You can configure some scanner appliance settings within the user interface. The LAN/WAN network settings are defined using the LCD interface (for a physical appliance) or the virtual appliance console. These settings include IP address, netmask, default gateway and DNS.
Can I change the size of an existing virtual scanner instance? |
|
How do I check the CPU, memory, and region information of an appliance? |
It's easy to find out. Go to Help > Account Info > My Scanner Appliances to see the number of appliances (purchased and activated) for your account. Go to Scans > Appliances to search your appliances and drill-down into appliance details. You can search for appliances that are connected to our cloud platform, busy processing scans and/or have certain settings - like serial number, LAN IP, software version, network and more.
Go to the appliances list (Scans > Appliances) and check your appliance status. You'll see (Connected) next to your appliance when it is ready to process scans. Your appliance must be connected to our cloud platform. If not, you need to troubleshoot the issue before you can start scanning. Learn more
Do you have a new appliance? It can take a few minutes for your appliance to connect to our platform for the first time. You can refresh your browser periodically to be sure you are seeing the most up to date detail.
We perform a heartbeat check every 4 hours on the scanner appliance to ensure it can connect to the Qualys Distribution server URL, which is responsible for automatically updating vulnerability signatures and scanner software.
You receive an email notification when the appliance misses a certain number of heartbeat checks (1-5). The email is triggered when the appliance misses the specified number of heartbeat checks. A Heartbeat miss is considered when the scanner is unable to communicate with the Distribution server URL. It is possible that the scanner is still able to reach the backend scan service, but not the Distribution server URL. You may see the scanner shown as 'Connected' and available for scanning, but the Heartbeat miss email is still triggered if the scanner is unable to reach the Distribution server URL.
To receive the notification: 1) Go to Scans > Appliances and edit the appliance settings, choose the notification and configure the number of missed checks, and 2) Select User Profile below your user name (in the top right corner), go to Options and select "Scanner Appliance heartbeat check".
It is recommended to set the heartbeat missed notification email value to at least "2," which means the email notification will be sent after 2 heartbeat checks have been missed.
Keep in mind that your appliance may come back online after you receive a heartbeat check notification email. If you receive this email, we recommend you investigate further checking and fixing the connectivity between the scanner and the Distribution server URL. You can also verify the appliances list to check the status. If you see (Connected) next to your appliance, then it is ready for scanning, and there's no cause for concern. If you see all your software versions on the scanner are up to date and marked green (Info - Versions) then you can ignore all past heartbeat email notifications.
These indicators tell you whether the appliance is connected and whether it's busy with a scan job.
indicates the appliance is connected to our cloud platform and is ready to perform scans.
indicates the appliance is not connected to our cloud platform and it's not ready to perform scans. Check to be sure your appliance is properly configured and can access our cloud platform.
indicates that the scanner is currently busy with a scan job. See preview pane for available capacity.
indicates that the scanner is not busy with a scan job.
You can edit the appliance settings. Go to Scans > Appliances. Hover over the appliance you want to change and select Edit from the menu.
The title is initially set as is_userlogin, where userlogin is the login ID for the user who installed the appliance. When editing the title a maximum of 32 characters may be used, including: alphabetic characters (upper and lower case), numeric characters (0 through 9), dash (-), underscore (_), and dot (.).
The polling interval, in seconds, identifies how often the scanner appliance polls the platform for new information. The initial polling interval is set to 180 seconds (3 minutes). The polling interval can be 60 to 3600 seconds.
(Applicable only when Asset Tagging is enabled for your subscription.) By assigning asset tags to your appliance you'll be able to use the All Scanners in TagSet option at scan time. This option lets you choose scanner appliances based on asset tags in the scan target. Learn more
If the scanner is part of an Asset Group then we will add the corresponding Asset Group tag to the scanner for you. You cannot add Asset Group tags and Business Unit tags.
Users who are not Managers need to be granted access to an appliance in order to use it. Without access privileges, a user can't launch a scan using the appliance. It's possible for a user with less than Manager privileges to set up and activate an appliance. In this case the user who set up the appliance needs to be granted access to the appliance in order to use it. Learn more
Yes. Virtual scanner instances can be increased in size only up to 16 CPUs and 16 GB RAM.
Instances can only be increased in size; they cannot be reduced back as this may create unexpected functionality issues on the scanner. The virtualization platform will require you to turn off the instance before you increase the size. Recommended increase is 1:2 ratio, 1-CPU, 2-RAM. Any size is accepted within supported range but disproportionate increase will probably be an overkill and may not be useful.
You can now view the CPU, memory, and region information of a scanner appliance in the appliance preview. Click the row for the scanner appliance you're interested in and take a look at the preview pane.
This information helps you know the configuration and capacity of your scanner appliance and ensure the appliance is operating at its optimal level.
Note: To enable this feature for your subscription, contact your Technical Account Manager or Qualys support.
You can see how much capacity is currently using, and how much was used for your scans. Learn more
One of the first tasks that an appliance will do after making initial contact with our cloud platform is to download the most recent software for the scanning engine and vulnerability signatures. Software updates will occur automatically several times a week and you do not need to take any action to receive them. You might see a yellow indicator next to the version - this tells you the appliance does not have the latest software installed. You can click "Update Now" to get the software update or you can wait for the next automatic update.
How long does it take to update the software?How long does it take to update the software?
The time it takes will vary depending on your network load and the download file sizes. Note that scans started before the update completes will run with the older software versions.
Have a physical appliance? The red S2 LED on the front panel of the appliance is lit when an update to the software is in progress. This light turns off when the update is complete.
