You can scan your Google Cloud Compute Engine instances along with all other global elastic cloud and on-premise assets from within the Qualys Cloud Platform. Qualys Virtual Scanner Appliance can be directly deployed from the Google Marketplace.
Scanner deployment involves configuration in Qualys Cloud Platform as well as GCP.
Before we know the steps to deploy a virtual scanner, let's understand the licensing or cost aspect and the deployment recommendations.
Qualys Virtual Scanner Appliance is available as an image at Google Cloud Marketplace, ready for customers to launch onto GCP Virtual Machines. There are two aspects to consider:
Ensure that you use the image available at Google Cloud Marketplace or the Signed URL provided by Qualys for downloadable GCP-specific images. Using images downloaded from Qualys UI are not recommended to be used on GCP.
You need to acquire a Qualys license for each virtual scanner appliance instance that you would like to run. This license is acquired from Qualys, not from GCP, and our scanner appliances are listed at Google Cloud Marketplace with a Bring Your Own License (BYOL) model accordingly. Each Qualys Virtual Scanner Appliance profile that you define in the Qualys Cloud Platform UIĀ consumes a single virtual scanner appliance license. If you delete a virtual scanner appliance profile from your Qualys subscription, that license is freed up and immediately available for re-use. However, the personalization code that you generate to register a scanner appliance can be used only once. For every new virtual scanner appliance, you must generate a new personalization code.
Contact your Qualys technical account manager or Qualys reseller for a pricing quotation or to request evaluation.
For each virtual scanner appliance, virtual machine is launched into one of your own GCP accounts. You are responsible for paying Google for the costs of running the appliance. Those costs include:
The compute capacity charges (i.e., CPU, RAM) are overwhelmingly the largest part of the costs to run an Instance. Note that you may not need to keep your scanner appliances running at all times. Any hours during which your virtual machine is stopped, only per-GB-provisioned storage charges are incurred. For those able to spend a little more upfront, GCP virtual machines can be reserved by financially committing for one or three years to save. However, scanners should be turned on for at least several hours per week in order to ensure that they stay up to date with software and signatures.