I am new in this dscussion group.
Please suggest which ports must be open between scanner device VM and acanning Device.
Moved to QualysGuard VM community for better visibility.
- Robert (community manager)
The ports that are scanned/tested are controlled by the option profile that is used. A standard scan will use about 1900 ports, a full scan will check all 65K+ ports on the host. If there are firewalls or other types of filters between the scanner appliance the host being scanned, we recommend white listing the appliance so that the traffic is able to flow uninterrupted.
Would that mean that we need to apply any(protocol and port) rule on the firewall between the VM and the scanned device. If that is the case, this would be a problem because any any rules on firewall should be avoided as possibly as you can.
I beleive there are specific communication port between the VM and the scanner - Please advise. These communication ports and protocol should be seperate from the local scanned ports on the scanned device.
While ANY/ANY rules should be avoided as a general security practice, for a complete security audit to occur (between the scanner and the device) all traffic must be permitted through the firewall. This ensures the most complete picture of the devices being scanned.
These rules can be set to only allow this traffic to start from the scanner to ensure that risk fromt he rule is limted.
If this not possible for policy reasons, we do offer virtual scanners at a reduced cost and each scanner (hardware or virtual) support 99 VLANS each which could allow scanning without a firewall.
Your question is bit confusing. Would you question instead be what ports should be opened between a scanner device and the device that needs to be scanned? Please explain/confirm?
Retrieving data ...