I would like to scan my server, but the firewall is doing its job. What IP should I make an exception for when scanning? Thank you!
The IP addresses to whitelist for SSL Labs scanning are listed here:
SSL Labs Known Issues
You can find the IP addresses of the relevant Qualys external scanners that you need to whitelist by logging into your Qualys account and going to the Help -> About menu.
Thank you for your reply. Are you talking about the Help Center tab? If so, I am unable to locate the "about menu".
While in the VM module, click the help tab in the right hand corner and choose About. The ips will be listed under Qualys External Scanners.
My apologies for any confusion. I am talking about the free scanner here: SSL Server Test (Powered by Qualys SSL Labs)
Are you scanning externally or internally. If you have a lot of internal scans you could consider a Qualys Virtual Appliance otherwise you will need to follow the recommendation already given.
Thank you for your reply, will the Qualys Virtual Appliance run on a Win 7 desktop? My scan is internal. Where could I locate the appliance?
You could run it on your desktop. Depends on where you spend your Money. A VM will cost about 1K while the Agents are less.
If you do run the Appliance I would suggest to locate the VM somewhere near an egress point in your network since it will be sending the data to Qualys. The Agents would trickle this information out as well.
I would get your TAM to go over the costs with you.
Better yet install a Cloud Agent!
For internal scans you can find the ip of your scanner under "Scans-> Appliances". I don't know how many scanners are installed in your environment. If it is more than one either locate the scanner you are using by its name or check all of them. Click on the appliance you wish to see and use the "Info" from the "Quick Actions" menu. Then check the LAN and WAN settings in the displayed menu.
Retrieving data ...