Qualys-New Account Creation
This article serves as a guide for creating Qualys user account for campus partners
- Go to Qualys and login with your NetID
- Click on the User tab
- Click on the "New" drop-down and select "User"
- Fill in the required sections in the General Information tab
- First Name: Requester's First Name
- Last Name: Requester's Last Name
- Title: *
- Phone: *
- E-mail Address: your.own.email.address.goes.here@wisc.edu This is important, this suppresses an email to the user!
- External ID: NetID@wisc.edu
- Skip the Locale tab
- In the User Role tab set the following fields
- User Role: Unit Manager
- Business Unit: Requester's UDDS. You can find this by looking the requester up in the NetID tool if the requester did not provide their UDDS.
- Check and match the requester's UDDS
- Check with someone on the TCD team
- If not sure which UDDS
- In the Permission tab make sure only the following checkboxes are checked
- Manage VM module
- Create/edit remediation policy
- Create/edit virtual hosts
- Create option profiles
- Purge host information/history
- Create/edit authentication records/vaults
- Manage PC module
- Create/edit compliance policies
- In the Options tab select None/Off/No notification for all the radio buttons
- In the Security tab make sure "Enable SAML SSO" is checked. Make sure to hit Save!
- Wait for a Qualys email from support@qualys.com with the subject "Qualys Registration -- Complete" to arrive in your email. This can be deleted once you confirmed you received it.
- Find the user by using the "Search" button
- Find the user by using the Name search box
- Click on the user you just created. Make note of the Business Unit value, you will need this later.
- Click on the down arrow to open the "Quick Action" menu and select the "Edit" option
- Update the Email Addresses field with the requester's email
- Click on the "Module" drop down. Scroll to the bottom and click on "Administration"
- Find the user by typing in "First" and chosing the "First Name" option and hitting Enter. Then put in the user's first name that you just created.
- Find the user in the list below. If the user does not show up, wait 30 minutes and try again. Click the down arrow to open the "Quick Action" menu and select "Edit"
- Navigate to the Role Scope tab and click on the "Remove All" in the "Assigned roles" box
- Find the following one roles in the "Unassigned roles" box and click on "Add"
- 10 - UW Unit Manager
- In the "Edit Scope" section, click on "Select." In the search box type in the A#### of the Business Unit to search. IF there is a BLUE tag or a tag that ends in "-CA" that matches the Business Unit then click on that tag.
- Hit Save!
- Send a Cybersecurity Formatted email via WiscIT by either responding to the WiscIT incident or creating a new incident if there is no existing WiscIT incident
- Subject: Qualys Account Set up Notification - {fullname}
- Service: Vulnerability Management
- Category: Qualys
- Subcategory: New Account
- Requestor: Requester's Name
- Description and Body of Email:
Hello {first_name}, Thank you for reaching out to the Office of Cybersecurity. I have completed setting up your Qualys account as a Unit Manager of {businessunit} business unit. Please use the following URL to log into Qualys: https://wiscan.services.wisc.edu/wisc NOTE: Qualys is only available while on WiscVPN or Departmental VPN. Qualys is supported by NetID authentication, you will login with your NetID credentials. Here is additional information to assist you to get started with Qualys: Qualys Free Training (Self-paced Online): https://kb.wisc.edu/internal/page.php?id=75004 UW-Madison Qualys Administrator Teams Channel: https://teams.microsoft.com/l/team/19%3a44142e83f7cf423bab4479884f6d7c8a%40thread.tacv2/conversations?groupId=33b4a251-3d18-490e-a7fa-b595d4b46001&tenantId=2ca68321-0eda-4908-88b2-424a8cb4b0f9 Personalized overview of Qualys console and/or review vulnerability data for your department: cybersecurity@cio.wisc.edu USER GROUP: Please consider joining the UW-Madison Qualys administrator's user group. As a member of the group, you'll be emailed when significant updates are being made to UW's Qualys subscription. In addition, being a part of the group will grant you access to a Teams channel where you can post questions or collaborate with other members. Please email cybersecurity@cio.wisc.edu if you'd like to be added to the group. Please email cybersecurity@cio.wisc.edu if you encounter any issues. Thank you kindly, {Your Name Here} Office of Cybersecurity
FAQ
- The requester's UDDS does not exist in the drop-down
Please escalate the WiscIT incident to Security-Tools team. - For CSOC staff setting up accounts, if the "External ID" field is not editable for you, send a message in the Student Ops Chat to notify an FTE.
FTE - Please chat Jennifer Kuo via Teams and request "Manage external IDs for users" permission be enabled for your Qualys account.