This notice is to inform Qualys Web Application Scanning (WAS) customers that there are new IPs from which WAS scans can originate when scanning external facing applications and APIs.
What Steps Do Customers Need To Take?
Customers are required to add the following external IP addresses to their network devices (firewalls, WAFs, etc) allowlists. Customers only need to add both the Primary IP and Secondary IP addresses based on their Qualys platform. Customers with multiple subscriptions across multiple platforms will need to add all applicable IPs.
|Platform||Primary IP||Secondary IP (Backup)|
|AE Platform 1||188.8.131.52||184.108.40.206|
|AU Platform 1||220.127.116.11||18.104.22.168|
|EU Platform 1||22.214.171.124||126.96.36.199|
|EU Platform 2||188.8.131.52||184.108.40.206|
|IN Platform 1||220.127.116.11||18.104.22.168|
|KSA Platform 1||22.214.171.124||126.96.36.199|
|UK Platform 1||188.8.131.52||184.108.40.206|
|US Platform 1||220.127.116.11||18.104.22.168|
|US Platform 2||22.214.171.124||126.96.36.199|
|US Platform 3||188.8.131.52||184.108.40.206|
|US Platform 4||220.127.116.11||18.104.22.168|
Additionally, when reviewing scan results, scans will have an origination IP of 22.214.171.124.
Will There Be Any Impact To Customers That Do Not Add The New IPs To Allowlists?
Customers that do not add the new IPs to their Allowlists may have their WAS scans blocked by firewalls, WAFs, and other network devices. A blocked scan may result in false negative results or end in scanning errors. To prevent false negatives or scan errors, it is important for all customers to include the new IPs in their allowlists.
Do Customers Need To Remove Current IP Ranges When Updating To The New IPs?
At this time, it is recommended for customers to keep their prior IP allowlists in place in addition to the platform based IPs in the table above.
If you have any questions or concerns, kindly contact your TAM or Qualys Support.