In a previous post about Qualys VM I mentioned Qualys Scanner Appliances, which you can use to scan hosts inside your network. Let’s see how to configure and use them.
To add new Appliance go to https://qualysguard.qualys.eu/fo/tools/scannerAppliances.php and press “New”. You can choose a Scanner Appliance (Hardware) or Virtual Scanner Appliance. For testing I would like to have an appliance in form of VirtualBox virtual machine, so I choose “Virtual Scanner Appliance”.
Setup wizard appeared:
I clicked on Download Image Only.
Qualys Virtual Scanner Appliance supports variety of virtualization platforms:
- Standard (OVA)
- OpenStack
- VMware vApp
- Microsoft Hyper-V
- Amazon HVM Machine Image (Pre-Authorized Scanning)
- Amazon HVM Machine Image
- Microsoft Azure Marketplace Image
- Google Compute Cloud Image
I choose standard distribution package for this target platforms:
- VMware vSphere: vCenter Server, ESXi
- VMware Workstation, Player, Workstation Player, Fusion
- Oracle VM VirtualBox
- Citrix XenServer
I imported this package without any problems.
The only thing I changed was network adapter settings. I didn’t want to to deal with the network settings, so I just changed them to “Attached to: NAT”.
Back in Wizard. Click on “I Have My Image”.
Setting the name of the Scanner. Wizard won’t allow you to use the blanks (” “).
And here is what we need to activate our new virtual appliance – Personalization Code.
I boot my virtual machine in VirtualBox.
Personalize this scanner -> Enter personalization code
Virtual appliance connects to remote Qualys Servers and starts updating process.
Some minutes later it will show “Welcome to the Qualys Virtual Scanner Console” screen.
You can see the status of new scanner in the web interface:
And how to scan something with it? Actually, it is completely the same, as with an external scanner. Just select the right appliance in scan settings.
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.
Pingback: Qualys Vulnerability Management GUI and API | Alexander V. Leonov
Pingback: F-Secure Radar Vulnerability Management solution | Alexander V. Leonov
Pingback: Qualys authenticated scanning | Alexander V. Leonov
Pingback: Problems of Vulnerability Prioritization and Detection | Alexander V. Leonov
Good step by step instructions, really appreciate it.
Why u choose the NAT interface ? why not others interfaces ?