Allow Autobahn Security scanner's IPs to access your network without being blocked by whitelisting the IPs in this article
Whitelisting allows Autobahn scanner's IPs to scan your network without being blocked, ensuring visibility over all your assets. Please select the IPs based on your scanning needs (external, internal, or both).
You need to whitelist these scanning IPs when you:
- Want to run external, internal scans, or a combination of both in Autobahn
- Have strict firewall rules and are using Qualys Cloud Agents
- Want to see more scanning results, but have less of a hacker perspective
Table of content
1. External scanning
Why do we whitelist for external scans?
Firewalls (FWs), Web Application Firewalls (WAFs), Intrusion Prevention Systems (IPS), and other security tools are designed to block suspicious activity. This includes automatically blocking IP addresses that seem to be scanning for weaknesses in your systems. This is a good thing, as it prevents real attackers from figuring out how to exploit your network.
However, for vulnerability management scans, we want the opposite. We need the scanner to be able to see all your devices, services, and potential vulnerabilities - so you can proactively fix these issues in case your security tools are ever breached.
- 18.158.185.55
- 141.144.196.156
- 158.101.209.126
- 64.39.106.0/24 (64.39.106.1-64.39.106.254)
- 154.59.121.0/24 (154.59.121.1-154.59.121.254)
- 139.87.112.0/23 (139.87.112.1-139.87.113.254)
- 2001:978:3C05:4400::/64
-
141.148.228.41
-
141.148.237.26
- 141.148.239.156
- 141.148.247.169
- 141.148.237.16
- 144.21.42.213
- 144.21.34.66
- 152.70.50.73
2. Internal scanning - including Qualys Cloud Agents
To run vulnerability scans on your internal network, whitelist the IPs below for outgoing connections. Then install the probe as detailed on this page. When you utilize Qualys Cloud Agents, the IPs below need to be whitelisted as well: