Using Azure Portal GUI to Create Qualys Image and Deploy Scanner

You can use the Azure GUI to to create the Qualys image from a VHD file and deploy the Qualys Virtual Scanner Appliance.

The Qualys qVSA image vhd file should have already been uploaded to your storage container to create an image, see Copying Qualys image into your Storage Account for details.

From the Microsoft Azure Dashboard:

1. Choose Images – Add to create an image.
2. Fill in all the required information for your new image:
   • Name – give a distinct name for your scanner image
   • Subscription
   • Resource Group
   • Location
   • OS Type – select Linux
   • VM Generation – select Gen 1
   • Storage Blob – choose the location of the ‘.vhd’ file that is already copied into your Storage account
   • Storage Type – select Standard HDD
   • Host caching – select Read/Write

   

3. To deploy the Qualys Virtual Scanner Appliance using the image created in the previous step, select the scanner image.

4. Click Create VM.

   
   Create a virtual machine window is displayed

   

To deploy the Qualys Virtual Scanner Appliance using the image created in the previous step, select the scanner image and click on Create VM.

Click Next: Disks+Monitoring:

Subscription

Resource group:

To learn more about resource groups, visit Azure documentation.

1. Region

   Virtual machine name: Virtual machine name must be between 1 and 64 characters long and may contain alpha-numeric characters, dots '.' and hyphens '-' only. It must start and end with an alpha-numeric character.

   Size: Select a VM size to support the workload you want to run; select a size where the number of CPUs to allocated RAM ratio is 1:2, e.g., 4 CPUs and 8 GB RAM, or 1:3 ratio, depending on the platform’s availability.
   
   - Click Next to Disks tab.

   Enabling boot diagnostics is not mandatory for deploying Qualys Virtual Scanners, but it is highly recommended to facilitate troubleshooting scanner issues. A storage account is required to enable boot diagnostics.

   OS Disk Type: Select Premium so that Boot Diagnostics can be enabled.
   
   Click Next to Networking tab.
   
   Virtual network: Select existing or create new virtual network.
   
   Click Monitoring tab.
   Enable Boot Diagnostics.

    

   

   Enable boot diagnostics to troubleshoot issues with your scanner. Diagnostics include log output from the scanner. To learn more  refer to Boot diagnostics section of  Boot diagnostics section from Azure documents.

   Click Advanced tab.

   Click checkbox Enable user data.
   Add PERSCODE and PROXY_URL for proxy configuration in User Data field box.
   

   PERSCODE (mandatory field): 14-digit Personalization Code obtained from Qualys.
   
   PROXY_URL (optional field): used to configure the Qualys Scanner to use SSL proxy for all outbound communication with the Qualys Cloud Platform. We support both IP and FQDN for the proxy server configuration.

   Provide optional proxy configuration in one of the following formats:
   
   <host>:<port> (No auth proxy)
<user>:<password>@<host>:<port> (Auth proxy)
<domain\user>:<password>@<host>:<port> (Auth proxy with domain user)
   
   If validation passes, click the Create.
   If validation fails, correct the fields that are displayed in red.

2. Once Azure completes the deployment, click Go to Resource to access the scanner deployment in your resource group.

   

3. Your scanner updates and connects to the Qualys Cloud Platform. This process may take some time, depending on location. Once connected, you can use your Azure scanner from the Qualys Cloud Platform like any virtual scanner appliance.