12-30-2019 01:05 AM
12-30-2019 01:05 AM
In Ignite 2019 it was announced that ASC (standard tier) now provides vulnerability assessment solution for VMs (using Qualys) with no extra charge: "...we are announcing that the Azure Security Center Standard tier includes built-in vulnerability assessment for virtual machines for no additional fee" (https://techcommunity.microsoft.com/t5/Azure-Security-Center/Ignite-2019-releases-for-Azure-Security...)
I've tried to deploy the solution by:
So what does the "for no additional fee" actually mean? Do you still need some sort of a Qualys license to use this? Or I'm a doing something wrong in the deployment steps?
12-31-2019 02:30 AM
Do you have the standard tier enable for the Virtual Machines on which you want to enable the Qualys VM partner agent? According to Microsoft documentation, you need the standard tier.
12-31-2019 03:03 AM - edited 12-31-2019 03:15 AMSolution
@markus_pitkaranta, the recommendation you've clicked ("Vulnerability assessment solution should be installed on your virtual machines") predates the Ignite announcement. It's the ASC recommendation to setup a vulnerability assessment solution on your VMs.
The Qualys powered extension announced at Ignite is deployed through a new recommendation as described in the new documentation page Integrated vulnerability scanner for virtual machines (Standard tier only).
Incidentally, the relevant recommendation "Enable the built-in vulnerability assessment solution on virtual machines (powered by Qualys)".
Note that the new recommendation is being rolled out gradually so it may not appear in your subscription yet.
I hope this helps.
01-02-2020 06:55 AM
@melvynadam, thanks! That clarifies it. In my case, I can see the "new" recommendation in ASC but the status is "N/A". And when I open it, the "Remediate" button is greyed out. But maybe it's because it's being rolled out gradually, as you mentioned.
01-28-2020 05:02 AM
@melvynadam - We are also experiencing various issues with this new plugin. It seems to be working on a few of our instances, but we have several instances, where we have deployed extension, but it is not scanning.
Also - the results are not properly reflected in the Security Center.
We have security center standard tier for all our virtual machines.
01-29-2020 06:27 AM
The schedule isn't final yet but I'm expecting this new recommendation to be open to all customers in the very near future. I'll update this topic when it's done. Hopefully you'll notice the recommendation in Azure Security Center, before you get an alert from Tech Community :)
01-29-2020 07:50 AM
@melvynadam- We actually have the options to install/remediate it, but it is just not really working for us.
It is failing on installation of the extension or on collection of data. Currently it is only running properly on 1-2 VM's out of our entire population.