CISCO Meraki MS 120 - Qualys Vulnerability Scan

Solved
Holiver
Just browsing

CISCO Meraki MS 120 - Qualys Vulnerability Scan

Hello Team,

 

We have a customer that uses CISCO Meraki.

I would like to know if is it possible to perform a Vulnerability Scans using some type of service credential? Authenticated Scan?

1 Accepted Solution
KarstenI
Kind of a big deal
Kind of a big deal

Yes, but it will not be that useful like the scanning of PCs for example.

There is not much to scan for what a login is needed. But it could be HTTP for the status page and SNMP.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

8 Replies 8
KarstenI
Kind of a big deal
Kind of a big deal

Yes, but it will not be that useful like the scanning of PCs for example.

There is not much to scan for what a login is needed. But it could be HTTP for the status page and SNMP.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Holiver
Just browsing

I tried to perform the scan via SNMP but it did not authenticated. 
Is there any configuration that I need to perform on Meraki to enable the Scan via SNMP?
KarstenI
Kind of a big deal
Kind of a big deal

It has to be enabled:

https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/SNMP_Overview_and_C...

You need to enable it for the devices (Network-wide > Configure > General > Reporting), not for the Dashboard.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Holiver
Just browsing

Hi, KarstenI.

The firewall team activated the SNMP settings according procedure, but the vulnerability scan does not authenticate with the community credentials.
Do you know someone who already managed to perform an authenticated Qualys Scan on Meraki via SNMP?

The Qualys Vulnerability Scan is able to peform this Scan on Meraki?
Qualys support/have compatibility to perform this Scan according to Qualys Matrix Support?
Link bellow (Authentication Technologies Matrix):
 https://success.qualys.com/support/s/article/000006761

KarstenI
Kind of a big deal
Kind of a big deal

Sorry, no. I don't have this anywhere running. But you can start troubleshooting by trying to query the device with snmpwalk.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Inderdeep
Kind of a big deal
Kind of a big deal

Yes, as we are using Qualys for all Cisco and Meraki devices as well. Go ahead

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
Holiver
Just browsing

Do you have some process or recommendation related to how to perform a vulnerability Scan?

 

BlakeRichardson
Kind of a big deal
Kind of a big deal

My advice with vulnerability scans is if you don't know how to do these I would approach a company to do this. This information needs to be accurate because if it's not and the customer gets attacked and the cause was something that should have been in your report you could be liable. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.