Configure Asset Groups
Asset groups give you a convenient way to make logical groupings of the assets you want to scan and report on. You can add your assets (hosts, domains, appliances) to multiple groups as needed.
Check out these videos:
Asset groups
How to use asset groups?
What are the steps?
Go to Assets > Asset Groups. Select New > Asset Group. To edit an existing asset group, select Edit from the Quick Actions menu.
Add IPs and domains to the group
It's simple. Go to the IPs section to add IPs and go to the Domains section to add domains. Enter or select the IPs and domains you want to add. You can even copy IPs from another asset group. Then save your group.
Add scanner appliances to the group
By adding appliances you can manage which appliances are used for scanning the hosts defined in your asset group.
You have these options:
1) Scan your asset group using appliances in the group. By default up to 5 appliances will be used, and this can be customized for your account. Learn more
2) Scan your asset group using the default appliance in the group.
Business Info
The business information you provide can be used later when reporting on the hosts in the asset group.
Select a business impact levelSelect a business impact level
The business impact level you select is automatically applied to all hosts in the group. Business impact levels determine which asset groups are most critical to your organization. The higher the impact level, the higher the potential for business loss if compromised. For example, you may apply a higher impact level to a group of Linux servers running mission critical applications than to a group of desktop systems. If you do not assign an impact level to the asset group, then a level of Medium is used by default. (Tip: Managers can customize the business impact titles by going to VM/VMDR > Reports > Business Risk Setup.)
You can update the business impact for the existing asset group by selecting multiple asset groups in bulk.
Valid values are - Medium, High, Low, Minor, or Critical.
The default value is Medium.
Perform the steps to update the business impact.
- Go to VM > Assets > Asset Groups.
- Select the single or bulk Asset Group from the list.
- Click Actions Menu list and select Update Business Impact.
- Select the Business Impact as Low, Minor, Medium, High, or Critical from the list.
Note: The Update Business Impact is always set as Medium by default.
- Click Save.
You can observe the change when you edit the asset group by going to Quick Actions menu list and selecting Edit.
Enter values for Division, Function and LocationEnter values for Division, Function and Location
When generating scorecard reports you can filter the hosts included
in your reports by this business information. For example, only include
asset groups where the Division is set to Finance, or only include
asset groups where the Division is set to Finance and the Function
is On-line Banking.
CVSS Info
If CVSS Scoring is enabled for the subscription, you'll see the option to set CVSS environmental metrics in the Business / CVSS Info section. Your selections will be used in reporting when determining the CVSS score for the hosts in this asset group.
Tell me about CVSS environmental metricsTell me about CVSS environmental metrics
CVSS Environmental Metrics capture the characteristics of a vulnerability
that are associated with the user's IT environment. The values defined
for the asset group apply to all hosts in the asset group.
Collateral Damage Potential
represents the possibility for loss in physical equipment and property
damage. See
possible valuesSee
possible values
Not Defined. Assigning this value to the metric will not influence
the score. It is a signal to the CVSS scoring equation to skip
the metric.
None. There is no potential for loss of life, physical assets,
productivity or revenue.
Low. A successful exploit of this vulnerability may result in
slight physical or property damage. Or, there may be a slight
loss of revenue or productivity to the organization.
Low-Medium. A successful exploit of this vulnerability may result
in moderate physical or property damage. Or, there may be a moderate
loss of revenue or productivity to the organization.
Medium-High. A successful exploit of this vulnerability may
result in significant physical property damage or loss. Or, there
may be significant loss of revenue or productivity to the organization.
High. A successful exploit of this vulnerability may result
in catastrophic physical or property damage or loss. Or, there
may be a catastrophic loss of revenue or productivity to the organization.
Target Distribution represents
the relative size of the field of the target systems susceptible to
the vulnerability. See
possible valuesSee
possible values
Not Defined. Assigning this value to the metric will not influence
the score. It is a signal to the CVSS scoring equation to skip
this metric.
None. No target systems exist, or targets are so highly specialized
that they only exist in a laboratory setting. Effectively 0% of
the environment is at risk.
Low. Targets exist inside the environment on a small scale.
Between 1% - 25% of the total environment is at risk.
Medium. Targets exist inside the environment on a medium scale.
Between 26% - 75% of the total environment is at risk.
High. Targets exist inside the environment on a considerable
scale. Between 76% - 100% of the total environment is at risk.
The following Security Requirements metrics enable users to customize
the final CVSS score, depending on the importance of the affected
host to the user's organization.
Confidentiality Requirement
represents the impact that loss of confidentiality has on the organization
or individuals associated with the organization (for example employees,
customers).
Integrity Requirement represents
the impact that loss of integrity has on the organization or individuals
associated with the organization (for example employees, customers).
Availability Requirement
represents the impact that loss of availability has on the organization
or individuals associated with the organization (for example employees,
customers).
See
possible values for security requirements metricsSee
possible values for security requirements metrics
The possible values that may be assigned to the Security Requirements
metrics are listed below.
Not Defined. Assigning this value to the metric will not influence
the score. It is a signal to the CVSS scoring equation to skip
this metric.
Low. Loss of requirement is likely to have only a limited adverse
effect on the organization or individuals associated with the
organization (for example employees, customers).
Medium. Loss of requirement is likely to have a serious adverse
effect on the organization or individuals associated with the
organization (for example employees, customers).
High. Loss of requirement is likely to have a catastrophic adverse
effect on the organization or individuals associated with the
organization (for example employees, customers).
