SlideShare uma empresa Scribd logo

Deploying Vulnerability Management with QualysGuard

T
Tom - Creed
1 de 9
Baixar para ler offline
© 2013 Host Integrity Systems, Inc. VMS All rights reserved. Host Integrity Systems and the Host Integrity Systems logo are service marks of Host Integrity Systems, Inc. All other trademarks are the property of their respective owners. Classification: //Host Integrity Systems/Confidential - Limited External Distribution. Any unauthorized review, use, disclosure or distribution is prohibited. White Paper: Deployment of Vulnerability Management Host Integrity Systems April 2013 For the full content of this white paper, contact : info@viateres.com OR info@hostintegritysystems.com
© 2013 Host Integrity Systems, Inc. 1 VMS Table of Contents INTRODUCTION ................................................................................................................... 2 THE IT SECURITY AND VM CHALLENGE ............................................................................ 2 IT SECURITY PROCESSES AND INTEGRATION OBJECTIVES .................................................. 4 THE QUALYSGUARD BENEFIT ............................................................................................ 5 QualysGuard UI ............................................................................................................ 6 THE DEVELOPMENT PROCESS ............................................................................................. 7 Deliverables................................................................................................................... 8 THE VM PROCESS............................................................................................................... 9 IT INTERFACES AND INTEGRATIONS ................................................................................. 10 Authoritative Data Sources.......................................................................................... 10 QUALYSGUARD VM SERVICE CONFIGURATION ............................................................... 12 Other Configuration Items........................................................................................... 13 CO-MANAGED VM SERVICE............................................................................................. 13 CONCLUSION .................................................................................................................... 15
© 2013 Host Integrity Systems, Inc. 2 VMS Introduction IT Vulnerability Management (VM) is one of the key functions within enterprise IT Security. VM monitors and mitigates certain risk vectors affecting the integrity, performance, and purposeful application of IT computing and communication facilities to proprietary operation of the business. Some level of VM is applicable to IT Security within almost every size and type of organization. This VM solution overview is focused particularly to an architecture and implementation integrating external vulnerability assessment services, internal IT computing facilities systems management, and internal IT process aligned vulnerability monitoring and remediation management. The overall strategy for VM design and implementation is centered around Collaboration, Integration and Automation . The characteristic challenges of this IT environment and the benefits of the designed solution are: Large enterprise with many data centers and thousands of IT deployment sites in a multi-national scope. Significant internal and external pressures to reduce IT operational costs. Use of a leading vulnerability assessment service (QualysGuard) for features, ease of deployment, and support. Interoperation with existing platform management systems (server, desktop, infrastructure). VM process integration and IT process alignment via a rich user interface automation system. The described VM solution allows the IT department to deliver expected levels of IT risk management, regulatory compliance, and cost effectiveness to the business. The IT Security and VM Challenge Organizations of every size and in every business environment face some common IT Security challenges in terms of operational needs, threats, and resources: 1. Need for reliable, highly available, secure transaction capabilities for communication and commerce1 . Customers, business partners, and governments universally demand2 this. 2. An almost infinite variety and behavior of IT platforms, communication protocols, applications, system configurations, use modes.
© 2013 Host Integrity Systems, Inc. 3 VMS 3. Rapidly and constantly evolving technology and threat profiles coupled with the variable landscape of defensible entry points and perimeters3 . 4. Specific business sector and customer community requirements Ex : Payment Card Industry (PCI) Data Security Standards (DSS) Compliance. The PCI Security Standards Council provides guidance for technology and process to meet requirements for secure and reliable financial transactions. And, finally, IT Security challenges must be addressed with solutions that integrate and support cost effective (profitable) business operations, flexibility, continuity contingencies, and value offered in the market. The IT Security solution set most effectively comes together as an organically engineered and deployed IT Security ecosystem aligned and integrated with overall enterprise IT and business operations. Vulnerability Management and its associated technology enablers automation - is one very key facet of the IT Security solution set. VM automation must be rationalized within enterprise IT operations and integrated into the IT Security ecosystem ; see . Figure 1 - IT Security Ecosystem
