Deploying Qualys Scanner Appliance on Nutanix

Document created by Qualys Documentation Employee on Oct 10, 2019Last modified by Sylvia Ganovska on Oct 11, 2019
Version 2Show Document
  • View in full screen mode

This document describes briefly how to deploy the Qualys Virtual Scanner Appliance on Nutanix Platform. The scanner, once deployed, will function as a Standard Virtual Scanner.

 

Deployment Steps

We'll help you with the following steps:

1) Download the qVSA-2.6.xx-x image (Beta)

2) Unzip and extract the .ova file. The extracted file format will be .vmdk

3) Get a personalization code

4) Upload the scanner image

5) Launch the scanner instance

6) How do I know my Scanner Instance is ready to use?

 

About Managing Instances

Instance Snapshots/Cloning Not Allowed - Using a snapshot or clone of a virtual scanner instance to create a new instance is strictly prohibited. The new instance will not function as a scanner. All configuration settings and platform registration information will be lost. This could also lead to scans failing and errors for the original scanner.

 

Moving/Exporting Instance Not Allowed - Moving or exporting a registered scanner instance from a virtualization platform (HyperV, VMware, XenServer) in any file format to the Nutanix cloud platform is strictly prohibited. This will break scanner functionality and the scanner will permanently lose all its settings.

 

Download the Scanner Image

Qualys will provide you with a link where you can download the image file. The image will be in .ova format and you’ll need to extract the .vmdk file from it. Please note that the qVSA-2.6.xx-x image is a Beta version. 

 

Extract the VMDK file from the OVA file

Follow steps for Linux or Windows to extract the VMDK file.

 

Linux

# tar -xvf qVSA.open-2.6.xx-x.ova

This will generate a file in VMDK format.

qVSA.2.6.xx-x-disk1.vmdk

Upload this VMDK file using Dashboard.

 

Windows

You can install 7-zip or any other extracting tool on the machine.

 

Extract VMDK from OVA

 

After extraction you'll see the VMDK file.

 

Extracted VMDK file

 

Get a Personalization Code

You’ll need a unique personalization code to activate your virtual scanner. You can get this code from the Qualys UI. Log in to the Qualys UI and go to Scans > Appliances > New > Virtual Scanner Appliance. Click Continue in the section “I Have My Image” since you already downloaded the image file from the Qualys provided link. Follow the wizard to give your scanner a name and copy the personalization code. Save the code. You'll need it in a later step.

 

Virtual Scanner Wizard to get the personalization code

 

Upload the Scanner Image

Scanner images can be launched using the dashboard.

 

Upload the Scanner image using dashboard

Go to Virtual Infrastructure > Images. 

 

Images menu option

 

Click the Add Image button.

 

Add Image button in Images section

 

Add the image source - it can either be a link or an image file from the local machine. The format should be VMDK.

 

Then click Save. The Image will be saved, and you’ll see it on the Images dashboard.

 

Image Source options: file or URL

 

Launch the Scanner Instance

Scanner Instances can be launched using the dashboard.

 

Launch the Scanner Instance using dashboard

Go to Virtual Infrastructure > VMs. Then click Create VM. Fill out all the required details. You'll enter a name for your instance, description (optional), and select a time zone.

 

Create VM options for general configuration

 

Select the Compute Details as per requirement

 

Compute Details options

 

Click Add New Disk.

 

Add New Disk link in Disks section

 

Select the Image location and click Add.

 

Add Disk option

 

Select the DISK.

 

Select Type DISK

 

Click Add New NIC to select the network or assign an IP address.

 

Add New NIC button

 

Select the Network which has connectivity from the outside world.

 

Create NIC

 

In the Customization Script, enter the unique personalization code you obtained from the Qualys Cloud Platform.

 

Custom Script

 

Optional: Provide proxy information. We support both IP and FQDN for the proxy server configuration.

 

Custom Script with Proxy URL

 

You can also provide static IP configuration from the custom script. Just follow the format shown below.

 

Custom Script with Static IP configuration

 

In the Customization Script, add the following information:

PERSCODE = xxxxxxxxxxxxxx

PROXY_URL = username:password@proxyhost:port
For static IP configuration use the format shown above.

 

Formatting:
If you have a domain user, the format is domain\username:password@proxyhost:port
If authentication is not used, the format is proxyhost:port
where proxyhost is the IPv4 address or the FQDN of the proxy server, port is the port the proxy server is running on

 

Examples:

jdoe:abc12345@10.40.1.123:3128
jdoe:abc12345@myproxy.qualys.com:3128
ntlm\jdoe:abc1234@10.40.1.123:3128

 

Notes:

- Proxy information can be provided at the time of Instance creation or after launching the Instance.

- You can enter the personalization code even after launching the instance.

 

After all the information is added, click the Save button to create the instance. The instance status will be ACTIVE after it is successfully launched. The scanner will start downloading the latest packages and you can view the install progress from the console.

 

After all the packages are downloaded, the scanner console will display the message “Welcome to the Qualys Scanner Console” with the Appliance name and assigned IP address. 

 

Scanner Console window

 

The scanner console looks like this after being successfully deployed and personalized.

 

Scanner Console success

 

If the personalization code was not provided through the custom script, then you will be prompted to enter it in the virtual scanner console in order to activate the scanner.

 

Scanner Console prompt for personalization code

 

Press Enter and type in your personalization code.

 

Personalize the scanner by entering the code

 

The instance will be active after it has successfully downloaded the scanner packages.

 

How do I know my scanner is ready to use?

Check your virtual scanner status in the Qualys UI. Log in to the Qualys UI, then go to Scans > Appliances and find your virtual scanner in the list. Tip - It can take several minutes for the Qualys UI to update after you add a new appliance. Please refresh your browser periodically to ensure that you are seeing the most up to date details.

 

Appliances list in Qualys UI

Attachments

    Outcomes