Forum Discussion
Azure Security Center and Qualys
In Ignite 2019 it was announced that ASC (standard tier) now provides vulnerability assessment solution for VMs (using Qualys) with no extra charge: "...we are announcing that the Azure Security Center Standard tier includes built-in vulnerability assessment for virtual machines for no additional fee" (https://techcommunity.microsoft.com/t5/Azure-Security-Center/Ignite-2019-releases-for-Azure-Security-Center-and-Azure/ba-p/975570)
I've tried to deploy the solution by:
- Select the Vulnerability assessment solution should be installed on your virtual machines recommendation in ASC
- Click Install after selecting the relevant VMs
- However, going through the wizard it still asks of a Qualys license code and public key
So what does the "for no additional fee" actually mean? Do you still need some sort of a Qualys license to use this? Or I'm a doing something wrong in the deployment steps?
markus_pitkaranta, the recommendation you've clicked ("Vulnerability assessment solution should be installed on your virtual machines") predates the Ignite announcement. It's the ASC recommendation to setup a vulnerability assessment solution on your VMs.
The Qualys powered extension announced at Ignite is deployed through a new recommendation as described in the new documentation page Integrated vulnerability scanner for virtual machines (Standard tier only).
Incidentally, the relevant recommendation "Enable the built-in vulnerability assessment solution on virtual machines (powered by Qualys)".
Note that the new recommendation is being rolled out gradually so it may not appear in your subscription yet.
I hope this helps.
melvynadamMicrosoft
markus_pitkaranta, the recommendation you've clicked ("Vulnerability assessment solution should be installed on your virtual machines") predates the Ignite announcement. It's the ASC recommendation to setup a vulnerability assessment solution on your VMs.
The Qualys powered extension announced at Ignite is deployed through a new recommendation as described in the new documentation page Integrated vulnerability scanner for virtual machines (Standard tier only).
Incidentally, the relevant recommendation "Enable the built-in vulnerability assessment solution on virtual machines (powered by Qualys)".
Note that the new recommendation is being rolled out gradually so it may not appear in your subscription yet.
I hope this helps.
melvynadam - We are also experiencing various issues with this new plugin. It seems to be working on a few of our instances, but we have several instances, where we have deployed extension, but it is not scanning.
Also - the results are not properly reflected in the Security Center.
We have security center standard tier for all our virtual machines.
- melvynadam
MV_BC, LA1976, and markus_pitkaranta,
The schedule isn't final yet but I'm expecting this new recommendation to be open to all customers in the very near future. I'll update this topic when it's done. Hopefully you'll notice the recommendation in Azure Security Center, before you get an alert from Tech Community 🙂
melvynadam, is there a schedule when the solution becomes available? We have enabled the standard tier and after 2 days still dont see the link in recommendations.
melvynadam, thanks! That clarifies it. In my case, I can see the "new" recommendation in ASC but the status is "N/A". And when I open it, the "Remediate" button is greyed out. But maybe it's because it's being rolled out gradually, as you mentioned.
Hello markus_pitkaranta,
Do you have the standard tier enable for the Virtual Machines on which you want to enable the Qualys VM partner agent? According to Microsoft documentation, you need the standard tier.
https://docs.microsoft.com/en-us/azure/security-center/security-center-vulnerability-assessment-recommendations
Kind Regards,Thomas