Learn more about CVSS Scoring
Add hosts by hostname
If you have the Scan by Hostname feature, you'll see the option to add DNS and NetBIOS hostnames to the asset group. Add DNS names to the DNS section and NetBIOS names to the NetBIOS section. Only Managers can edit these sections of the asset group. You must also add a scanner appliance to the group. The scanner appliance must be able to resolve the hostnames in the group to their IP addresses.
Can I also add IPs to the group?Can I also add IPs to the group?
Yes. When the asset group is scanned, all assets in the group will
be scanned, including DNS and NetBIOS hostnames and IP addresses.
Make sure hostnames are formatted correctlyMake sure hostnames are formatted correctly
When you add DNS and NetBIOS hostnames, validation will occur to
make sure the hostnames are formatted correctly. If the hostnames
do not meet the requirements below, then an error will appear. Correct
the formatting and try again.
A DNS hostname must follow the formatting requirements of an FQDN
(Fully Qualified Domain Name). The hostname may include 2 or more
labels separated by a dot. Each label may include up to 63 characters,
including alphanumeric characters and hyphens as long as the label
doesn't start or end with a hyphen. The last label (the one furthest
to the right) must include 2 or more characters and can only be alphabetic
characters.
Here are some examples of acceptable DNS hostnames:
qualys.com
corp.qualys.com
host30-2-100.corp.qualys.com
A NetBIOS hostname may include up to 15 alphanumeric characters
and these special characters:
! @ # $ % ^ & ( ) - _ ' { } . ~
Learn more about Scan by Hostname
See which groups users have assigned
A Manager can see this information when editing an asset group. Go to the Users section, select a user from the list and click the View button to see more information about the user account.
Change the owner
Managers and Unit Managers have the option to change the asset group owner when editing an asset group (not during creation). Edit the group and select a user from the Owner menu. The possible assignees listed in the Owner menu depends on the role of the manager making the change, and the current owner's role and business unit.
See possible ownersSee possible owners
Asset groups may be owned by Managers, Unit Managers and Scanners.
|
User Taking Action
|
Current Owner
|
Possible New Owner
|
|
Manager
|
Manager or Scanner in the Unassigned
business unit
|
Manager or Scanner in the Unassigned
business unit
|
|
Manager
|
Unit Manager or Scanner in a custom
business unit
|
Manager in the Unassigned business
unit
- or -
Unit Manager or Scanner in the same business unit as the current
owner
|
|
Unit Manager
|
Unit Manager or Scanner in a custom
business unit
|
Unit Manager or Scanner in the same
business unit as the current owner
|
Tell me about conflicts with scheduled tasksTell me about conflicts with scheduled tasks
Changing the asset group owner may lead to conflicts with scheduled
tasks. Conflicts occur when an asset group is no longer available
to the owner of a scheduled task with the asset group specified as
the target.
After you save the asset group with the new owner, a confirmation
page appears with messages to assist you in resolving conflicts with
scheduled tasks. Click the View Report button to see a list of scheduled
tasks affected by the change. Then edit each scheduled task to assign
a new target. If the scheduled task is left without a valid target
before the next scheduled run time, then the scheduled task is automatically
deactivated and the task owner is notified by email.
Ownership change from Scanner to Unit Manager or ManagerOwnership change from Scanner to Unit Manager or Manager
After changing ownership from a Scanner to a Unit Manager or Manager,
the new owner may choose to edit the user's account and assign the
asset group back to the user to avoid conflicts.
Ownership change from Unit Manager to ManagerOwnership change from Unit Manager to Manager
When you change the asset group owner from Unit Manager to Manager,
the asset group automatically remains in the business unit so that
users in the business unit can continue using it.
Find the asset group ID
Show the ID column on the asset groups list. Go to the Tools menu above the list (on the right side) and select Columns > ID. You'll also see the ID in the preview pane and in the Asset Group Information page.
Deleting asset groups
Go to Assets > Asset Groups. Select the check boxes for one or more asset groups in the list and then choose Delete from the Actions menu above the list. You'll get a confirmation window with a "View Report" button that lets you see the objects (i.e. business units, scheduled tasks, report templates, etc) that are still associated with an asset group being deleted. We recommend you clean up the objects by assigning new asset groups to them before proceeding. Deleting asset groups could result in empty or invalid business units and report templates. Scheduled tasks left without a target are automatically deactivated at the next scheduled run time.
When Asset Tagging is enabled for your subscription, the system creates an asset tag in AssetView for each asset group in your subscription. You cannot delete system generated tags from AssetView but when you delete an asset group, the corresponding tag is also deleted.
Impact on Business Units when updating/removing asset groups
Keep in mind Managers assign asset groups to a business unit, giving BU users access to the hosts, domains, appliances in these asset groups. BU users (Unit Managers, Scanners, Readers) can create personal asset groups including the hosts, domains, appliances in the BU asset groups.
Changes to BU asset groups impact:
- which assets BU users can see, and
- which assets appear in their own personal asset groups
Add IPs or IP ranges to a new line in an asset group
When viewing the IPs and IP ranges in an asset group, all the details are displayed in a single line. This makes it harder to identify where an IP or IP range starts and ends. Therefore, we have added the Display each IP/Range on new line checkbox. On selecting this checkbox, all IPs or IP Ranges are displayed on a new line.
Quick Links
All About Asset Groups | Organizing Assets | Scanning - The Basics | Scan by Hostname | Configure Business Units