© 2013 Host Integrity Systems, Inc. 4 VMS Within the context of the IT Security challenges mentioned above and the goal of engineering a VM component for the IT Security Ecosystem we rely on a strategy that combines Collaboration, Integration and Automation CIA . The CIA approach to VM is further detailed in the following sections. IT Security Processes and Integration Objectives Contemporary business environments are highly competitive with significant cost pressure that trickles down to most every internal function and department. This coupled with the multi- faceted ever evolving demands on the IT department lead to some evident requirements for design, deployment, and functionality of the VM sub-function within IT Security. The CIA approach to VM will specifically address these: 1) Collaboration IT staff must be able to use and maintain the VM solution without additional specialized personnel or resources. This boils down to a balance of head count / labor cost, staff tasking load, competency, and availability + flexibility. A beneficial tactic to achieve the balance is to uplift IT staff capability and effectiveness via expertise of an IT Security partner coupled with integration and automation; C+IA. 2) Integration Integrate with and leverage existing IT processes and functions. Maximize use of existing IT computing platforms and services while minimizing implementation of new -off; and some IT Security infrastructure (VM automation) is necessary fo architectures and processes conforming to and complementing the existing IT environment will achieve the desired balance ; C+I+A . 3) Automation Vulnerability problems are often long standing and are certainly ever growing, so a robust VM solution was needed yesterday. We must minimize time to design and implement with an eye to effectively supporting the other two legs of the CIA approach. begin detecting and remediating vulnerabilities real soon. Employing optimal commercial IT security technology is a preferred tactic to minimize time to design & deploy as well as being a capability multiplier for IT staff and processes ; CI+A . Thus, Collaboration, Integration and Automation is the correct approach to leveraging and enabling people + process + technology: ................... snip ......................
© 2013 Host Integrity Systems, Inc. 9 VMS The VM Process The VM solution is a composite mechanism centered around the QualysGuard vulnerability assessment and reporting automation tool. Key integrations (inputs, outputs, feedback) with other IT systems and tools make the overall VM solution a semi-automated (low hands-on requirements) daily use tool contributing to IT security awareness and risk reduction. Figure 4 - QualysGuard VM Process
© 2013 Host Integrity Systems, Inc. 10 VMS IT Interfaces and Integrations An effective VM solution for the enterprise requires careful consideration of interfaces and integrations with other IT processes and systems. The key systems and interfaces must be identified, accommodated, and usefully leveraged where possible. This VM solution references important IT interfaces as shown in . Figure 5 - VM Interfaces & Coordinations Authoritative Data Sources shows the type of authoritative data sources useful for development and maintenance of QualysGuard (QG) assessment mapping, concurrency with IT network deployment, regulatory reporting, and other business operations needs. Table 2 - Authoritatave Data Sources
© 2013 Host Integrity Systems, Inc. 11 VMS The results of QG map scans of the enterprise IP ranges as well as results from periodic QG asset group scans offer opportunities for comparison of discovered hosts and sub-networks with the corresponding known information of the authoritative data sources ( ) . Where there are discrepancies between the QG discoveries and the authoritative data sources a feedback of corrective updates to the authoritative data sources can be implemented. Over time and consistent use of QG, enterprise IT asset and network information can be well refined by the interoperation and feedback loop. QG will increasingly be relied upon as the ground truth while the complementary IT authoritative data sources will become correspondingly reliable due to the corrective feedback. Illustrates the overall operational Vulnerability Assessment process with integrations (inputs, outputs, feedback) to other IT systems. Most stages of this process are directed by asset groups which define the vulnerability scan targets as well as reporting scope.
© 2013 Host Integrity Systems, Inc. 12 VMS Figure 6 - VM Process Cycle QualysGuard VM Service Configuration The QualysGuard VM service uses various configuration data sets to produce the operational behavior needed in the VM solution. These are generally one time created items by the VM solution administrator(s) or products of the QualysGuard operations itself. All of this information is both used by QualysGuard as well as reviewed and tuned by the VM solution administrator(s) with continuing operational activities. lists these QualysGuard configuration data sets. ................... snip ...................... For the full content of this white paper, contact : info@viateres.com OR info@hostintegritysystems.com

