Application Configuration
Click to view navigation pane

Home

Application Configuration

You can enable one or more of the following applications for the Cloud Agents using this configuration profile. To enable an application for the configuration profile, set the toggle to ON.

Note: Patch Management (PM), File Integrity Monitoring (FIM), and Endpoint Detection and Response (EDR) are enabled by default. 

Application configuration screen.

Enable Patch Management

To enable Patch Management (PM), set the toffle to ON. You can select the Limited or Unlimited cache size for Patch Management (PM). The cache size determines how much space is allocated to store the downloaded patches on a host. If you select the limited cache size then enter the value between 512 - 10240 MB.

Note: The cache files are cleared after the Cloud Agent deployment.  

Enable File Integrity Management

To enable File Integrity Management (FIM) for this configuration profile set the toggle to ON and provide the following values:

- Max. Event Log Size (10 - 10240 KB): Maximum payload size to transmit to the Enterprise TruRisk™ Platform.

- Payload Threshold Time (30-1800 seconds): Maximum time between FIM payloads sent to the server.

- Max. Disk Usage for FIM (100 - 2048 MB): Maximum disk usage to store FIM data.

- Data Collection Interval (240 - 43200 Min): The time lapse between the completion of the previous scan and the start of the new scan. This feature is available only for Cloud Agent for AIX.

Enable Endpoint Detection and Response

To enable End Point Detection and Response (EDR) for this profile sitch the toggle to ON and set the following values:

- Max. Event Log Size (10 - 10240 KB): Maximum payload size to transmit to the Enterprise TruRisk™ Platform.

- Payload Threshold Time (30-1800 seconds): Maximum time between EDR payloads sent to the server.

- Max. Disk Usage for EDR (100 - 2048 MB): Maximum disk usage to store EDR data.

Enable Extended  Protection and Response

The Qualys Extended Detection and Response (XDR) allows to collect the event data from various assets using Cloud Agents. You can also configure the XDR to collect third-party logs to extend detection.

Enable Secure Access Control

Secure access control allows only authorized users to access your agent host data based on their user roles.

Enable Qualys Anti-Malware Protection

Set the Enable Qualys Anti-malware Protection for this Profile toggle to ON to enable Qualys Anti-malware protection for the profile. The integrated Anti-malware protection feature gives you real-time malware detection capabilities and protection against the latest threats.

Note: The Anti-malware Protection (EPP) works independently of the Endpoint Detection and Response (EDR). You can enable Anti-malware protection for your Cloud Agents even if the EDR is disabled.

Third-Party Anti-malware Removal Tool

The Third-Party-Anti-malware Removal tool detects the presence of any third-party applications on the system and removes them. This tool is enabled by default, while creating a new configuration profile for Endpoint Protection Platform (EPP) enabled Cloud Agents. To disable it unselect the Third-Party-Anti-malware Removal tool checkbox.

Note: Ensure that the Anti-malware Protection feature is enabled for your profile to access this tool.

Add Exclusions

Provide the list of third-party applications that you want to exclude from uninstallation by the Third-Party Anti-malware Removal Tool.

Ensure that application names are entered in a comma-separated list.

Next Step: Agent Scan Merge