Deploy Virtual Scanner in IBM VPC Infrastructure Using IBM CLI Tool

 Before starting, set up your IBM CLI environment. For details on IBM Cloud CLI installation and configuration, refer to  Getting started with the IBM Cloud CLI section of IBM documentation. 

 

 

  1. Deploy a Qualys scanner in IBM VPC Infrastructure by using IBM cloud command

    USAGE:

    ibmcloud is instance-create INSTANCE_NAME VPC ZONE_NAME PROFILE_NAME SUBNET (([--pnac-name PRIMARY_NAC_NAME] [--pnac-vni PNAC_VNI | (--pnac-vni-ais false | true --pnac-vni-ein true | false --pnac-vni-auto-delete true | false --pnac-vni-ips VNI_RESERVED_IPS_JSON | @VNI_RESERVED_IPS_JSON_FILE --pnac-vni-name PNAC_VNI_NAME [--pnac-vni-rip PNAC_VNI_RIP | (--pnac-vni-rip-address PNAC_VNI_RIP_ADDRESS --pnac-vni-rip-auto-delete true | false --pnac-vni-rip-name PNAC_VNI_RIP_NAME)] --pnac-vni-sgs PNAC_VNI_SGS [--pnac-vni-psfm auto | enabled | disabled])] [--network-attachments NETWORK_ATTACHMENTS_JSON | @NETWORK_ATTACHMENTS_JSON_FILE]) | [([--sgs SGS] [--rip RIP | (--address ADDRESS --auto-delete true | false --ip-name IP_NAME)] [--allow-ip-spoofing false | true]) | --primary-network-interface PRIMARY_NETWORK_INTERFACE_JSON | @PRIMARY_NETWORK_INTERFACE_JSON_FILE] [--network-interface NETWORK_INTERFACE_JSON | @NETWORK_INTERFACE_JSON_FILE]) [--image IMAGE | (--catalog-offering CATALOG_OFFERING | --catalog-offering-version CATALOG_OFFERING_VERSION) [--catalog-offering-plan CATALOG_OFFERING_PLAN]] [--total-volume-bandwidth TOTAL_VOLUME_BANDWIDTH] [--boot-volume BOOT_VOLUME_JSON | @BOOT_VOLUME_JSON_FILE] [--volume-attach VOLUME_ATTACH_JSON | @VOLUME_ATTACH_JSON_FILE] [--keys KEYS] [--dedicated-host DEDICATED_HOST | --dedicated-host-group DEDICATED_HOST_GROUP | --placement-group PLACEMENT_GROUP] [--reservation-affinity-policy, --res-policy disabled | manual] [--reservation-affinity-pool, --res-pool RESERVATION_AFFINITY_POOL] [--user-data DATA] [--default-trusted-profile DEFAULT_TRUSTED_PROFILE [--default-trusted-profile-auto-link true,false]] [--metadata-service, --ms true | false [--metadata-service-protocol, --msp http | https | --metadata-service-response-hop-limit, --msrhl METADATA_SERVICE_RESPONSE_HOP_LIMIT,MSRHL]] [--host-failure-policy restart | stop]

    [--resource-group-id RESOURCE_GROUP_ID | --resource-group-name RESOURCE_GROUP_NAME] [--output JSON] [-i, --interactive] [-q, --quiet]

    Details of the fields:

    Field

    Description

    Instance_name

    Name of the instance

    VPC

    Name of VPC zone: Name of the zone

    profile

    Name of the used profile

    subnet

    Name of the subnet

    user-data

    Base64 encoded data

    image

    Qualys scanner image
  2. Create a text file containing the PERSCODE and PROXY_URL(optional) information. 

    Place PERSCODE and PROXY_URL on separate lines. 

    Example: 

    Let’s create a user-data.txt file with the scanner’s PERSCODE and PROXY_URL info

    The content of the user-data.txt should look like this. PERSCODE=2098765432102 PROXY_URL=my_user:my_password@10.12.0.13:3128

    If you are not using Proxy , do not add PROXY_URL= in the user-data.txt file.

    This is an example on how to create an instance in IBM VPC infrastructure:

    ibmcloud is instance-create qualys-scanner my-vpc us-south-3 bx2-2x8 --primary-network-interface '{"name": "primary-nic", "allow_ip_spoofing": false, "subnet": {"name":"my_subnet"}}' --resource-group-name my_resource_grp --user-data $(<user_data.txt openssl base64 -A) --image qvsa-ibm-x86-64-3-10-89-1-gen2

Next Step

Step 3: Access your Qualys Scanner on the private network 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.