Deployment and configuration for Qualys

This module provides the steps to deploy and configure the BigFix Insights for Vulnerability Remediation solution.

About this task

To install and configure BigFix Insights for Vulnerability Remediation service, perform below steps:

Note: To use the latest release build, the old version must be uninstalled.

Note: Before deploying IVR, ensure that API access is granted in your Qualys account. For more information, refer to the Troubleshooting Qualys API

Procedure

Enable a content site.

Navigate to BigFix License Overview Dashboard. In Compliance/Lifecycle panel, click Enable BigFix Insights for Vulnerability Remediation Fixlet to gather the required content.

Note: Refer to the following link for more information about License Overview dashboard.
Subscribe computers to the site. It is recommended to subscribe to All computers. For more information on Computer Subscriptions Tab refer to the link.
Activate the analysis.

Status of the analysis should be Activated Globally.

Note: Refer to the link to learn more about Computer Subscriptions Tab.
Deploy the solution to the target server.
1. Click Deploy Insights for Vulnerability Remediation Fixlet in the BigFix Insights for Vulnerability Remediation external site.
2. Fill in the blanks in the description panel and Take action to deploy the IVR services.
  Please provide:
  - Deployment Options:
    
    Installation path
  - Configure Insights Database
    
    Database Hostname - the hostname, DNS name, or IP address for the Insights Database
    
    Database - database name
    
    Account - the user name for the BigFix Insights Database
    
    Password - the password for the user name specified above
  - Configure IVR ETL
    
    Vulnerability Import Schedule - ETL schedule for Vulnerability data uses Cron Time String Format. Refer to the link to find out more about the Scheduler
  - Configure Vulnerability Management Datasource:
    
    specify the VM Platform
    
    Connection String - the URL to the Vulnerability Management Platform
    
    Account - the user name for the Vulnerability Management Platform
    
    Password - the password for the user name specified above
  To provide proxy details click on Advanced Settings. This option is not mandatory.
Note: Please note the following pre-requisites:
- Microsoft Visual Studio C++ Redistributable 2012:https://www.microsoft.com/en-in/download/details.aspx?id=30679
- Microsoft ODBC Driver 17 for SQL Server: https://www.microsoft.com/en-us/download/details.aspx?id=56567
  
  https://www.microsoft.com/en-us/download/details.aspx?id=56567
  The Fixlet will attempt to deploy the pre-requisites automatically.
Warning: Do not deploy the BigFix Insights for Vulnerability Remediation Service to more than 1 machine.

Warning: Do not have more than 1 dataflow per IVR Service.
Select target devices and click OK. Wait for the deployment to complete.

Status should show 100% completed.
If Start services option was selected in the Description panel BigFix Insights for Vulnerability Remediation service should be present and in Running state in the Services. Otherwise, the BigFix Insights for Vulnerability Remediation service must be started manually. This indicates deployment is completed. Depolyment can be checked in the log file: install.log.

Refer to the following link to learn more about other IVR Tasks.