Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • user can create the asset group by zone by enabling option 'Asset mapping by zone' and selecting zones they would like Spectre Lumeta to push to Qualys
  • A checkbox will be provided to give user option to map assets by zone. If this checkbox is not checked, user is not using mapping and Spectre Lumeta would fall back to old behavior (all devices will be pushed to one asset group)

  • Get a list of Qualys Network IDs (API - curl call - 

    curl --insecure -v -u"fremn2mh:o39dYnuBog" -H "Content-Type:text/csv" -H "X-Requested-With:LumetaIPsonarIntegration" "https://qualysguard.qg2.apps.qualys.com/api/2.0/fo/network/?action=list" )

  • Add user interface to display
    • list of existing zones
    • list of network IDs that were retrieved from Qualys
    • allow user to map zone to one network ID
    • allow user to save mapping when user click on Submit button.
    • a check box ("Asset mapping by zone") that user can use to enable or disable mapping feature. 
  • Add enhancement to existing logic to push all devices into Qualys asset group as mentioned below
    • Check if 'enable network mapping' is selected
    • If  'enable network mapping' is not selected
      • Continue with default processing (pushing all devices into one Qualys asset group)
    • If 'enable network mapping' is selected
      • Retrieve zone to network ID mapping
      • For the zones that contain this mapping
        • Identify a difference between list of assets for that zone vs assets received from Qualys (There is no change in logic that identifies this diff keeping auto subscribe in mind except it would perform this diff for a particular zone instead of across all the zones)
        • Create asset group by zone. Asset group naming convention: SpectreLumeta_<Zone name>
        • push difference to above asset group

...

Use Case

Expected Result

Asset mapping by zone is checked and zone2 and zone4 are enabledTwo asset groups SpectreLumeta_Zone2 and SpectreLumeta_Zone4 will be created in Qualys and appropriate devices (within those zones) will be pushed to those groups.
Asset mapping by zone is checked and no zones are enabledNo asset group will be created in Qualys and nothing will be pushed to Qualys
Asset mapping by zone is checked and a networkID is selected for Zone3 and enabled checkbox for Zone3 is also checkedAsset group SpectreLumeta_Zone3 will be created in Qualys and appropriate and appropriate devices (within that zone) will be pushed to this group
Asset mapping by zone is not checkedDefault asset group will be pushed to Qualys and all candidate devices (from all zones) will be pushed to this group.

...