We've been hit with authorized Qualys scans externally and want to block them in the future until we are ready to use them. I see the ip range is 64.39.96.0/20 but it looks like blocking this range would also block nomral internal scanning and functionality.
I found the ip address for
-qualysguard.qg2.apps.qualys.com:443
- qualysapi.qg2.apps.qualys.com:443
- distribution.qg2.apps.qualys.com:443
- monitoring.qg2.apps.qualys.com:443
- scanservice1.qg2.apps.qualys.com:443
Can I block all the other ips or is there a better way to block external scans but keep normal internal scanning functionality?
Thanks for anyone else wondering Support said this is not possible...