Deploying Vulnerability Management and Policy Compliance on a Global Scale ON TIME – ON BUDGET – ON DEMAND Implementation Best Practices by David French – Technical Account Manager, Qualys Inc. December 2007 Asset groups Used for three main purposes: To Grant Access – Typically based on OS and/or Application To Schedule Scans – Typically based on Network Segments To Facilitate Reporting – Typically based on combinations of the above that comprise