Recomendados

Vazata Federal IaaS
Vazata Federal IaaSVazata Federal IaaS
Vazata Federal IaaSftculotta27
 
Hdcs Overview Final
Hdcs Overview FinalHdcs Overview Final
Hdcs Overview Finalrjt01
 
Configuration Compliance For Storage, Network & Server
Configuration Compliance For Storage, Network & Server Configuration Compliance For Storage, Network & Server
Configuration Compliance For Storage, Network & Server EMC
 
Defense Foundation Product Brief
Defense Foundation Product BriefDefense Foundation Product Brief
Defense Foundation Product Briefwdjohnson1
 
Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...Fernando Alves
 
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET Journal
 
IRJET- Effective Privacy based Distributed Storage Structure
IRJET- Effective Privacy based Distributed Storage StructureIRJET- Effective Privacy based Distributed Storage Structure
IRJET- Effective Privacy based Distributed Storage StructureIRJET Journal
 
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...IRJET Journal
 

Recomendados

Vazata Federal IaaS
Vazata Federal IaaSVazata Federal IaaS
Vazata Federal IaaSftculotta27
 
Hdcs Overview Final
Hdcs Overview FinalHdcs Overview Final
Hdcs Overview Finalrjt01
 
Configuration Compliance For Storage, Network & Server
Configuration Compliance For Storage, Network & Server Configuration Compliance For Storage, Network & Server
Configuration Compliance For Storage, Network & Server EMC
 
Defense Foundation Product Brief
Defense Foundation Product BriefDefense Foundation Product Brief
Defense Foundation Product Briefwdjohnson1
 
Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...Fernando Alves
 
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET Journal
 
IRJET- Effective Privacy based Distributed Storage Structure
IRJET- Effective Privacy based Distributed Storage StructureIRJET- Effective Privacy based Distributed Storage Structure
IRJET- Effective Privacy based Distributed Storage StructureIRJET Journal
 
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...IRJET Journal
 
NIST Definition of Cloud Computing
NIST Definition of Cloud ComputingNIST Definition of Cloud Computing
NIST Definition of Cloud ComputingScientia Groups
 
Cisco Secure Enclaves Architecture
Cisco Secure Enclaves ArchitectureCisco Secure Enclaves Architecture
Cisco Secure Enclaves ArchitectureCisco Russia
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET Journal
 
An Introduction to Designing Reliable Cloud Services January 2014
An Introduction to Designing Reliable Cloud Services January 2014An Introduction to Designing Reliable Cloud Services January 2014
An Introduction to Designing Reliable Cloud Services January 2014David J Rosenthal
 
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...ijcncs
 
Centralizing security on the mainframe
Centralizing security on the mainframeCentralizing security on the mainframe
Centralizing security on the mainframeArun Gopinath
 
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...VMworld
 
Using Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI complianceUsing Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI complianceCisco Service Provider
 
BMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 YearsBMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 YearsChris Farwell
 
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...idescitation
 
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...benzfire
 
Cloud implementation security challenges
Cloud implementation security challengesCloud implementation security challenges
Cloud implementation security challengesbornresearcher
 
328491-PCI-dss white paper
328491-PCI-dss white paper328491-PCI-dss white paper
328491-PCI-dss white paperManoj Punamia
 
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and SolutionIRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and SolutionIRJET Journal
 
RightITnow Whitepaper
RightITnow WhitepaperRightITnow Whitepaper
RightITnow WhitepaperMarc Ferrie
 
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
ESG Labs Testing and Performance Audit of the NetBackup 5330 ApplianceESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
ESG Labs Testing and Performance Audit of the NetBackup 5330 ApplianceSymantec
 
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)ijcncs
 
A study on security responsibilities and adoption in
A study on security responsibilities and adoption inA study on security responsibilities and adoption in
A study on security responsibilities and adoption ineSAT Publishing House
 
