Hot!exempt Qualys scanning

Author
kinmun
Gold Member
  • Total Posts : 209
  • Scores: 4
  • Reward points: 0
  • Joined: 2015/03/04 17:56:59
  • Status: offline
2018/04/18 19:45:47 (permalink)
5 (1)

exempt Qualys scanning

As need to do Qualys vulnerability scanning monthly for PCI compliance. 
how do i disable/exempt Qualys Vulnerability scanner from being detected/drop as Intrusion in IPS.
I have already create IP address exemption, but it still drop the packets.
 

Attached Image(s)

#1

6 Replies Related Threads

    Iescudero
    Silver Member
    • Total Posts : 107
    • Scores: 8
    • Reward points: 0
    • Joined: 2015/01/21 13:34:23
    • Location: Buenos Aires, Argentina
    • Status: offline
    Re: exempt Qualys scanning 2018/04/23 14:08:44 (permalink)
    0
    Hi there Kinmun
    Did you try to add Qualys.Vulnerability.Scanner in your IPS Sensor and added a different action like monitor it?
     
     
    #2
    kinmun
    Gold Member
    • Total Posts : 209
    • Scores: 4
    • Reward points: 0
    • Joined: 2015/03/04 17:56:59
    • Status: offline
    Re: exempt Qualys scanning 2018/04/23 19:07:51 (permalink)
    0
    managed to get it solved
     
    #3
    KenP1314505
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/05/29 05:52:56
    • Status: offline
    Re: exempt Qualys scanning 2019/05/29 05:54:58 (permalink)
    0
    HI ALL Specially Kinmun,
     
    Good day! I want to know How do you managed to resolve the issue?
     
    I am having the same issue but on the FortiAnalyzer, It detects also that qualys is such an IPS attack.
     
    Hope for your immediate response.
     
    Best Regards,
    Kenneth Penafuerte
    #4
    kinmun
    Gold Member
    • Total Posts : 209
    • Scores: 4
    • Reward points: 0
    • Joined: 2015/03/04 17:56:59
    • Status: offline
    Re: exempt Qualys scanning 2019/05/29 18:29:14 (permalink)
    5 (1)
    add this Qualys.Vulnerability.Scanner in your ips sensor.
    action set to monitor
    #5
    KenP1314505
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/05/29 05:52:56
    • Status: offline
    Re: exempt Qualys scanning 2019/06/25 05:42:13 (permalink)
    0
    Hi Kinmun,
     
    Good day! Thank you for your reply! 
    I think the only way to do it is to add into the IPS signature then set action to MONITOR?
     
    I currently enabled IPS filters, then no any IPS signatures enabled or configured.
     
    Please verify.
     
    Best Regards,
    #6
    canexan
    New Member
    • Total Posts : 1
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/07/16 09:18:22
    • Status: offline
    Re: exempt Qualys scanning 2019/07/16 09:19:46 (permalink)
    0
    Yes! Exactly what I was looking for.
    #7
    Jump to:
    © 2019 APG vNext Commercial Version 5.5