Common Questions

Following table includes common questions and there solutions:

Queries

Solutions
Scan Results and EC2 Instance ID EC2 scan results are indexed by EC2 Instance ID. This way we continue to track your assets even when IP address changes occur. When an IP address change is found during a scan you can see the new IP address in your scan results, scan reports and in your AssetView asset inventory, once scan results are processed.

How does EC2 scan job handle Terminated EC2 instances?

We automatically filter out all EC2 instances with a Terminated status from EC2 scans, launched from Qualys VM/VMDR or Qualys PC. This way we don’t attempt to scan dead EC2 instances. Note that the Launch EC2 Scan Preview, which appears after you launch an on-demand EC2 scan, lists Terminated instances since the filtering happens after the scan job is submitted to the Scanner Appliance.

What User Permissions are needed for EC2 Scans?

Managers and Unit Managers can start, schedule and manage EC2 scans using Qualys VM/VMDR and Qualys PC as per their Qualys license.

Qualys VM/VMDR

  • Perform vulnerability scans on EC2 assets
  • Configure Virtual Scanner Appliance (AMI instance)
  • Create or manage EC2 connectors using Qualys AssetView (AV) Qualys PC
  • Perform compliance scans on EC2 assets
  • Configure Virtual Scanner Appliance (AMI instance)
  • Create/manage EC2 connectors using Qualys AssetView (AV)

Unit Manager requirements: IPs for the EC2 environment must be added to the Unit Manager’s business unit by a Manager via asset group. An appliance configured by a Unit Manager must be added to at asset group in the Unit Manager’s business unit by a Manager.

How to view platform provider info on virtual scanner appliances?

You can see the platform provider info for a virtual scanner appliance that has been deployed on Amazon EC2 (or another cloud platform) within your Qualys account. You’ll see this info in the General Information section when you view or edit the appliance (from Scans > Appliances). sa-platform-provider

Troubleshooting connectivity

Qualys Scanner Appliance must make regular connections to the Qualys Cloud Platform over HTTPS. Please be sure to resolve connectivity issues to ensure proper functioning of your appliance.

The Communication Failure message appears if there is a network breakdown between the scanner and the Qualys Cloud Platform. The communication failure may be due to one of these reasons: the local network goes down, Internet connectivity is lost for some reason, or any of the network devices between the scanner and the Qualys Cloud Platform goes down.

The Network Error message indicates the Scanner Appliance attempted to connect to the Qualys Cloud Platform and failed. You can see an error code and description to help you with troubleshooting. Errors can be related to the proxy server and connection errors with Qualys Cloud Platform.

The Qualys Cloud Platform logs results of connectivity checks and overall personalization process on the Amazon EC2 System Console.

If you see 'No connectivity to qualysguard.qualys.com—please fix.' messages, please verify that your VPN Network ACLs and Security Groups allow outbound HTTPS (TCP port 443) access. If you are using a proxy server, ensure that the scanner can reach it and that the proxy server can access the Qualys cloud platform.

 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.