on the Internet, QualysGuard uses the Security Operations Center (SOC) that is geographically closest to the device, in order to minimize latency and congestion. Organizations can choose to deploy secure, hardened QualysGuard scanner appliances throughout their enterprise in any country in the world.
Additionally, Qualys has support staff in the US and the EMEA as well as sales staff around the world to help service global enterprises.
What happens if my network experiences rapid growth, for example through an acquisition?
QualysGuard scales virtually infinitely with an organization's network growth. You can easily add or remove IP addresses to your account by contacting your account manager or Qualys Support.
What type of company is typically in need of QualysGuard?
Qualys, via its unique Software-as-a-Service (SaaS) model, addresses the vulnerability management needs of customers across multiple segments, including the Fortune 1000, small to medium businesses, consultants and managed service providers. Regardless of the environment, the scaleable, secure end-to-end solution is unchanged.
Can I use QualysGuard and pay as I go?
Yes. There are "pay per scan" packages available for QualysGuard. It is recommended, however, that any organization that is setting out to secure their enterprise choose the annual subscription service.