A study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloudA study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloudeSAT Journals
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 
Estrategias de c16 de 2012
Estrategias de c16 de 2012Estrategias de c16 de 2012
Estrategias de c16 de 2012Pilar Ariza
 
Fall_2016_Accessory_Linesheets
Fall_2016_Accessory_LinesheetsFall_2016_Accessory_Linesheets
Fall_2016_Accessory_LinesheetsMehtab Badwal
 

Mais conteúdo relacionado

Mais procurados

NIST Definition of Cloud Computing
NIST Definition of Cloud ComputingNIST Definition of Cloud Computing
NIST Definition of Cloud ComputingScientia Groups
 
Cisco Secure Enclaves Architecture
Cisco Secure Enclaves ArchitectureCisco Secure Enclaves Architecture
Cisco Secure Enclaves ArchitectureCisco Russia
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET Journal
 
An Introduction to Designing Reliable Cloud Services January 2014
An Introduction to Designing Reliable Cloud Services January 2014An Introduction to Designing Reliable Cloud Services January 2014
An Introduction to Designing Reliable Cloud Services January 2014David J Rosenthal
 
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...ijcncs
 
Centralizing security on the mainframe
Centralizing security on the mainframeCentralizing security on the mainframe
Centralizing security on the mainframeArun Gopinath
 
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...VMworld
 
Using Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI complianceUsing Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI complianceCisco Service Provider
 
BMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 YearsBMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 YearsChris Farwell
 
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...idescitation
 
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...benzfire
 
Cloud implementation security challenges
Cloud implementation security challengesCloud implementation security challenges
Cloud implementation security challengesbornresearcher
 
328491-PCI-dss white paper
328491-PCI-dss white paper328491-PCI-dss white paper
328491-PCI-dss white paperManoj Punamia
 
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and SolutionIRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and SolutionIRJET Journal
 
RightITnow Whitepaper
RightITnow WhitepaperRightITnow Whitepaper
RightITnow WhitepaperMarc Ferrie
 
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
ESG Labs Testing and Performance Audit of the NetBackup 5330 ApplianceESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
ESG Labs Testing and Performance Audit of the NetBackup 5330 ApplianceSymantec
 
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)ijcncs
 
A study on security responsibilities and adoption in
A study on security responsibilities and adoption inA study on security responsibilities and adoption in
A study on security responsibilities and adoption ineSAT Publishing House
 
A study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloudA study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloudeSAT Journals
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 

Mais procurados (20)

NIST Definition of Cloud Computing
NIST Definition of Cloud ComputingNIST Definition of Cloud Computing
NIST Definition of Cloud Computing
 
Cisco Secure Enclaves Architecture
Cisco Secure Enclaves ArchitectureCisco Secure Enclaves Architecture
Cisco Secure Enclaves Architecture
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
 
An Introduction to Designing Reliable Cloud Services January 2014
An Introduction to Designing Reliable Cloud Services January 2014An Introduction to Designing Reliable Cloud Services January 2014
An Introduction to Designing Reliable Cloud Services January 2014
 
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
 
Centralizing security on the mainframe
Centralizing security on the mainframeCentralizing security on the mainframe
Centralizing security on the mainframe
 
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
 
Using Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI complianceUsing Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI compliance
 
BMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 YearsBMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 Years
 
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
 
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
 
Cloud implementation security challenges
Cloud implementation security challengesCloud implementation security challenges
Cloud implementation security challenges
 
328491-PCI-dss white paper
328491-PCI-dss white paper328491-PCI-dss white paper
328491-PCI-dss white paper
 
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and SolutionIRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and Solution
 
RightITnow Whitepaper
RightITnow WhitepaperRightITnow Whitepaper
RightITnow Whitepaper
 
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
ESG Labs Testing and Performance Audit of the NetBackup 5330 ApplianceESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
 
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
 
A study on security responsibilities and adoption in
A study on security responsibilities and adoption inA study on security responsibilities and adoption in
A study on security responsibilities and adoption in
 
