What is the purpose of using a virtual scanner? You can scan virtual machines with your standard scanner. In what situations are virtual scanners better?
Our Virtualized Scanner Appliance has several benefits, it isn't for scanning a virtualized environment it is a Virtualized piece of hardware.
If you cannot ship hardware to a datacenter, because it is unmanned etc... you can connect to the ESXi environment and place a scanner in the environment without a "truck roll".
Additionally, you can place the scanner on a travelling device like a laptop and scan a new environment that has arrived via an acquisition, for instance.
Think of this as an internal scanning appliance, on a virtual hardware platform.
Can you say more about how you "place a scanner in the environment"? Specifically, how does that work? If you have a farm of virtual machines, and you are using an IaaS cloud provider, can you upload the scanner to your virtual farm so you can scan it? If you are using a cloud service provider, you may not always be able to put a scanner in the data center to run scans...it is not the same as if you are co-location hosting customer and they have to let you into your cage or attach your scanner to the right VLAN. I think there might be more uses than just using these for an unmanned datacenter and I'm trying to understand the potential.
The Virtual scanner is no different than our scanner appliance, just that its a software and not hardware. You dont need to run any installation etc, its a pre-configured virtual appliance. Its an image of the actual appliance in a OVA form (if installing in ESX/ESXi). Feature wise, both the Virtual Scanner and our Applinace are almost similar. The Virtual scanner has no physical footprint like our scanner which is nearly a 1U mini chassis.
The virtualized software model can be useful in many ways and has all benefits of virtualisation. You can host the virtual scanner on any standard desktop or laptop running VMware too, however an ESX is standard and preferred. It can be useful to auditors/consultants as they can have it within their laptops. It can run on Vmware workstation, player or ESX/ESXi.
While in a datacenter, we can host in on a supported hypervisor environment , we need not have to place an physical applance that, consumes power etc, and take benefits like fault tolerancy, HA, good BCP/DR startegy, easy backing up the device etc. This will reduce a lot of management overhead too. Of course all of it depends on the quality of your Virtualization infrastructure too.
You're on the right track, lpt. You can absolutely deploy a QualysGuard Virtual Scanner Appliance anywhere that you can deploy any VMware virtual machine on any current VMware product: vSphere ESXi/ESX; vCloud (as Provider or Tenant); Workstation, Fusion, or Player. In addition, an AMI of the appliance for Amazon VPC and EC2 is currently in limited availability (for US East Region), awaiting inclusion into the AWS Marketplace for broad availability in the very near term.
The VMware-based images are packaged as an OVA, allowing for click-through deployments onto VMware products, as well as Oracle VirtualBox. The Amazon AMI is a click-through deployment via the AWS Management Console.
Check out QualysGuard Virtual Scanner Appliance overview for more details.
And the list of potential benefits and use cases for the virtual scanner goes on. A few other characteristics and situations that recommend the use of a virtual scanner appliance:
A virtual scanner can be downloaded and launched within a matter of minutes. Compare that to the shipping, handling, racking and cabling required for a hardware appliance.
VMware vMotion can move it from one host to another while it's still running. Our you can just delete it and recreate it in an entirely different geographic location within a matter of minutes.
Having a "spare" appliance on the local network ready to be launched within minutes simply requires ~250MB of local disk space to host the OVA package. And, of course, you can also always just download the OVA directly from your QualysGuard account, anyway.
The annual subscription price for a QualysGuard Virtual Scanner Appliance (QG-VS) is significantly less than that of a QualysGuard (hardware) Scanner Appliance (QG-SA). Moreover, you're likely to save on rack space, power, and cooling, as well.
Virtualized networks can and will have virtual network enclaves which are not routed to/from or reachable from the physical network. Having a virtual appliance allows you to get scanning access to those isolated virtual networks.
You can scale up the resources for the Enterprise distribution of our virtual scanner appliance to 8 vCPUs x 64GB RAM. The current physical scanner appliance provides 4GB of RAM. This extra RAM can be especially beneficial when executing large scans with our WAS application.
A scenario which is easier to arrive at with the lower-cost and smaller footprint virtual scanner appliance: more scanners configured with more computing horsepower at a lower cost with less datacenter footprint, all scanning in concert. QualysGuard's new scanner services and the microslicing capability (seeMicroslicing Operation and Performance) can be brought to bear at a much lower cost through the use of the virtual scanner appliance.
The virtual scanner appliance isn't just for your own data center, either. You are free to deploy it into a VMware vSphere/vCloud-based IaaS network in which you are a tenant, assuming your IaaS provider's acceptable use policy allows for active scanning within their cloud. In fact, we are working with an IaaS provider right now to add our Enterprise/vApp distribution directly to their vCloud Provider Service Catalog to facilitate faster launching of the appliance by their tenants.
An AMI (Amazon Machine Image) of the virtual scanner appliance is also now ready in limited availability for Amazon VPC and EC2, and will be published into the AWS Marketplace in the very short term.
The AMI distribution of the QualysGuard Virtual Scanner Appliance is now available for all EC2 Regions via AWS Marketplace. For more, check out Reference: QualysGuard Virtual Scanner Appliance.
If you install the Qualys Virtual Appliance in a VMware in the laptop, and connect it to a network without Internet connection, is it possible to perform a scan?
I think it can't be done, please correct if I'm wrong.
If it can't be done, could be possible to connect the laptop to the Internet, configure a scan using Qualys website, schedule it on the laptop, connect the laptop back to the disconnected network, and let the laptop fire up the scan at the scheduled time?
Andrés, this can be done using the Qualys Offline Scanner Appliance.
The following links will help you:
How to configure your Offline Scanner
Offline Scanner Appliance User Guide
Retrieving data ...