Does anyone know or able is to provide the IP range(s) of Qualys appliances when performing a WaS scan? I'd like to scan an application development environment which is protected by a firewall, therefore need the WaS scanner range.
WAS scans use the same appliances than VM scans, so you can get the range used by Qualys appliances by connecting to your account, and access the About information dialog (Menu Help > About on current platform or bottom-right About link on new platform)
Here is for example the current range used by our scanners on US platform:
Great Thanks for that.... the EU platform has the following information...
- all in 22.214.171.124/20
Is that the lot, and does anyone in Qualys have just the IP address ranges for entry into a firewall inbound rule?
For scanning form our external scanners, I confirm that 126.96.36.199/20 is indeed the only range to allow.
If you have intranet scanners, you will need to allow also traffic to the following servers, as our intranet scanners will connect to them to get their next tasks or return results:
I'm sure you've been asked this a million times so my apologies, but the clients are very concerned about the size of the range. Can this be cut down at all and still be successful?
Our external scanners do not use indeed today the whole range reserved for them, and this latter could be certainly cut down.
Problem would however then occur if you provide a smaller range on your side and we add new scanners that will not be covered by this range. All scans performed using these scanners would therefore not be successful as they will be blocked on your side.
Please explain to clients that this wide range is only reserved for our scanners, and it is provided as is on purpose to ensure that we will be able to scale without asking them to change again their network config.
Let me know if that will answer your clients concerns.