A study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloudA study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloud
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
 

Destaque

Estrategias de c16 de 2012
Estrategias de c16 de 2012Estrategias de c16 de 2012
Estrategias de c16 de 2012Pilar Ariza
 
Fall_2016_Accessory_Linesheets
Fall_2016_Accessory_LinesheetsFall_2016_Accessory_Linesheets
Fall_2016_Accessory_LinesheetsMehtab Badwal
 
Connection point with Joaan station
Connection point with Joaan stationConnection point with Joaan station
Connection point with Joaan stationMohamed Ibrahim
 
Social studies
Social studiesSocial studies
Social studiesmafe
 
IT Diploma
IT DiplomaIT Diploma
IT Diplomamasukurh
 
OFIMÁTICA WEB
OFIMÁTICA WEBOFIMÁTICA WEB
OFIMÁTICA WEBMaricruz
 
Ian_McGrew 2016 resume
Ian_McGrew 2016 resumeIan_McGrew 2016 resume
Ian_McGrew 2016 resumeIan McGrew
 
Os alunos do 3º b da eb 1 do desterro
Os alunos do 3º b da eb 1 do desterroOs alunos do 3º b da eb 1 do desterro
Os alunos do 3º b da eb 1 do desterro2013-3102
 
Amentiratempernacurta 130324185909-phpapp01
Amentiratempernacurta 130324185909-phpapp01Amentiratempernacurta 130324185909-phpapp01
Amentiratempernacurta 130324185909-phpapp01margaridafonseca63
 
Tutorial de catal y renov jul 2010
Tutorial de catal y renov jul 2010Tutorial de catal y renov jul 2010
Tutorial de catal y renov jul 2010Ara Benit
 

Destaque (12)

Estrategias de c16 de 2012
Estrategias de c16 de 2012Estrategias de c16 de 2012
Estrategias de c16 de 2012
 
Fall_2016_Accessory_Linesheets
Fall_2016_Accessory_LinesheetsFall_2016_Accessory_Linesheets
Fall_2016_Accessory_Linesheets
 
Connection point with Joaan station
Connection point with Joaan stationConnection point with Joaan station
Connection point with Joaan station
 
Social studies
Social studiesSocial studies
Social studies
 
Segovia
SegoviaSegovia
Segovia
 
MAGPRO35KOMPAKT
MAGPRO35KOMPAKTMAGPRO35KOMPAKT
MAGPRO35KOMPAKT
 
IT Diploma
IT DiplomaIT Diploma
IT Diploma
 
OFIMÁTICA WEB
OFIMÁTICA WEBOFIMÁTICA WEB
OFIMÁTICA WEB
 
Ian_McGrew 2016 resume
Ian_McGrew 2016 resumeIan_McGrew 2016 resume
Ian_McGrew 2016 resume
 
Os alunos do 3º b da eb 1 do desterro
Os alunos do 3º b da eb 1 do desterroOs alunos do 3º b da eb 1 do desterro
Os alunos do 3º b da eb 1 do desterro
 
Amentiratempernacurta 130324185909-phpapp01
Amentiratempernacurta 130324185909-phpapp01Amentiratempernacurta 130324185909-phpapp01
Amentiratempernacurta 130324185909-phpapp01
 
Tutorial de catal y renov jul 2010
Tutorial de catal y renov jul 2010Tutorial de catal y renov jul 2010
Tutorial de catal y renov jul 2010
 

Semelhante a Deploying Vulnerability Management with QualysGuard

IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...
IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...
IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...AutomationEdge Technologies
 
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...Symantec
 
Hybrid Cloud - Key Benefits & Must Have Requirements
Hybrid Cloud - Key Benefits & Must Have RequirementsHybrid Cloud - Key Benefits & Must Have Requirements
Hybrid Cloud - Key Benefits & Must Have RequirementsJamcracker Inc
 
What Is an IT Infrastructure_ Types and Components.pdf
What Is an IT Infrastructure_ Types and Components.pdfWhat Is an IT Infrastructure_ Types and Components.pdf
What Is an IT Infrastructure_ Types and Components.pdfNukala Gopala Krishna Murthy
 
