Overview

The Qualys Virtual Scanner Appliance extends the reach of the Qualys Cloud Platform's integrated suite of security and compliance SaaS applications into the internal network of AWS. The virtual scanner appliance brings the highly-automated Qualys Vulnerability Management, Policy Compliance, and Web Application Scanning services deep into the Amazon infrastructure so that your VPC and EC2 Instances can be assessed at close range from trusted devices under your control and protected by your EC2/VPC Security Groups. Customers configure and operate all of the scanner's security services from their Qualys (SaaS) account via a secure web interface or API. Each instance of the Qualys Virtual Scanner Appliance must be associated with a valid Qualys (SaaS) subscription in order to function. It is available for use by licensed Qualys customers and trial users.

Highlights

Flexibility: Qualys Vulnerability Management, Policy Compliance, and Web Application Scanning solutions all served by this single virtual appliance.
Ease of deployment: Tight integration with EC2 allows for touchless provisioning through the AWS Management Console, requiring no console access to the appliance ever.
Security: Operation of the virtual appliance within your own EC2 Security Group definitions allows for programmatic Instance-based traffic control during highly-sensitive scanning operations.

Details

Sold by

Qualys

Features and programs

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Pricing

Qualys Virtual Scanner Appliance HVM

Info

View purchase options

Pricing and entitlements for this product are managed outside of AWS Marketplace through an external billing relationship between you and the vendor. You activate the product by supplying an existing license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. Subscriptions have no end date and may be cancelled any time. However, the cancellation won't affect the status of an active license if it was purchased outside of AWS Marketplace.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

Additional AWS infrastructure costs

Type	Cost
EBS General Purpose SSD (gp3) volumes	$0.08/per GB/month of provisioned storage

Vendor refund policy

Trial Users: Qualys offers free 14 day trials of the Qualys SaaS services (https://www.qualys.com/free-tools-trials/ ) with no commitment required.Licensed Qualys customers should refer to their Service User Agreement (SUA) or contact their Qualys Technical Account Manager if they have questions about refund or cancellation policies which would apply to them.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Version

Delivery details

64-bit (x86) Amazon Machine Image (AMI)

Amazon Machine Image (AMI)

An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

Version release notes

Support for new platform(s)

Additional details

Usage instructions

This AMI is only functional when associated with a subscription to the Qualys (SaaS) service.

A scanner Personalization Code, obtained from your Qualys subscription, must be input as a property during the launch of your new instance.

No direct user interaction with this Qualys Virtual Scanner Appliance is required or possible. The scanner communicates outbound to the Qualys Cloud Platform via an SSL-encrypted channel on port 443. All functionality is managed from your QualyGuard (SaaS) account after scanner deployment

Please refer to the Qualys Virtual Scanner Appliance guide for deployment: https://docs.qualys.com/en/integration/securing-amazon/deploy_sensor/scanner_deployment.htm

Resources

Vendor resources

Qualys TruRisk for Enterprise

Reference: Qualys Virtual Scanner Appliance

Free Trial: Enterprise TruRisk Platform

Support

Vendor support

Qualys' policy is to respond to all Qualys customer cases promptly, within 24 hours. An incident ticket is assigned a priority number based on the nature of the issue. || Service Level Agreement (SLA): https://www.qualys.com/support/sla/ https://www.qualys.com/support/ || support@qualys.com || US/Canada: +1 (866) 801-6161 (toll free) or +1 (650) 801-6161 || UK/Europe/International: +44 800 098 8563 || France: +33 1 41 97 35 81

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

Qualys Gateway Service Appliance

By Qualys

The Qualys Gateway Service Appliance extends the reach of the Qualys Cloud Platform's integrated suite of security and compliance SaaS applications into the internal networks of both Amazon VPC and classic EC2.

View product

Qualys VMDR (US Only)

By Qualys

Qualys VMDR (Vulnerability Management, Detection, and Response) allows you to discover, assess, prioritize in real time across your global hybrid IT environment.

View product

Qualys WAF Virtual Firewall Appliance HVM

By Qualys

The Qualys Web Application Firewall Virtual Appliance extends the reach of the Qualys Cloud Platform's integrated suite of security and compliance SaaS applications into the internal networks of both Amazon VPC and classic EC2 by providing seamless security to resources hosted within AWS.

View product

Qualys VMDR FixIT (US Only)

By Qualys

Risk-Based Vulnerability Management & Patch Management

View product

Customer reviews

Write a review

Ratings and reviews

Info

3.7

3 ratings

5 star

4 star

3 star

2 star

1 star

67%

33%

3 AWS reviews

TiredOf2Stars

Painless

Reviewed on Feb 23, 2023

Purchase verified by AWS

Easy deployment. Deployed this to multiple VPCs and with correct Security Groups it works!
A few steps during deployment can have it connecting out automatically to the console.

PERSCODE= in the User Data field is required for registration.
Make sure your network settings are right(Need that outbound connection to WAN.)
I changed from Magnetic media to GP3 also.

Otherwise it works great!

Quick and simple setup

Reviewed on Jul 28, 2022

Purchase verified by AWS

Launched with default configs, aside from the VPC and network settings, which I changed to a private subnet via NAT gateway.

Really easy to set up - the portal UI gives you a single UUID, you drop it in the user data, and that's it - once launched, it talks to the SaaS API, and appears in your scanner assets. Everything else is done from the SaaS portal.

Must be launched manually

Reviewed on Jun 16, 2021

Purchase verified by AWS

per their docs: "NOTE: At this time, this product instance must be launched using the "Launch with EC2 Console" option."

This flies in the face of everything devops. You can't automate it. I am forced to use this by our secops team. If it were up to me, this alone would be a showstopper.