The Vulnerability Management Program (VMP) service scans all UC Davis network computing resources for vulnerabilities and configuration weaknesses. The service is provided by the vendor, Tenable, and is managed by the Information Security Office (ISO). For more details on the ISO VMP service, please visit the Vulnerability Management ServiceHub page or Knowledge Base Articles.
In addition to the pool of VMP scanners managed by ISO, the CAES Dean's Office also maintains a VMP scanner that CAES departments can proxy their VMP scans through.
Features/Benefits
- Departments only need to open VLAN and endpoints firewalls to a single scanners instead of a pool of scanners
- Scanning times are reduced when using the CAES Dean's Office VMP proxy scanner
- The CAES Dean's Office Computing Resources Unit maintains control over the scanner
- Scans performed through the CAES Dean's Office VMP proxy scanner show in the SecurityCenter console (restricted to campus networks)
Getting Started
- To get started with the CAES Dean's Office VMP proxy scanner, please email vmphelp@caes.ucdavis.edu with the following:
- Department Name
- Main Point of Contact
- Email Address or ServiceNow Assignment Group to use for ISO notifications
- Name and LoginID of all IT staff that need access to the SecurityCenter console
- All networks that should be scanned in CIDR format (xxx.xxx.xxx.xxx/xx)
- Any IP addresses that should not be scanned