Ipm executive-summary-vi-federal
Ipm executive-summary-vi-federalIpm executive-summary-vi-federal
Ipm executive-summary-vi-federalJohn McDonald
 
Sumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions BriefSumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions BriefManish Kalra
 
Security in a Virtualised Computing
Security in a Virtualised ComputingSecurity in a Virtualised Computing
Security in a Virtualised ComputingIOSR Journals
 
What's New at VMware?
What's New at VMware?What's New at VMware?
What's New at VMware?Vmwareir
 
Cisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepaperCisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepapershankar Psschiatanya
 
Iaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems usingIaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems usingIaetsd Iaetsd
 
IT Infrastructure Management | Defination, Objectives & Strategies
IT Infrastructure Management | Defination, Objectives & StrategiesIT Infrastructure Management | Defination, Objectives & Strategies
IT Infrastructure Management | Defination, Objectives & StrategiesGrapesTech Solutions
 
Introduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptxIntroduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptxArrow ECS UK
 
Every cloud has a silver lining
Every cloud has a silver liningEvery cloud has a silver lining
Every cloud has a silver liningAditya Dashora
 
Oman logestic company
Oman logestic companyOman logestic company
Oman logestic companybalqees91
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareMike Rizzo
 
Cloud Computing - A future prerogative
Cloud Computing - A future prerogativeCloud Computing - A future prerogative
Cloud Computing - A future prerogativeWayne Poggenpoel
 
Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetTripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetDevaraj Sl
 
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud StorageA Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud StorageIRJET Journal
 
Trusted computing: an overview
Trusted computing: an overviewTrusted computing: an overview
Trusted computing: an overviewTJR Global
 

Semelhante a Deploying Vulnerability Management with QualysGuard (20)

IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...
IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...
IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...
 
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
 
Hybrid Cloud - Key Benefits & Must Have Requirements
Hybrid Cloud - Key Benefits & Must Have RequirementsHybrid Cloud - Key Benefits & Must Have Requirements
Hybrid Cloud - Key Benefits & Must Have Requirements
 
What Is an IT Infrastructure_ Types and Components.pdf
What Is an IT Infrastructure_ Types and Components.pdfWhat Is an IT Infrastructure_ Types and Components.pdf
What Is an IT Infrastructure_ Types and Components.pdf
 
Ipm executive-summary-vi-federal
Ipm executive-summary-vi-federalIpm executive-summary-vi-federal
Ipm executive-summary-vi-federal
 
Sumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions BriefSumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions Brief
 
Security in a Virtualised Computing
Security in a Virtualised ComputingSecurity in a Virtualised Computing
Security in a Virtualised Computing
 
What's New at VMware?
What's New at VMware?What's New at VMware?
What's New at VMware?
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affair
 
Cisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepaperCisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepaper
 
Iaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems usingIaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems using
 
IT Infrastructure Management | Defination, Objectives & Strategies
IT Infrastructure Management | Defination, Objectives & StrategiesIT Infrastructure Management | Defination, Objectives & Strategies
IT Infrastructure Management | Defination, Objectives & Strategies
 
Introduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptxIntroduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptx
 
Every cloud has a silver lining
Every cloud has a silver liningEvery cloud has a silver lining
Every cloud has a silver lining
 
Oman logestic company
Oman logestic companyOman logestic company
Oman logestic company
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
 
Cloud Computing - A future prerogative
Cloud Computing - A future prerogativeCloud Computing - A future prerogative
Cloud Computing - A future prerogative
 
Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetTripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheet
 
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud StorageA Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
 
Trusted computing: an overview
Trusted computing: an overviewTrusted computing: an overview
Trusted computing: an overview
 

