AnsweredAssumed Answered

Rolling through scanning appliances until one reaches its target?

Question asked by Noah Abrahamson on Jun 8, 2017
Latest reply on Jun 9, 2017 by Noah Abrahamson

I have a question about how VM scans are done when multiple scanner appliances are employed in a scan routine, but only certain scanners can actually reach certain IP devices.

 

Let's say I have five Qualys scanning appliances, and my corporate network is segmented into five operational zones. Each zone's networking and firewall configurations permit only one of the scanning appliances through. For example, the "red network zone" is configured to whitelist the scans coming from "red qualys scanner" but deny scans from the other scanners.

 

(Notwithstanding best practices to reduce unnecessary duplicative traffic...) Do I need to specify five discrete scanning jobs, each with the specific target IPs from each zone, matched with that zone's specific Qualys scanner?

 

Or can I have one scan job with all five scanners -- and the failure of one scanner to reach a target IP would mean the next scanner would attempt to scan, and so on, until either all the scanners have been tried or the one of the scanners was able to successfully reach the target?

Outcomes