Updated Integration - Infoblox Integration with Qualys 9-30-2020
We are excited to announce an update to the Infoblox® integration with Qualys.
By combining Infoblox’s DNS technology with the Qualys Cloud Platform, organizations can automate scanning as new devices join the network, or when malicious activity is detected. Infoblox provides a single source of truth for devices and networks which Qualys can leverage to organize new assets, automate tracking, and generate a detailed view of the network. Additionally, Infoblox’s robust DNS security can be used to inform Qualys of potential infected hosts, which effectively increases the visibility to indicators of compromise. In summary, Infoblox paired with Qualys, allows for increased automation, improved remediation, and a better ROI on both products.
This Integration supports a wide variety of events in IPv4 Only: ADP, Fixed Addresses, Host Addresses, Lease, Network, RPZ, Range, and Tunnel.
The Infoblox Integration with Qualys - Deployment Guide will cover the steps required to properly deploy this integration. Integration templates that are referenced in the deployment guide are attached to this blog post. Templates are in a .json format and are provided “as is”. As always, with any changes to your network, this integration should be fully tested before deploying into a production environment.
The templates require the extensible attributes described in the table below. It is recommended to inherit attributes with the default values from the network view level.
Extensible Attributes |
Description |
Qualys_Asset_PC |
True or False. Defines if an asset should be created in the Qualys Policy Compliance Module. |
Qualys_Asset_VM |
True or False. Defines if an asset should be created in the Qualys Vulnerability Management Module. |
Qualys_Assets_Group |
Defines which Qualys Asset Group the network object belongs to. If the group does not exist it will be automatically generated by Infoblox. |
Qualys_LastScanTime |
True or False. Defines if an asset should be added to Qualys. |
Qualys_Scan |
True or False. Defines if an object should be scanned as a response to a security event. |
Qualys_Scan_On_Add |
True or False. Defines if an object should be scanned when it is added to Qualys. |
Qualys_Scan_Option |
Defines Qualys Scan option profile to be used. |
Qualys_Scanner |
Defined Qualys scanner appliance to be used. |
Qualys_SyncTime |
Internal attribute. Provides the time when an object was synced with Qualys |
Qualys_User_SNMP |
SNMP credentials to be used to scan an object. |
Qualys_User_Unix |
Unix Credentials used to scan an object. |
For more information regarding capabilities and configuration of the Infoblox and Qualys integration, please view the video here: https://www.youtube.com/watch?v=RG07IEDbSUo