Deploying Vulnerability Management with QualysGuard

  • 1. © 2013 Host Integrity Systems, Inc. VMS All rights reserved. Host Integrity Systems and the Host Integrity Systems logo are service marks of Host Integrity Systems, Inc. All other trademarks are the property of their respective owners. Classification: //Host Integrity Systems/Confidential - Limited External Distribution. Any unauthorized review, use, disclosure or distribution is prohibited. White Paper: Deployment of Vulnerability Management Host Integrity Systems April 2013 For the full content of this white paper, contact : info@viateres.com OR info@hostintegritysystems.com
  • 2. © 2013 Host Integrity Systems, Inc. 1 VMS Table of Contents INTRODUCTION ................................................................................................................... 2 THE IT SECURITY AND VM CHALLENGE ............................................................................ 2 IT SECURITY PROCESSES AND INTEGRATION OBJECTIVES .................................................. 4 THE QUALYSGUARD BENEFIT ............................................................................................ 5 QualysGuard UI ............................................................................................................ 6 THE DEVELOPMENT PROCESS ............................................................................................. 7 Deliverables................................................................................................................... 8 THE VM PROCESS............................................................................................................... 9 IT INTERFACES AND INTEGRATIONS ................................................................................. 10 Authoritative Data Sources.......................................................................................... 10 QUALYSGUARD VM SERVICE CONFIGURATION ............................................................... 12 Other Configuration Items........................................................................................... 13 CO-MANAGED VM SERVICE............................................................................................. 13 CONCLUSION .................................................................................................................... 15
  • 3. © 2013 Host Integrity Systems, Inc. 2 VMS Introduction IT Vulnerability Management (VM) is one of the key functions within enterprise IT Security. VM monitors and mitigates certain risk vectors affecting the integrity, performance, and purposeful application of IT computing and communication facilities to proprietary operation of the business. Some level of VM is applicable to IT Security within almost every size and type of organization. This VM solution overview is focused particularly to an architecture and implementation integrating external vulnerability assessment services, internal IT computing facilities systems management, and internal IT process aligned vulnerability monitoring and remediation management. The overall strategy for VM design and implementation is centered around Collaboration, Integration and Automation . The characteristic challenges of this IT environment and the benefits of the designed solution are: Large enterprise with many data centers and thousands of IT deployment sites in a multi-national scope. Significant internal and external pressures to reduce IT operational costs. Use of a leading vulnerability assessment service (QualysGuard) for features, ease of deployment, and support. Interoperation with existing platform management systems (server, desktop, infrastructure). VM process integration and IT process alignment via a rich user interface automation system. The described VM solution allows the IT department to deliver expected levels of IT risk management, regulatory compliance, and cost effectiveness to the business. The IT Security and VM Challenge Organizations of every size and in every business environment face some common IT Security challenges in terms of operational needs, threats, and resources: 1. Need for reliable, highly available, secure transaction capabilities for communication and commerce1 . Customers, business partners, and governments universally demand2 this. 2. An almost infinite variety and behavior of IT platforms, communication protocols, applications, system configurations, use modes.
  • 4. © 2013 Host Integrity Systems, Inc. 3 VMS 3. Rapidly and constantly evolving technology and threat profiles coupled with the variable landscape of defensible entry points and perimeters3 . 4. Specific business sector and customer community requirements Ex : Payment Card Industry (PCI) Data Security Standards (DSS) Compliance. The PCI Security Standards Council provides guidance for technology and process to meet requirements for secure and reliable financial transactions. And, finally, IT Security challenges must be addressed with solutions that integrate and support cost effective (profitable) business operations, flexibility, continuity contingencies, and value offered in the market. The IT Security solution set most effectively comes together as an organically engineered and deployed IT Security ecosystem aligned and integrated with overall enterprise IT and business operations. Vulnerability Management and its associated technology enablers automation - is one very key facet of the IT Security solution set. VM automation must be rationalized within enterprise IT operations and integrated into the IT Security ecosystem ; see . Figure 1 - IT Security Ecosystem
