Educause Security Discussion mailing list archives
Re: Vulnerability Assessment Requirements
From: "Franklin, Elliott" <franklin () TXSTATE EDU>
Date: Mon, 25 Jul 2005 08:36:29 -0500
At Texas State University - San Marcos we apply the default CCA rule for windows update and McAfee 8.0i and do not allow a grace period. We apply these rules only to Windows 2000 workstations and above. The only problem that we've experience with this is that our on-campus update servers were not updated as quickly as the CCA rules so we had to change their intervals. Elliott Franklin, CISSP Information Security Analyst Texas State University - San Marcos 512.245.2501 ________________________________ From: Brown, Christopher [mailto:cebrown () REGIS EDU] Sent: Thursday, July 21, 2005 11:32 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Vulnerability Assessment Requirements Greetings, I am throwing this question out there to schools who have implemented a vulnerability assessment solution such as CCA, Impulse Point, or Campus Manager. (Note, I am not trying to start a debate on one versus the other.) We are working to get CCA ready for our students this fall and I was wondering what other schools have decided upon regarding the requirements they are imposing on their student's PCs. With CCA you can check for a lot of things: service packs, Microsoft updates, existence of anti-virus software, the age of antivirus definition, installed programs, a missing installed program, etc. I am curious to find out what requirements other schools have used? Do you allow a grace period or do you require that new updates and virus definitions are necessary as soon as they become available? Thanks in advance, Chris Brown Information Technology Services Network/Telecom Administrator Regis University, Denver CO
Current thread:
- Vulnerability Assessment Requirements Brown, Christopher (Jul 21)
- <Possible follow-ups>
- Re: Vulnerability Assessment Requirements George (Jul 21)
- Re: Vulnerability Assessment Requirements Michael Grinnell (Jul 21)
- Re: Vulnerability Assessment Requirements Hall, Rand (Jul 21)
- Re: Vulnerability Assessment Requirements George (Jul 21)
- Re: Vulnerability Assessment Requirements Mike Wiseman (Jul 22)
- Re: Vulnerability Assessment Requirements Franklin, Elliott (Jul 25)