Deploying Virtual Scanner Appliance Using the GCP Portal

You can deploy a Qualys Virtual Scanner Appliance in either of the following ways:

Deploying Scanner Appliance from Google Cloud Marketplace (SCP)

  1. Sign in to Google Cloud Platform and navigate to Marketplace.

  2. In the Search box, type Qualys, and then from the search results, click Qualys Virtual Scanner Appliance.

    To query for the latest version of the Qualys Virtual Scanner Appliance image in the  marketplace via Google Cloud CLI, run the following command:

    gcloud compute images list --filter="family=qvsa" --project 
    qualys-gcp-security --sort-by=~creationTimestamp --limit=1 --uri

  3. Click Launch.

    Virtual scanning appliances

  4. Provide the following details for the virtual scanner appliance instance:

    vc_compute_engine

    Refer to the following table for details of the fields and their values.

    Field Values
    Deployment name It is advised to specify the same name that you use on the Qualys Enterprise TruRisk™ Platform while generating a personalization code.
    Zone Select a zone that co-locates the scanner instance with scan target instances. For the scanner to reach other zones, connectivity must be set up with appropriate network configurations.
    Machine type  Select a machine type that offers a CPU-to-RAM ratio of 1:2 (For example, 4 CPUs and 8 GB RAM) or 1:3, depending on available machine types on the cloud platform.
    Personalization code: Provide the 14-digit personalization code generated from Qualys Enterprise TruRisk™ Platform. This is a one-time use code only. To register every new virtual scanner appliance instance, you must generate a fresh personalization code.
    Proxy URL (Optional) Add the proxy server URL to communicate with Qualys Enterprise TruRisk™ Platform via SSL tunneling proxy. We support both IP and FQDN for the proxy server configuration. Specify the proxy server URL as username:password@proxyhost:port

    Syntax for proxy URL
    • If you have a domain user, use this syntax: domain\username:password@proxyhost:port
    • If authentication is not used, use this syntax: proxyhost:port

    where proxyhost is the IP address or the FQDN of the proxy server and port is the proxy port.

    Examples   
    • doe:abc12345@10.40.1.123:3128
    • jdoe:abc12345@myproxy.qualys.com:3128
    Boot Disk

    Do not change the following values unless instructed by Qualys Support:

    Boot disk type: Standard Persistent Disk

    Book disk size in GB: 56

  5. Click Deploy and follow to the section Post-deployment Progress and Monitoring.

Deploying Custom Image on Private Cloud Platforms (PCP)

We can deploy custom Image on private cloud using following ways.

Here you are expected to build a Qualys scanner image specific to your private cloud platform. Do the following:

  1. Download the qVSA image file (tar.gz) by using the SAS link provided by Qualys Operations. For more details, contact Qualys Support.
  2. Create a Google Storage Bucket.
  3. Upload the downloaded qVSA image file to your storage bucket.
  4. Create the Qualys Scanner Image by using the uploaded QVSA Image file (tar.gz) file.
  5. Provide the following details for the virtual Scanner Appliance instance custom image.

    create_image

    Refer to the following table for details of the fields and their values.

    Field Description
    Name Provide a unique name to identify the Qualys Scanner appliance image.
    Source Select Cloud Storage File which allows you to select the Qualys Scanner image file stored in the Storage Bucket. In the following image, qualys-scanner is a bucket name and qVSA-GCE-xxxxxxx.tar,gz is the Qualys scanner image file.

  6. Generate a personalization code. To learn more about generating a personalization code, click Generating a Personalization Code.

  7. Provide the following details for the Virtual Scanner Appliance instance:

    boot_disk_space

    Refer to the following table for details of the field.

    Field

    Values
    Deployment name It is advised to specify the same name that you use on the Qualys Enterprise TruRisk™ Platform while generating a personalization code.
    Zone Select a zone that co-locates the scanner instance with scan target instances. For the scanner to reach other zones, setup connectivity with appropriate network configurations is needed.
    Machine type Select a machine type that offers a CPU-to-RAM ratio of 1:2 (For example, 4 CPUs and 8 GB RAM) or 1:3, depending on available machine types on the cloud platform.

    Boot Disk

     

    Change the boot disk to the newly created Qualys Scanner Appliance image disk.

    Do not change the following values unless instructed by Qualys Support

    Boot disk type: Standard Persistent Disk

    Book disk size in GB: 56

  8. Enter Metadata, PERSCODE and other details.

    metadata_policy
    Refer to the following table for details of the fields and their values.

    Metadata (Optional) You can set custom metadata for an instance or project outside of the server-defined metadata. This is useful in passing in arbitrary values to your project or instance that can be queried by your code on the instance.
    PERSCODE Provide the 14-digit personalization code generated from Qualys Enterprise TruRisk™ Platform. Refer to the section Generating a Personalization Code.
    PROXY_URL (Optional): Add the proxy server URL to communicate with Qualys Enterprise TruRisk™ Platform via SSL tunneling proxy. We support both IP and FQDN for the proxy server configuration. Specify the proxy server URL as username:password@proxyhost:port

    Syntax for proxy URL
    • If you have a domain user, use this syntax:domain\username:password@proxyhost:port
    • If authentication is not used, use this syntax:proxyhost:port

    Where proxyhost is the IP address or the FQDN of the proxy server and port is the proxy port.

    Examples   
    • doe:abc12345@10.40.1.123:3128
    • jdoe:abc12345@myproxy.qualys.com:3128
  9. Click Create.

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.