UISO Vulnerability Scanners
QualysGuard Vulnerability Scanner
The QualysGuard Vulnerability Scanner (Qualys) is used to discover vulnerabilities on systems and websites on the IU network. In order to request access to the system, you will need to send an email to firstname.lastname@example.org with the following information.
- Unique name for your group. If possible ADS groups or HR Codes like IU-UISO are the optimal format for this.
- username and Full Name of chief persons in charge of dealing with scanning in your group (There can be more than one
- username and full name of any other users who will need to read scan reports
- If you're doing website scanning, a list of URLs to scan.
- If you're doing system scanning, a list of only IPs or CIDR blocks broken out in three sections.
- Machines in the IU DATA center
- Machines outside the IU DATA center with a static IP
- Any DHCP ranges you exclusively control. (Any hosts that need to be scanned which use mixed DHCP ranges may need a static IP)
When logging into Qualys, you will always need to use the SAML login link. If you're prompted for a username and password and not CAS, you need to use this link.
You may need to provide access to the scanner if you use a host-based firewall or other protections against attack on the system. The scanner does not perform denial of service attacks. These IPs should be able to ping your hosts, but if you allow the scanner to access more open ports it will give more precise results.
Additionally, any public website will most likely be scanned from a remote scanner located in the following block:
Follow these steps to get a basic report for your Business Unit
- Choose the Reports tab. Choose the Reports subtab.
- Select New->Report->Template Based. A new window should pop up.
- In Report Template, select Default Unit Report
- Under Asset Group, you may sellect a subset of the Asset Groups you have access to. All is a special system-level access group that shows everything you can report on.
- You can report on individual IPs/ranges, but you need to remove any Asset Groups from the previous section.
- You can choose to schedule a report. Default scans run the first Monday of every month and are usually completed by Wednesday. UISO runs our monthly scans on the second Monday of every month.
- Click Schedule
- The "Help" menu inside QualysGaurd will link you to some of the sources. You can also contact Qualys support directly through that interface.
- The Qualys Community (https://community.qualys.com/community/help) provides a place to submit questions and read answers directly from other Qualys customers.
- Tutorial videos are enabled by default when you login to Qualys, and can also be found on the help page.
- A quick tour around the interface: (https://www.qualys.com/docs/version/8.4/qualys-quick-tour.pdf)