qualysguard infoday 2014 - policy compliance

ww

w.r

ac

.cz

Ris

k A

na

lysi

s C

on

sulta

nts

V0

60

42

0

RAC QualysGuard InfoDay 2014

Představení nástroje pro testování politiky (PC)

ww

w.r

ac

.cz

Ris

k A

na

lysi

s C

on

sulta

nts

V0

60

42

0



1. Všeobecný úvod

•

−

−

−

•

−

−

−

−

•

−

−

•

−

−

−

•

−

−

•

−

−

ww

w.r

ac

.cz

Ris

k A

na

lysi

s C

on

sulta

nts

V0

60

42

0



2. Úvod do vytváření politik

Policy Compliance proces

Create UsersAdd Hosts to subscription

Create compliance

Asset GroupsScan Hosts

Create QualysGuard

Policy

Generate Policy Reports

Request Exceptions

• Nejsložitější stěžejní bod – vytváření politik

• Je možné upravovat politiku dodatečně!

Compliance Hierarchya “Top - Down” Approach

Simple Compliance Framework

Procedures and GuidelinesDetail

Policies,Standards,BusinessRequirements

Controls(Manual/Auto)

ProceduresandGuidelines Enforcement

RegulationsFrameworks

SOXHIPAAGLBA

CobiTCOSOISO17799

PCINISTNERC

“Example: Vulnerable Processes must be eliminated..”

CID 1130 The telnet daemon shall be disabled

AIX 5.x Technology Telnet streams are transmitted in clear text, including usernames and passwords. The entire session is susceptible to interception by Threat Agents.

FrameworkLevel

Detailed Technical


•

−

−

•

−

•−

−

•−

•−

•−

•−

−

•−

QualysGuard Policy Creation

ww

w.r

ac

.cz

Ris

k A

na

lysi

s C

on

sulta

nts

V0

60

42

0



Live Demo : Policy editor, ukázka vytváření politik

ww

w.r

ac

.cz

Ris

k A

na

lysi

s C

on

sulta

nts

V0

60

42

0



3. Scan, Reporting

•

•

−

−

−

−

−

−

−

−

−

QualysGuard Policy Compliance Reports

View all results, exceptions, audit trails

Full Policy Report

View where you are successfully authenticating

Authentication Report

Exceptions process for all Failing Controls

Interactive Reports

QualysGuard Policy Compliance Policy Reports

The Report Summary• Pass/Fail Summary - shows passed and failed control

instances

• Pass/Fail and Exceptions Summary - passed and failed

control instances with pending exceptions and passed with

exception status.


• Policy Report

includes compliance

status with a

specific policy

• The report lists the

hosts assigned to

the policy with the

controls tested

• Results are shown

as a passed/failed status

ww

w.r

ac

.cz

Ris

k A

na

lysi

s C

on

sulta

nts

V0

60

42

0


Představení nástroje pro řízení zranitelností (VM)

4. Souhrn

•

−

•

−

−

−

−

•−

−

qualysguard infoday 2014 - policy compliance

Internet