USE CASE 3: DNS SECURITY EVENTS - INFOBLOX & QUALYS INTEGRATION
Hi There,
The template attached to the post is used in the third use case (security events response) on the video. It requests Qualys to scan an asset in case of security events: DNS Firewall hit or DNS Tunneling detection.
Extensible attributes (Qualys_Scan, Qualys_Scan_Option, Qualys_Scanner) are required and should be defined on a network or range level (depends on an event type):
- Qualys_Scan - perform a scan in case of a security event;
- Qualys_Scan_Option - use a scan option defined in this EA for scans;
- Qualys_Scanner - use a scanner appliance defined in this EA.
You can use attached php script to create these EAs (do not forget to update $NIOS_baseURL, $NIOS_User, $NIOS_PWD, $data variables based on your configuration).
BR,
Vadim
1
Categories
- All Categories
- 5.1K Forums
- 4.6K Critical Network Services
- 463 Security
- Visibility and Insights
- Ideas Portal
- Webinars & Events
- 266 Resources
- 266 News & Announcements
- Knowledge Base Articles
- Infoblox Documentation Portal
- Infoblox Blog
- Support Portal
- 4 Members Hub
- 4 Getting Started with Community
- Community Support