The Greenbone hardware appliances have more than one Ethernet interface.
Can I choose which hardware instance interface to use for a scan task, or can I configure an interface as a separate virtual sensor?
For example, I want to scan network “x” via port eth2 and, for comparison, via port eth3. To see what vulnerabilities are detected through the firewalls and across the different network routes.
Do I need to plan additional hardware for this scenario?
I don’t think this topic is mentioned in the documentation. However, this section covers configuring the network settings. Maybe the “Configure VLAN interfaces on this device” or “Configure the Routes for this device” allow you to select specific ports for scanning particular hosts, IP ranges, or VLANs.
I have not seen any options in the web-interface scanner setting that would allow this.
Some hardware appliances support name-spaces to do that. If you need to deploy your hardware in different security zones, you can use Scan-Sensors via data-diodes or other security devices to reach that goal as well.
I think routes didn’t help in this case because it’s not possible to create different scan views from an appliance without making a selection in the web interface
Can multiple namespaces be created and selected in the GUI?
The only solution then would be a separate scanner instance?
What do you mean by this?
If you configure a target in the web interface and then configure a valid route for the IP(s) of this target on your chosen network interface, routing should work. Given your use case you would need to enable and disable the route or the interface after each scan, which is suboptimal usability, but it should work in principle.
Using sensors would be a better permanent option.
Only one management namespace and one scan namespace are supported (for selected appliance models as documented).