Vulnerability Scanning/Security Scanning policy for partners
Do not run out against public resources. If you need to be able to scan public targets, we can schedule a bypass for source IP address (could also dedicated a bypass zone) to allow you to do so. This means scans would originating from your own ISP assigned IP address
OmniNet security team is trained to investigate and validate threats. In cases of a large surge of malicious events, Cytracom reserves the right to black hole traffic from potentially compromised endpoints until the partner has cleaned an infected host.
Throttling scans/sessions usage. Using unlimited amount of sessions may lead to automatic implementation of limits against the source customer network to prevent service degradation for customers own protection.
Schedule ahead of time with your Cytracom support team so that we can be aware of scheduled vs malicious activity so that efforts are not wasted and to prevent quarantine of legitimate scanning sources.
When working with your support team please define scope of scan as
Public - resources externally hosted to which you have explicit permission to run scans against
Internal - against your multisite or site to site tunnels you have access to
Local - on local networks hosted at or behind the local OmniBridge the scan is originating from
Scans must be scoped to customer owned networks only. If your scanner is generating many failed to connections to networks you do not own, this would appear as a malicious scanning tool and may lead to quarantine