  • 5. © 2013 Host Integrity Systems, Inc. 4 VMS Within the context of the IT Security challenges mentioned above and the goal of engineering a VM component for the IT Security Ecosystem we rely on a strategy that combines Collaboration, Integration and Automation CIA . The CIA approach to VM is further detailed in the following sections. IT Security Processes and Integration Objectives Contemporary business environments are highly competitive with significant cost pressure that trickles down to most every internal function and department. This coupled with the multi- faceted ever evolving demands on the IT department lead to some evident requirements for design, deployment, and functionality of the VM sub-function within IT Security. The CIA approach to VM will specifically address these: 1) Collaboration IT staff must be able to use and maintain the VM solution without additional specialized personnel or resources. This boils down to a balance of head count / labor cost, staff tasking load, competency, and availability + flexibility. A beneficial tactic to achieve the balance is to uplift IT staff capability and effectiveness via expertise of an IT Security partner coupled with integration and automation; C+IA. 2) Integration Integrate with and leverage existing IT processes and functions. Maximize use of existing IT computing platforms and services while minimizing implementation of new -off; and some IT Security infrastructure (VM automation) is necessary fo architectures and processes conforming to and complementing the existing IT environment will achieve the desired balance ; C+I+A . 3) Automation Vulnerability problems are often long standing and are certainly ever growing, so a robust VM solution was needed yesterday. We must minimize time to design and implement with an eye to effectively supporting the other two legs of the CIA approach. begin detecting and remediating vulnerabilities real soon. Employing optimal commercial IT security technology is a preferred tactic to minimize time to design & deploy as well as being a capability multiplier for IT staff and processes ; CI+A . Thus, Collaboration, Integration and Automation is the correct approach to leveraging and enabling people + process + technology: ................... snip ......................
  • 6. © 2013 Host Integrity Systems, Inc. 9 VMS The VM Process The VM solution is a composite mechanism centered around the QualysGuard vulnerability assessment and reporting automation tool. Key integrations (inputs, outputs, feedback) with other IT systems and tools make the overall VM solution a semi-automated (low hands-on requirements) daily use tool contributing to IT security awareness and risk reduction. Figure 4 - QualysGuard VM Process
  • 7. © 2013 Host Integrity Systems, Inc. 10 VMS IT Interfaces and Integrations An effective VM solution for the enterprise requires careful consideration of interfaces and integrations with other IT processes and systems. The key systems and interfaces must be identified, accommodated, and usefully leveraged where possible. This VM solution references important IT interfaces as shown in . Figure 5 - VM Interfaces & Coordinations Authoritative Data Sources shows the type of authoritative data sources useful for development and maintenance of QualysGuard (QG) assessment mapping, concurrency with IT network deployment, regulatory reporting, and other business operations needs. Table 2 - Authoritatave Data Sources
  • 8. © 2013 Host Integrity Systems, Inc. 11 VMS The results of QG map scans of the enterprise IP ranges as well as results from periodic QG asset group scans offer opportunities for comparison of discovered hosts and sub-networks with the corresponding known information of the authoritative data sources ( ) . Where there are discrepancies between the QG discoveries and the authoritative data sources a feedback of corrective updates to the authoritative data sources can be implemented. Over time and consistent use of QG, enterprise IT asset and network information can be well refined by the interoperation and feedback loop. QG will increasingly be relied upon as the ground truth while the complementary IT authoritative data sources will become correspondingly reliable due to the corrective feedback. Illustrates the overall operational Vulnerability Assessment process with integrations (inputs, outputs, feedback) to other IT systems. Most stages of this process are directed by asset groups which define the vulnerability scan targets as well as reporting scope.
  • 9. © 2013 Host Integrity Systems, Inc. 12 VMS Figure 6 - VM Process Cycle QualysGuard VM Service Configuration The QualysGuard VM service uses various configuration data sets to produce the operational behavior needed in the VM solution. These are generally one time created items by the VM solution administrator(s) or products of the QualysGuard operations itself. All of this information is both used by QualysGuard as well as reviewed and tuned by the VM solution administrator(s) with continuing operational activities. lists these QualysGuard configuration data sets. ................... snip ...................... For the full content of this white paper, contact : info@viateres.com OR info@hostintegritysystems.com