Qualys Blog

266 posts

Dashboard and Drill-down Reporting in Policy Compliance

With the release of the new QualysGuard UI, Policy Compliance can now stand alone as it own module within QualysGuard.  This focused approach to modules in the new UI makes it easier to consolidate compliance reporting and provide additional capabilities specific to Policy Compliance.  A perfect example of this is the new Dashboard and Policy Summary Report released in QualysGuard 6.22.

Policy Compliance Dashboard

By enabling the new UI in QualysGuard 6.22, Policy Compliance gets its own dedicated Dashboard.

PC Dashboard

This new dashboard summarizes the compliance status across all policies in the subscription in one single view, identifying your top failing technologies that need attention.  In addition, view and access your last scans, upcoming scheduled scans, and latest reports directly from the dashboard.  For more information, drill down into your top failing and passing policies, which opens the new Policy Summary Report.

Policy Summary Report

The new UI also exposes a new tab under Reports called Policy Summary.  This new tab provides a summary of your policy without running template based reports, as required in previous versions of Policy Compliance.  To see the summary, simply select a policy and a trend duration.

Policy Summary

This new summary report provides trending of your pass/fail status, controls, and hosts by policy.  In addition, drill down into your top failing hosts and controls, which opens an interactive report with detailed results.

These new features in QualysGuard 6.22 enhance the reporting capabilities of Policy Compliance and provide a global view of compliance.  To try these new features, simply switch over to the new UI in your subscription.  To see a demo of these new features, please visit the Dashboard video in the QualysGuard Policy Compliance Video Series.

Transporting Policies in Policy Compliance

Have you ever wanted to export a policy from Policy Compliance and import it into another subscription?  Customers with multiple subscriptions and partners have been requesting this capability and with the release of QualysGuard 6.22, their requests have been answered.  With this release, policies can be exported and imported freely.

Why importing and exporting is important?

Policy creation is a key component of Policy Compliance.  It is the policy that sets the expected values to determine overall compliance.  Once a policy is created in a subscription with QualysGuard 6.22, the policy can be easily transported to another subscription and used there.  This makes it easier for partners and customers with multiple subscriptions to fully adopt Policy Compliance.

How to transport policies?

With QualysGuard 6.22, you can now export a policy as an XML file from one subscription and import the policy into another subscription in four easy steps:

  1. Select a policy and click export.
    Policy Export - Large
  2. Save the XML file to your computer.
  3. In another subscription, select New, Import Compliance Policy, Import from XML file.
    Policy Import - Large
  4. Select the XML file on your computer.

New possibilities for sharing policies

In addition to transporting policies for partners and customers with multiple subscriptions, this new capability provides new possibilities for customers to share policies with each other.  It also allows Qualys to share new policies with customers and prospects quickly before they become available in the import library.  Adding policies to the import library requires thorough testing prior to upload.  However, this new feature will allow us to share these policies prior to upload, allowing customers to get a head start on policy creation.

To see a demo of this new feature, please vist the Policy Import and Export video in the QualysGuard Policy Compliance Video Series.