- Accounts & Access
- Business Applications
- Computers & Software
- Email & Calendar
- Help & Support
- IT Security
- Network & Telecom
- Web Services
Info & Resources:
Network Vulnerability Scanning
Available to: Faculty & Staff
The network vulnerability scanning application managed by the IT Security Office is a full-featured solution that allows for scanning of systems by authorized system administrators. Scans can be conducted either from behind or in front of university network firewalls and from networks that appear to be from outside the university LAN. The application provides for delegation of scanning, alerting, and reporting.
Because vulnerability scanning can negatively affect systems and applications, system administrators are responsible for the impact of scanning on their systems. It is a violation of the university's Responsible Use of Computing Policy for system administrators to probe or scan systems outside their authority.
System Administrators are given accounts with limited rights that allow them to scan, see alerts, and access reports for their systems. System owners need to approve account requests, which should be accompanied by a list of systems to be scanned.
All users of this service must adhere to:
- University Policy Number 1114: Data Stewardship
- University Policy Number 1301: Responsible Use of Computing
How to Get this Service
This service is only available to system owners or administrators as defined in the Data Stewardship Policy.
There is no charge for this service.
This service is available 24/7, excluding planned outages, normal maintenance windows, and unavoidable events. Maintenance windows are Sundays from 7 to 11 a.m. but may be extended to 2 p.m., if needed. If maintenance is required outside of these hours, it will be announced on the Planned Outages web page.
The vulnerability scanning application provides context sensitive help information. Since vulnerability scanning requires very specific knowledge of TCP/IP networking and of the host being scanned, users of this system are expected to have appropriate technical knowledge and understanding of network vulnerability scanning technology.
Third party training:
- Online Nessus Documentation
- Network Security Assessment: by Chris McNab
- Nessus Network Auditing: by Russ Rogers
This application has the capacity to provide adhoc or scheduled vulnerability scanning and vulnerability assessment alerting and reporting.
Uptime for this service has typically exceeded 99.9%.
Last modified date: August 1, 2014