Create a Qualys Containerized Scanner

This section provides detailed procedures for creating a Containerized Scanner. Before creating a Containerized Scanner, ensure that all the prerequisites are met.

Docker Host System Requirements

To manage and run QCSA Qualys Containerized Scanner Appliance efficiently, the following requirements must be met:

  • Linux host must have a 64-bit kernel version 3.10 or newer installed.
  • Linux host must have at least 4 CPU Cores and 16 GB RAM memory.
  • Linux host must have docker services provided by Docker Engine, installed, enabled, and actively running.
  • Linux kernel of Docker Host should support IA32 emulation. You can check and verify all supported kernel configuration with their default state at kernelconfig.
  • Docker backing filesystem must have a minimum of 100GB of storage available on the Linux host.
  • Docker backing filesystem must have File-locking support.
  • Docker must have Bridged networking.

 We recommend using Docker Engine for all QCSA Containerized Scanner operations. We do not recommend using podman-docker.

For details on the docker setup, refer to the official Docker ipv6 documentation's Install Docker Engine section. In the documentation, choose the correct Linux OS version to get the steps for Docker configuration.

Pre-requisites

The following are the pre-requisites for creating containerized Scanner:

  • Obtain a personalization code from your Qualys subscription and set the scanner name to the Containerized Scanner name.
  • Must have privileged user access with 'sudo' permissions on the Docker host.
  • Download and configure the QCSA image on the Docker Host. For details, refer to QCSA Image Configuration.
  • Create a directory on the Docker host to store the licensed Qualys Engine software and its sensitive scan data (Shared Space), for example, /usr/qualys/common.
  • Create a directory on the Docker host for container-specific security keys and tokens (Private Space), for example, /usr/qualys/private. This directory is used to host subdirectories named after personalization code used for Containerized Scanner.

Quick Steps to Create a Containerized Scanner

Perform the following steps to create a Qualys Containerized Scanner:

  1. Configure QCSA Image.
  2. Generate Personalization Code.
  3. Get Qualys URL.
  4. Create Containerized Scanner.
  5. Custom Parameters for Containerized Scanner.
  6. Understand the logs in Containerized Scanner.
  7. Stop and Re-create Containerized Scanner.
  • Every containerized scanner requires a unique personalization code.
  • Containerized scanners can be terminated and restarted with the same personalization code after use.

Next Step

Configure QCSA Image

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.