The Dissolvable Agent (Agent) is required for certain scan features.
- A Manager must accept the Agent for the subscription by going to Scans > Setup > Dissolvable Agent, and clicking the Accept button.
- Once accepted, any user with scan permissions can enable the dissolvable agent for their scans by selecting "Enable the Dissolvable Agent" in their option profile (under Scans > Option Profiles).
Vulnerability scans: Windows Share Enumeration
Compliance scans: Windows Share Enumeration | Password Auditing | Detailed Security Auditing for Windows Vista, 7 and 2008
The Agent is required for certain Windows User-Defined Controls, including File Integrity Check, Directory Integrity Check, Directory Search, Registry Key Existence, Registry Value Existence, Registry Value Content Check and Registry Permission Control.
At scan time the Agent is installed on Windows devices to collect data, and once the scan is complete the Agent removes itself completely from target systems. All traces of the Agent are removed automatically when the scan on the host is complete, including removal of the temporary directory.
The Agent is temporarily stored in one of these directories, depending on the OS configuration and CPU of the machine.
32-bit Windows on x86 CPU or 64-bit Windows on IA64 CPU (Itanium):
%windir%\System32\Qualys
64-bit Windows (AMD CPU):
%windir%\SysWOW64\Qualys
The Agent collects information and this is securely transmitted to the scanner appliance using a cryptographically secure protocol. The information is encrypted and integrity-protected and is not stored on the scanner appliance except in memory while the information is processed. The information is discarded securely as soon as it is no longer needed.