Qualys Virtual Scanner Appliance Configuration with Microsoft Hyper-V

This document gives detailed deployment instructions for the Qualys Virtual Scanner Appliance in Microsoft Hyper-V Manager on Windows Server versions 2019 and 2022.

Prerequisites

Following are the prerequisites for configuring Microsoft Hyper-V:

Must have downloaded Qualys Virtual Scanner image for Microsoft Hyper-V, qVSA.i386<version>.vhdx.zip (for example, qVSA.i386-2.7.29-2.vhdx.zip).
Must have ‎personalization code that is gnerated from Qualys subscription for a new Virtual Scanner Appliance.

Refer to the article from Microsoft's official website.

Network Requirements

Following are the network requirements for configuring the virtual scanner with Hyper-V:

For single-network scanning, ensure the LAN destination network is configured to allow outbound HTTPS (port 443) access to the Internet for communicating with the Qualys Enterprise TruRisk™ Platform.
‎For split-network scanning, ensure the WAN destination network is configured to allow outbound HTTPS (port 443) access to the Internet for communicating with the Qualys Enterprise TruRisk™ Platform.
‎While conducting a scan, the virtual scanner sends probes to target assets (hosts and web applications, or one of them). The virtual scanner must be placed in a network to access the target assets for scanning.

Get Started

Perform the following steps to configure VSA with Microsoft Hyper-V: