Re: QualysGuard - VA/PT appliance

[NewYork User <newyorkuser () gmail com>]

Prasanna, 

I have used this for one of our assessments. Makes your life so much
easier for initial scanning for vulnerabilities. We did have some
false alarms, but over all the client was very satisfied by the
reports.

It is true that they store the reports on their servers. The appliance
has to be connected to the same network for which the assessment is
being done. The appliance has an SSL connection to their huge storage
with several layers of security. Outbound 443 is open on any network.
Also, you can connect to your qualys appliance from any where. You
basically login to their servers which has the SSL connection already
established to your appliance. They claim that the data is not
accessible by any one except us what so ever. There is a pretty good
explanation on their website showing the entire process. But if you
guys have problem storing the data on their servers, I would think
again. It is the convenience, user management and accuracy that makes
Qualys more attractive solution than others.

Hope this helps. 

On 8/23/05, marc bayerkohler <lists.marc () gmail com> wrote:
> This sounds just like the FusionVM product from CriticalWatch.
>
> http://www.criticalwatch.com/solutions.html
>
> You install their box, which VPNs home.  You schedule the assessments
> and read the output through their portal.
>
> The reporting is very flexible, it is via a web application, so you
> can give a manager an account so he can view just the results for his
> machines, etc.
>
> It is also tied in to a ticketing system you can use for remediating the issues.
>
> marc bayerkohler
>
>
>
> ---------- Forwarded message ----------
> Date: Tue, 23 Aug 2005 10:49:26 +0530
> From: prasanna.mukundan () wipro com
> To: pen-test () securityfocus com
> Subject: QualysGuard - VA/PT appliance
>
>
> http://www.qualys.com/products/qgcons/
>
> We have are evaluating an appliance by Qualys, called QualysGuard that
> purportedly "enables security auditors to scope and perform detailed
> vulnerability assessments anytime, anywhere, using nothing more than a
> Web browser."
>
> Has anyone used this appliance? If so could you give me your feedback on
> the product?
>
> > From what I have seen of it in a couple of days, it seems to initiate a
> scan(for s/w vulnerabilities) from the intranet of a network, but sends
> the data to the internet/qualys server (and accessed via qualys'
> website), which imo while have the regulators and auditors screaming. I
> would appreciate if anyone could confirm/correct that.
>
>
> Thanks,
> Prasanna
>
>
>
>
>
> Confidentiality Notice
>
> The information contained in this electronic message and any
> attachments to this message are intended
> for the exclusive use of the addressee(s) and may contain confidential
> or privileged information. If
> you are not the intended recipient, please notify the sender at Wipro
> or Mailadmin () wipro com immediately
> and destroy all copies of this message and any attachments.