About the Dissolvable Agent

The Dissolvable Agent (Agent) is required for certain scan features.

- A Manager must accept the Agent for the subscription by going to Scans > Setup > Dissolvable Agent, and clicking the Accept button.

- Once accepted, any user with scan permissions can enable the dissolvable agent for their scans by selecting "Enable the Dissolvable Agent" in their option profile (under Scans > Option Profiles).

Which scan features require the Agent?

Vulnerability scans: Windows Share Enumeration

Compliance scans: Windows Share Enumeration | Password Auditing | Detailed Security Auditing for Windows Vista, 7 and 2008

The Agent is required for certain Windows User-Defined Controls, including File Integrity Check, Directory Integrity Check, Directory Search, Registry Key Existence, Registry Value Existence, Registry Value Content Check and Registry Permission Control.

How does the Agent work?

At scan time the Agent is installed on Windows devices to collect data, and once the scan is complete the Agent removes itself completely from target systems. All traces of the Agent are removed automatically when the scan on the host is complete, including removal of the temporary directory.

Where is the Agent installed?

The Agent is temporarily stored in one of these directories, depending on the OS configuration and CPU of the machine.

32-bit Windows on x86 CPU or 64-bit Windows on IA64 CPU (Itanium):
%windir%\System32\Qualys

64-bit Windows (AMD CPU):
%windir%\SysWOW64\Qualys

Tell me about secure data transmission

The Agent collects information and this is securely transmitted to the scanner appliance using a cryptographically secure protocol. The information is encrypted and integrity-protected and is not stored on the scanner appliance except in memory while the information is processed. The information is discarded securely as soon as it is no longer needed.