End-of-Support Qualys Cloud Agent Versions

Spencer Brown

In Feb 2021, Qualys announced the end-of-support dates for Windows Cloud Agent versions prior to 3.0 and Linux Cloud Agent versions prior to 2.6. Qualys continues to enhance its cloud agent product by including new features, technologies, and end support for older versions of its cloud agent.

Overview

Starting January 31st, 2023, the following platforms and their respective versions will become end-of-support. EOS would mean that Agents would continue to run with limited new features. If there is a need for any Technical Support for EOS versions, Qualys would only provide general technical support (Sharing KB articles, assisting in how to for upgrades, etc.) and not standard technical support (Which involves the Engineering team as well for bug fixes). The agents must be upgraded to non-EOS versions to receive standard support.

End-of-Support versions

PlatformEnd-of-Support agent versions
WindowsPrior to 4.0
LinuxPrior to 3.3
Linux ARMPrior to 3.3
SolarisPrior to 3.3
BSDPrior to 3.3
IBM AIXPrior to 3.3
MacOSPrior to 2.5

Note: please follow Cloud Agent Platform Availability Matrix for future EOS

How to find agents that are no longer supported today?

There are a few ways to find your agents from the Qualys Cloud Platform.

QID 105961 EOL/Obsolete Software: Qualys Cloud Agent Detected

VULNSIGS-2.5.117-2

ML-12.2.62-1

Today, this QID only flags current end-of-support agent versions.  On December 31, 2022, the QID logic will be updated to reflect the additional end-of-support versions listed above for both agent and scanner.

PlatformEnd-of-Support agent versions
WindowsPrior to 2.1
LinuxPrior to 2.0
IBM AIXPrior to 2.0
MacOSPrior to 2.0

Note: There are no vulnerabilities. This is simply an EOL QID. By default, all EOL QIDs are posted as a severity 5.

Search by Agent Version

For example, you can find agents by the agent version number by navigating to Cloud Agent > Agent Management > Agents and using the following search query:

agentVersion<3.3* and operatingSystem:linux

Search by Software Lifecycle Stage

For example, you can find agents by the software name and lifecycle stage by navigating to Global IT Asset Inventory > Inventory > Software and using the following search query:

software:(name:Qualys and lifecycle.stage: ‘EOL/EOS’)

Use Cloud Agent Dashboard

Go to Dashboard and you’ll see widgets that show distribution by platform.

What action do I need to take?

Upgrade your deployed agents

Upgrade your cloud agents to the latest version. See instructions for upgrading cloud agents in the following installation guides: Windows | Linux | AIX/Unix | MacOS | BSD

Tip – All Cloud Agent documentation, including installation guides, online help and release notes, can be found at qualys.com/documentation.

Install the latest version for future deployments

You’ll want to download and install the latest agent versions from the Cloud Agent UI. Please refer Cloud Agent Platform Availability Matrix for details.

Best Practices for Agent Binary Upgrade

1) We recommend customers use the auto-upgrade feature or upgrade agents quarterly:

  • Best: Enable auto-upgrade in the agent Configuration Profile. This method is used by ~80% of customers today. This is the best method to quickly take advantage of Qualys’ latest agent features. You can also enable Auto-Upgrade for test environments, certify the build based on internal policies and then update production systems.
  • Better: Certify and upgrade agents via a third-party software package manager on a quarterly basis. Qualys is working to provide Agent version control from the UI as well where you can choose Agent version to which you want to upgrade.
  • Good: Upgrade agents via a third-party software package manager on an as-needed basis.

2) Qualys highly recommends that customers download and update their Gold Image builds quarterly, even if auto upgrade is enabled in the Configuration Profile.

Why should I upgrade my agents to the latest version?

Beyond routine bug fixes and performance improvements, upgraded agents offer additional features, including but not limited to:

Cloud provider metadata – Attributes which describe assets and the environment in the Public Cloud (AWS, Azure, GCP, etc.)

Enhanced Java detections – Discover Java in non-standard locations

Middleware auto discovery – Automatically discover middleware technologies for Policy Compliance

Support for other modules – Patch Management, Endpoint Detection and Response, File Integrity Monitoring, Security Analytics

ARM support – ARM architecture support for Linux

User Defined Controls – Create custom controls for Policy Compliance

On-Demand Scan – Force agent to start a collection for Vulnerability Management, Policy Compliance, etc.

Multiple proxy support – Set secondary proxy configuration

Unauthenticated Merge – Merge unauthenticated scans with agent collections

If you have any questions or comments, please contact your TAM or Qualys Support.

Share your Comments

Comments

Your email address will not be published.