Whitelist Qualys Scanner - F5 Big-IP VE

Question

I have searched around F5 DevCentral and forums, but can't find an answer, so apologies if I'm asking a question that has already been asked.
We are being scanned for PCI compliance by Qualys, and we are getting a fail for 86732 - Exhaustive Web Testing Skipped.  Qualys have reduced the bandwidth setting, but still getting the fail.
We have a Big-IP VE, running APM.  I've had a look through and cannot see an obvious way for me to whitelist the source address on the existing VIP facing the Internet.  I have seen articles about ASM, but we do not have ASM.
Can anyone point me in the right direction?  Any help appreciated.&nbsp;

boneyard · Answer

this is perhaps clear to you but what does this actually mean: "86732 - Exhaustive Web Testing Skipped"?&nbsp;
do you want the Qualys scanner to bypass the APM authentication? does it even authenticate now?&nbsp;
you could setup another VIP without APM profile and put a source for the Qualys scanner IP, would that be enough?&nbsp;

Forum Discussion

Whitelist Qualys Scanner - F5 Big-IP VE

1 Reply

Recent Discussions

[ASM] - what is "Browser Challange file" ?

Rewrite uri translation not working

no available managed rule groups for Israel il-central-1

About shun list for L7 DDoS?

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Reviewing vulnerability scanner results for an APM protected Virtual Server - part two

Global Blacklist or Whitelist

Nessus 6 XSLT Conversion for ASM Generic Scanner Import

Whitelist certain inbound IPs