AIS Release Notes

January 29, 2026

With this release of Qualys Cloud Agent, we are introducing the following new features and enhancements.

Host Identification Knowledge Base for Accurate Asset Merging

We have introduced a Host Identification Knowledge Base to prevent invalid asset merges caused by shared, virtual, or ephemeral network identifiers such as IP addresses and MAC addresses.

The Knowledge Base applies standards-based intelligence to classify identification attributes before they are used for asset correlation and merging. This ensures that unreliable identifiers are excluded early in the merge workflow, improving asset accuracy across hybrid, cloud, and virtualized environments.

This enhancement eliminates false merges caused by shared virtual interfaces, reused MAC addresses, container bridge networks, and auto-assigned IP addresses.

Key Benefits

  • Improved merge accuracy by excluding unreliable IP and MAC identifiers
  • Reduced duplicate and false asset merges across virtualized and cloud environments
  • Higher ML Merge Agent confidence due to cleaner feature inputs
  • Improved inventory integrity and reduced customer escalations

Standards-Based Global Identification Filtering

  • The Global Knowledge Base (default layer) is built entirely on authoritative networking standards and registries, including IANA, IEEE, and relevant RFCs.
  • This layer automatically excludes globally invalid or non-identifying IP addresses and MAC addresses, such as:
  • Loopback, multicast, broadcast, and documentation IP ranges
  • Link-local and carrier-grade NAT (CGNAT) addresses
  • Virtualized, locally administered, and test MAC address prefixes
  • All rules are standards-driven, auditable, and universally applicable across environments.

MAC Address Classification and Filtering

The Cloud Agent now classifies MAC addresses based on their suitability for host identification.

Physical, hardware-assigned MAC addresses from recognized vendors are retained for identification, while virtual, locally administered, and test MAC addresses are excluded from merge consideration.

This prevents merges caused by shared hypervisor MAC prefixes, container-generated addresses, and infrastructure bridge interfaces.

IP Address Classification Using IANA and RFC Definitions

The Knowledge Base classifies IPv4 and IPv6 addresses using IANA and RFC specifications to determine their reliability for host identification.

Private and unique local addresses are retained for correlation, while link-local, loopback, multicast, broadcast, and documentation ranges are excluded.

This ensures that transient or non-unique IP addresses do not influence asset merging decisions.

Integration with ML Merge Agent

The Host Identification Knowledge Base integrates directly with the ML Merge Agent pipeline.

Unreliable identifiers are filtered before feature computation, allowing ML models to operate on clean, high-confidence data. This improves merge explainability, accuracy, and long-term learning through feedback-driven tuning.

Behavior Changes

There are no behavior changes in this release.

Platform Coverage Support

There is no new platform coverage added in this release.

Issues Addressed

There are no notable issues addressed in this release.

Known Issues, Limitations, and Workarounds

There are no known issues or limitations for this release.

 

© 2026 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: February, 2026