Appendix A: Predeployment Checklist

Virtual Scan Appliance

You must complete all the actions in this checklist before Veracode can help you deploy your VSA.

For each VSA implementation, ensure you have:
  • Installed OVA on ESX Server or VMware Player in your network.
  • Confirmed that all web applications you want to scan are accessible from the network where the VSA is deployed.
  • Whitelisted https://jobservice.veracode.com and its IP address, 192.157.28.50, to ensure Veracode is never blocked.
  • Confirmed using a wget call that from the network where the VSA is deployed you can access https://jobservice.veracode.com/mastercontroller/api, 192.157.28.50, outbound over port 443 using HTTPS. You may need to configure your firewall to do this.
  • Confirmed, if not using a midpoint, that by pinging from the network where the VSA is deployed, you can reach corpvm-repo-1-public (192.157.28.52). The host is not currently resolvable through DNS, therefore, you must add it to /etc/hosts on the proxy. You must ensure that traffic to this host is allowed on port 443.