Involve security consulting partner for vulnerability assessment on Azure

Microsoft excels at building a solid partnership with service companies around the world. You may not know that on Microsoft Azure, you can involve a security consulting partner to help you perform server vulnerability assessment. Moreover, through Azure Security Center, you receive a recommendation in which you are given the opportunity to allow Qualys to support you.

In this article, we will see how to install Qualys vulnerability assessment so the security company can go to help.

If you want to learn advanced Azure IaaS Defense in Depth with lot of hands-on labs to practice, go order my book here

The first step is to log into the Azure Management Portal ( using your administrator account. From the left panel, click Security Center. Under PREVENTION, click Partner solutions.

From the screen, click recommendations link next to “To deploy a partner solution see…“. Azure Security Center gives you list of recommendations based on its criteria on each resource category. In a single view, you can see not only recommendation for storage, but also server and networking.  One of the ones you would pay attention to is “Add a vulnerability assessment solution“. Click on this recommendation.

On the new blade, select the Azure virtual machine you need to scan vulnerability then click Install on 1 VMs. (The number “1” is based on the number of selected virtual machine”)

On the Add a Vulnerability Assessment blade, click Create New.

On the Create a new Vulnerability Assessment solution blade, click Qualys for Azure. As of this article, there is only one partner being engaged with Microsoft. More partners said by Microsoft will be soon on-boarding Azure.

On the Qualys, Inc. vulnerability management blade, click Sign up for the solution. You are redirected to the Qualys registration account for Qualys solution for Azure. Click Qualys Free Trial and follow registration process to complete.

Enter name of the solution under Name. Subscription is automatically selected. Select Use existing under Resource group Select did-infra-rg from the drop-down list. Select your location under Location.

Login to Qualys portal. Qualys solution for Azure is based on cloud model. Click Modules from the left corner and select Cloud Agent.

On the Cloud Agent page, there are two tabs: Dashboard and Agent Management. Click Agent Management

On the Agent Management page, click Agents Click Install New Agent.

On the New Activation Key page, enter the title of your new activation key. Stick to Vulnerability Management. Click Generate.

Copy the activation key into your secure note. Click Install instructions for Windows under Installation Requirements. Qualys supports not only Windows but other ones as seen below.

Switch to the option Deploying in Azure Cloud. Copy code under License code and Public key which you need to enter in

Go back to Azure and paste copied code accordingly into License code box and Public key. Stick Auto update to allow Azure Security Center to automatically install Qualys agent to be installed on other virtual machines including future ones which it discovers. Click OK.

Wait around 5 – 10 minutes until the agent deployment is complete on your target virtual machine. Once the deployment is finished, Qualys Agent extension is installed on your virtual machine. You can go to the virtual machine and check its extension.

To verify if your setup is correct, open Agent Management page in the Qualys portal. Click Activation Keys.

Click the activation key you just created. On the Key Info View page, click Agents. You can see that your agent host with correct name is added.

You can verify whether Qualys agent is automatically installed on another virtual machine.

You can click on each agent and look for Vulnerability report from Qualys.

You may ask if your virtual machine needs Internet connection. This matter is not disclosed yet but I guess that Microsoft opens a private tunnel to allow Qualys cloud-based agent service to connect to your virtual machine to perform an assessment.

Additional References

Here are some additional references that might be helpful:

This entry was posted in Host Protection, Monitoring & Detection and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.