Scan Using Virtual Scanner Appliance

Scanning with virtual scanner appliance involves following sequence of steps.

EC2 Scan Workflow

Qualys provides a special EC2 Scan (and Schedule EC2 Scan) workflow which only works in collaboration with an instance of the scanning virtual appliance AMI. This solution allows on-demand and scheduled scanning in Amazon EC2-Classic and EC2-VPC, without the need for the customer to manually request scanning permission from AWS.

Provide scan settings:

1. Give your scan a title and select the option profile you configured with authentication (required for vulnerability scan).
2. Select the EC2 connector name you configured.
3. For Platform, choose one of EC2 Classic, EC2 VPC (All VPCs in region) or EC2 VPC (Selected VPC). Based on your selection you need to select region(s).
4. Select asset tags - these are assets activated for your connector.

   

5. Choose the Virtual Scanner Appliance AMI you have launched in Amazon EC2.

   

6. Click Launch and start scanning and securing your Amazon EC2 infrastructure.

Before you launch the scan, the EC2 Vulnerability Scan Preview lists all the instances (including terminated instances). However, during the scan all such terminated instances ignored from the scan.

Scanning EC2 Classic Instances

Choose EC2 Classic (Selected Region) to scan EC2 classic hosts in a region. When selected we’ll only scan EC2 Classic instances in the region.

Scanning VPC Instances

Choose EC2-VPC (Selected VPC) to scan only a VPC you select.

Scanning Instances using VPC Peering

Choose EC2-VPC (All VPCs in Region) to scan all VPCs in a region. Select this option ONLY if there is peering between all the VPCs in the region, or you could end up with Host not found errors for instances where your Virtual Scanner Appliances cannot reach them.