Yes you can replace an appliance with a new one (if you are a Manager or Unit Manager). First check to be sure the appliance is not currently running scans by checking the activity log (Users > Activity Log). We recommend you wait for scans to complete or cancel them. When you're ready, just go to Scans > Appliances and select New > Replace Scanner Appliance. Learn more
Sometimes a reboot of the appliance is necessary. As a first step, check to be sure there are no scans running on the appliance by checking out the activity log (Users> Activity Log). If there are any running scans, you can wait for them to complete or cancel them. When you're ready to request a reboot, go to Scans > Appliances, edit the appliance and click the Reboot button under General Information.
Tip - While rebooting may necessary at times this can impact our ability to troubleshoot and track down an underlying issue with the appliance, such as its network configuration. Please contact Support if there is a need to reboot an appliance multiple times.
These scanning options can be enabled by editing the appliance settings. Go to Scans > Appliances. Hover over the appliance you want to change and select Edit from the menu.
Interested in running SCAP scans?Interested in running SCAP scans?
Enable the SCAP option under Scanner Options (Manager only). In order to run SCAP scans the appliance must be running Scanner Appliance software version 2.4 or later.
You can enable IPv6 scanning by editing the appliance settings. Under LAN Settings select "Enable IPv6 for this scanner". IP assignment is done through router advertisement if you select "Automatically". You can assign a static IP address instead by choosing "Static". Once configured, scanning traffic will be routed through the LAN interface - LAN IPv4 for scanning IPv4 hosts and LAN IPv6 for scanning IPv6 hosts. Learn more
You can enable IPv6 scanning using the appliance LCD panel. Go to the SETUP NETWORK option and select ENABLE IPV6 ON LAN and press Enter. Once configured, all scanning traffic is routed through the LAN interface and IP assignment is done through router advertisement (a static IP address cannot be configured at this time). Learn more
Don't see these options?Don't see these options?
SCAP and IPv6 scanning must be enabled for your account. Please contact Support or your Technical Account Manager if you are interested in turning on SCAP scanning and/or IPv6 scanning.
These options are not available for offline scanner appliances.
Yes. Go to Scans > Appliances. Hover over the appliance you want to change and select Edit from the menu. You can configure your appliance with multiple VLANs and static routes to support VLAN trunking on the LAN interface for scanning traffic. Once configured, the appliance adds a VLAN tag to all scanning packets following the 802.1Q tagging protocol (the VLAN tag designates which VLAN the traffic should be routed to the hosts being scanned at the switch layer).
Check the requirementsCheck the requirements
- Your appliance must be configured with a static IP address on the LAN interface.
- Your appliance must be running Scanner Appliance software version 2.1 or later.
- VLAN trunking must be enabled for your subscription. Please contact Support or your Technical Account Manager to get this feature.
- All virtual scanners support VLAN trunking except 1) the Amazon EC2/VPC distribution and 2) offline scanner appliances.
What VLAN information is needed?What VLAN information is needed?
VLAN information includes:
IP Address. A valid IP address. The IP address must be unique per appliance. This means the same IP address cannot be defined in another VLAN configuration for the same appliance.
Netmask. A valid netmask.
ID. A VLAN ID. You may specify a number between 0 and 4094, inclusive. The VLAN ID must be unique per appliance. This means the same VLAN ID cannot be defined in another VLAN configuration for the same appliance.
Name. A VLAN name to identify the VLAN configuration in the VLANs list.
What static route information is needed?What static route information is needed?
Route information includes:
Gateway. A gateway IP address. The gateway/target network pair must be unique per appliance. This means the same gateway/target network pair cannot be defined in another static route configuration for the same appliance.
Target. A target network, in CIDR format. The target network must have a valid starting IP address for the target mask provided. The gateway/target network pair must be unique per appliance. This means the same gateway/target network pair cannot be defined in another static route configuration for the same appliance.
Name. A route name to identify the static route configuration in the static routes list.
How many VLANs and static routes can I add?How many VLANs and static routes can I add?
Physical scanners - You can add up to 4094 VLANs to devices with a serial number over 29000 and up to 99 VLANs to devices with a serial number under 29000. All physical scanners support up to 99 static routes.
Virtual scanners - You can add up to 4094 VLANs and 4094 static routes to each virtual scanner as long as you are using the latest appliance software distribution. Previous versions support up to 99 VLANs.
Can I add VLANs using the appliance?Can I add VLANs using the appliance?
Yes however you can add only one VLAN configuration per appliance using the LCD panel (for a physical appliance) or virtual appliance console. Note:
- This VLAN can't have static routes.
- This VLAN can't be viewed or edited within the user interface.
- This VLAN takes precedence. In a case where a user defines a VLAN in the user interface that is identical to a VLAN defined using the appliance, the appliance-defined VLAN will be saved and the user interface-defined VLAN will be ignored.
When you select an appliance in the Scans > Appliances list, the Preview pane appears below the list with more details about the selected appliance. The Preview pane includes "Connected on" and "Verified on" timestamps for the appliance.
Connected on = The last successful polling between the scanner appliance and the platform. If a scanner gets disconnected, this will stop at the timestamp of the last successful scanner poll to the platform.
Verified on = The last sync between the portal UI and the platform. This is not related to the scanner appliance itself.
Polling interval = The polling interval, in seconds, identifies how often the scanner appliance polls the platform for new information. This is the interval between 2 polls. The "Connected on" timestamp should increment by the number of seconds set for the polling interval. The initial polling interval is set to 180 seconds (3 minutes). The polling interval can be 60 to 3600 seconds.