Secure Your Defense-in-Depth Strategy To Combat Layer 7 DDoS Attacks

Wilson Ortiz

Last updated on: March 22, 2023

Qualys’ security team has observed a rapid increase in volumetric application-layer attacks on our services due to changing threat landscapes. Our security team constantly updates and enhances its defense-in-depth strategy in response to such volumetric and evolving threats.

To combat layer 7 DDoS (Distributed Denial of Service), we are adding another layer of protection beyond our perimeter, capable of handling TBs of volumetric attacks and improving the overall availability and security of our cloud platform and services. Moreover, this enhancement will allow Qualys’ security team to prevent future service disruptions.

When this enhancement goes live, you’ll need to do the following to access the cloud platform:

These IP addresses must be whitelisted on your proxy, web gateway, or firewall:

162.159.152.21 and 162.159.153.243

As per the schedule below, the enhancements will be rolled out phase by phase across pods (data centers). You will receive an email from Qualys before your POD is enhanced.

Need more insights! Please refer to the commonly asked questions.

Here is where you can check your POD status: https://status.qualys.com/

POD NameRelease DateExpected Implementation Date
US POD 037-Apr-2306:00 AM – 08:00 AM UTC
US POD 0210-Apr-2306:00 AM – 08:00 AM UTC
US POD 0117-Apr-2306:00 AM – 08:00 AM UTC
CA1 POD24-Apr-2306:00 AM – 08:00 AM UTC
EU2 POD 22-May-2303:00 AM – 05:00 AM UTC
EU1 POD 18-May-2303:00 AM – 05:00 AM UTC
AE1 POD15-May-2316:00 PM – 18:00 PM UTC
AU1 POD22-May-2316:00 PM – 18:00 PM UTC
UK1 POD30-May-2319:00 PM – 21:00 PM UTC
IN01 POD5-Jun-2315:00 PM – 17:00 PM UTC
Show Comments (4)

Comments

Your email address will not be published. Required fields are marked *

  1. Are you going to release guidance on how this will actually work? It’s my understanding of Cloudflare that your customers shouldn’t have to make any changes with you utilizing their services. Is this change just impacting users of the UI and / or API or does it impact Agents as well?

  2. What is the impact to customers if we don’t do this? Would this block agents from connecting to the cloud? Will it block GUI access? What about 3rd party integrations? Please explain this better so we can justify the change control on our end.