Network Vulnerability Scanning

Guidelines on Network Scanning

Network scanning is frequently used in attempts to penetrate information resource security. To further responsible computing, these guidelines restrict network scanning activity except in limited circumstances.

Network Scanning is the process of transmitting data through a network to elicit responses in order to determine configuration state about an information system.

Network Vulnerability Scanning is the conduct of network scanning of an information system to determine the presence of security vulnerabilities in the information system.

The Division of IT will, from time to time, conduct network scans and network vulnerability scans of devices attached to the Texas A&M University network. Information gathered will be used for network management, including notifying owners of vulnerabilities, determining incorrectly configured systems, validating firewall access requests, and gathering network census data.

Except as provided above, no network scans or network vulnerability scans may be conducted except by the owner of the information resource being scanned. In no case may network scanning traffic transit a router maintained by the Division of IT.

Except as provided above, network scans and network vulnerability scans may only be conducted by University employees designated by the organizational unit head responsible for the information resource. Network scans and network vulnerability scans may not be conducted by student systems in the Resident Halls.

Other exceptions to these guidelines may be authorized only by the CIO or their designee.