Place the virtual appliance in a secured VLAN, open ip any from the
appliance to all IP addresses in the DC so we can ensure all UDP and
TCP can be scanned.
Give the virtual appliance a virtual interface for
each VLAN in the data center
Maybe I am missing something. Both your suggestions have you placing this in some form of internal IP Space (not visible to some degree outside of your enterprise). Based on your comment (both mention being on a vlan), your best bet, is to just throw it into ANY VLAN won't matter, virtual interfaces would be a waste considering you could just trunk the port that scanner is on to all other VLANs.
Now Sebastian answered this in a manner that I'd of similarly answered it had you said: "Place it outside of my internal network" (outside of my normal IP space) I would have stated to place it INSIDE of your infrastructure. And there is a clear cut reason for this.
Internal placement - with credentialed scanning will give you the most bang for your buck, and most effective view of what is vulnerable. NOT placing it outside of your perimeter. For starters, most hackers aren't going to scan your infrastructure with Nessus, Nexpose, even say Metasploit, Core Impact, Canvas, etc.. MOST HACKERS meaning the well experienced one. These scans, exploit attempts are noisy, too time consuming, and the vast majority will be blocked by firewalls etc. Which means you too will have a limited view of what actually is vulnerable. Competent attackers are often going to use a client side attack (pdf file, USB key, word document, dropper(malware))
Internal assessments give you a concise view of what would be vulnerable if a hacker managed to get through your firewall (highly unlikely). The approach/thought process when doing this kind of assessment is as follows: Run your vuln scan: output = what an attacker can target. This is more realistic than what most companies are testing with say the PCI/DSS fiasco of running Qualys against an egress IP.
The next assessment would be a CREDENTIALED assessment. For these scans, I tune whatever tool to tell me: "alright I have user John Smith, who shouldn't have much access to things he doesn't need to see/know/touch... What could he do (or someone who stole his credentials)? Could he escalate locally, on any particular machine, and so forth.
I am a big fan of performing red team penetration tester under the premise that "I got past your door (firewall)... Now what?" This will give you better IMMEDIATE guidance on what to lock down, isolate, mitigate, issue corrective controls for.