Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and...
Transcript of Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and...
![Page 1: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/1.jpg)
Qualys Security Conference Dubai
Global IT Asset Management
Siva Mandalam
VP, Product Management, Qualys, Inc.
![Page 2: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/2.jpg)
Qualys Unified IT-IoT-OT Visibility,
Analytics and Control Solutions
April 29, 2019Qualys Security Conference 20192
Visibility
• Managed and unmanaged devices
• Observable and non-observable meta-data
• Hardware, Software, Applications and Traffic
Analytics
• Vulnerability Detection• Policy Detection• Threat Quantification
Automated Control
• Remove unauthorized devices
• Policy based automation• Inline and out-of-band• Integration with Security
and other Qualys tools
Agentless| Agent | Passive | API
![Page 3: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/3.jpg)
Why Visibility? Digital Transformation drives Endpoint Explosion
Digital Transformation
Source: 2018 SANS Survey
![Page 4: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/4.jpg)
Challenges with IT Asset Management
VISIBILITYPOINT
SOLUTIONSNO BUSINESS
CONTEXT
![Page 5: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/5.jpg)
Agentless vs Agent-based
Agentless
• Device Fingerprinting• Data Flows • Application Visibility• Vulnerability for
unmanaged, ICS
• Suitable for unmanaged devices
Agent-based
• Deep-device, software visibility, user info
• Vulnerability Detection• Policy Compliance• Threat Quantification• Suitable for Managed
Devices
Both are critical and have a role to play
![Page 6: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/6.jpg)
Qualys Asset Inventory
![Page 7: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/7.jpg)
Benefits
![Page 8: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/8.jpg)
How is it done?
Physical Scanner
Virtual Scanner
Cloud Scanner
Cloud Agent
Passive Sensor
API
Qualys Sensors
OS/HW/SW
Mfg./owner/product
Market version
EoL/EoS
License type
Vulnerability/PC
Asset Inventory in Qualys Cloud
![Page 9: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/9.jpg)
Use case 1: Global IT Visibility Managed, unmanaged, campus/branch/DC and cloud assets
Use Case Benefits • Illuminate blind spots• Prioritize security programs• Control financial risk with
unlicensed software• Rationalize multiple
products/versions• Share context with ITAM tools
![Page 10: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/10.jpg)
Use case 2: Software Inventory with Rich ContextDatabases, Applications and Security software agents
Use Case Benefits
• Control financial risk with unlicensed software
• Rationalize multiple products/versions
• Prioritize security programs
![Page 11: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/11.jpg)
Use case 3: Endpoint Devices VisibilityManaged and Unmanaged devices
Use Case Benefits
• Devices with Context data • Monitoring Unauthorized
devices• Actionable intelligence for
follow up
* In future release
![Page 12: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/12.jpg)
Case Study: Large Bank uses
Qualys AI to help Stay
Compliant
Qualys Security Conference 201912
“We have regulatory compliance
needs that require us to monitor
unauthorized software, current
versions of DB software, EoL/EoS
software to ensure that we are in
compliance “
Chief Information Officer
April 29, 2019
![Page 13: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/13.jpg)
Case Study: Large Accounting
Firm uses Qualys AI for Unified
Inventory
Qualys Security Conference 201913
“Single unified inventory
management for global assets
across 4000 employees and
distributed offices are required for
us to drive optimizations in
internal processes, including
vulnerability prioritization,
patching/remediation, service
desk etc.“
Security Manager
April 29, 2019
o
o
o
![Page 14: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/14.jpg)
Case Study: Global Technology
Leader uses Qualys AI to
determine Unmanaged devices
Qualys Security Conference 201914
"We’ve not been able to
understand our devices in its
entirety. Qualys AI solution with
complete context for devices are
excellent way to understand
devices, security threats and
prioritize actions "
Security Manager
April 29, 2019
o
o
o
![Page 15: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/15.jpg)
Complete and
clean data to your
CMDB
Certified ServiceNow App Syncs
asset data in both directions.
![Page 16: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/16.jpg)
![Page 17: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/17.jpg)
Passive Network Sensor
(Beta)
![Page 18: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/18.jpg)
Discovery & Profiling
•
•
•
![Page 19: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/19.jpg)
First Phase (Q2/Q3-2019)
Next (Q4/Q1-2019/20)
•
•
Multi-function Passive Sensor
Future use cases
…
![Page 20: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/20.jpg)
Secure Access Control
![Page 21: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/21.jpg)
Use Cases
![Page 22: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/22.jpg)
Use Cases
Managed Assets
System InformationHardware
Operating SystemServices
Network InterfacesOpen Ports
Software InventorySoftware Lifecycle
Secure Zones/subnets
Unmanaged Assets
Block
Allow
Assign VLAN
Assign ACL
Quarantine
![Page 23: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/23.jpg)
Use Cases
http://windowsupdate.microsoft.comhttp://*.windowsupdate.microsoft.comhttps://*.windowsupdate.microsoft.comhttp://*.update.microsoft.comhttps://*.update.microsoft.comhttp://*.windowsupdate.comhttp://download.windowsupdate.comhttp://download.microsoft.comhttp://*.download.windowsupdate.comhttp://test.stats.update.microsoft.comhttp://ntservicepack.microsoft.com
Local Data Center LDC-01 Remote Data Center RDC-01
DHCPServer
DNSServer
Employee Laptop
Vulnerability Found
Enterprise
Remote Office
Windows Update Servers
Active Directory
Quarantine
![Page 24: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/24.jpg)
Use Cases
Managed Assets
Block
Allow
Assign VLAN
Assign ACL
Quarantine
![Page 25: Global IT Asset Management - Qualys€¦ · • Managed and unmanaged devices • Observable and non-observable meta-data • Hardware, Software, Applications and Traffic Analytics](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ed9317e708231d4413be4/html5/thumbnails/25.jpg)
First Phase (Q4’19/Q1’20)•
•
•
•
Secure Access Control
Future use cases
Next Phase (1H’20)•
•