Get Started with QGSA-6120-A1
Welcome to the Qualys Scanner Appliance, an option with the Qualys Enterprise TruRisk™ Platform from Qualys, Inc. With the Qualys Scanner Appliance, you can assess internal network devices, systems, and web applications. The Scanner Appliance is a robust, scalable solution for scanning networks of all sizes, including large distributed networks.
It is easy to set up a Scanner Appliance within your network. Let’s get started!
Interested in Virtual Appliances?
Qualys Virtual Scanner Appliance is packaged and qualified for deployment on various virtualization and cloud platforms. If you are interested in adding virtual appliances to your license, contact your TAM or Qualys Support.
Desktop/Laptop: VMware Workstation, Player, Fusion, Oracle VirtualBox
Client/Server: VMware vCenter/vSphere, Citrix XenServer, Microsoft Hyper-V
Cloud: Amazon EC2 - Classic, Amazon EC2 - VPC, Microsoft Azure, Google GCE, OpenStack
Learn more
Qualys Virtual Appliance: Platform Qualification Matrix
Before You Begin, Check Package Accessories
Your starter kit package must contain the following components. If any components are missing or damaged, contact Qualys Support.
- Qualys Scanner Appliance User Guide
- AC power cord
- CAT6 cable
- Rack screws (quantity 4) - 10-32 x 3/4", Phillips, black matte, with washer
- USB-to-RS232 converter cable
Best Practices for Internal Scanning
Here are our best practices related to internal scanning.
Avoid Scanning Through a Firewall from Inside Out
Problems can arise when scan traffic is routed through the firewall from the inside out. That means when the scanner Appliance is sitting in the protected network area and scans a target located on the other side of the firewall. We recommend placing scanner Appliances in your network topology so that scanning and mapping through a firewall from the inside out is avoided if possible. For more information, see Scanning through a Firewall.
Check Network Access to Scanners
Log into your account and go to Help > About in the application. The Scanner Appliances section lists URLs at the SOC (Security Operations Center) for your account/location. Your Scanner Appliances must be able to contact these URLs on port 443. For Private Cloud Platform, the URLs displayed are appropriate to your local on-site SOC. For moremation, see How to check network access to scanners?
Consult Your Network Group for Scanner Placement
It is highly recommended that you work with your network group to determine where to place Scanner Appliances in an enterprise network environment. Some things to consider: place Scanner Appliances as close to target machines as possible, and make sure to monitor and identify any bandwidth restricted segments or weak points in the network infrastructure. Scanning through layer 3 devices (such as routers, firewalls and load balancers) could result in degraded performance so you may consider using our VLAN tagging feature (VLAN trunking) to circumvent layer 3 devices to avoid potential performance issues.