SocSci Computing Services Help Pages

User Tools

Site Tools

Trace:
zotdefend

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
zotdefend [2025/05/30 16:18] – [2. Enforcement of more strict security standards] jnilssonzotdefend [2025/06/30 13:06] (current) – [Method One (preferred): Book an appointment with SSCS] jnilsson
Line 1: Line 1:
 ====== ZotDefend security package information ====== ====== ZotDefend security package information ======
  
-{{::zotdefend_newsannouncement_securitypackage.jpg?600|}}+[[https://www.oit.uci.edu/2025/03/26/secure-your-devices-with-new-zotdefend-security-package/|{{::zotdefend_newsannouncement_securitypackage.jpg?600|}}]]
  
-Below you can find a brief summary of the information we currently have available about the ZotDefend program.+===== What is ZotDefend? ===== 
 +ZotDefend is OIT's branding for the programs and policies that are being enforced in response to the {{ ::letter-from-president-drake-chancellors-cyber-letter.pdf |letter}} that was sent out by the UCOP president in May of 2024 that set specific requirements.
  
-===== Book an appointment with SSCS to get ZotDefend set up on your computer =====+More information about ZotDefend, including what needs to be installed, can be found in the [[#frequently_asked_questions_about_zotdefend|FAQs below]].
  
-Send us an email ([[sscs@uci.edu]]) to make an appointment to set up the ZotDefend requirements on your computer. This is only required on university-owned computersnot on tablets, phones, or personal devices. Please provide your computer's property tag, which is on barcode sticker on your computer and looks like this:+===== Temporary Exemption ===== 
 +If you need to quickly access a site that has been blockedyou can request temporary exemption at the link below:
  
-{{:proptag.png?200|}}+  * [[https://activate.uci.edu/sso-zotdefend-exemption]]
  
-The appointment should take 15-30 minutes, during which we will install an application called BigFix. This will add the computer to our inventory and we can use that to install the other remaining required applications in the background while you can continue using the computer normally.+You may do this on personal devices and as often as needed.
  
-===== Two aspects of the ZotDefend project ======+===== How to set up ZotDefend on your computer: ======
  
-===== 1. Minimum Requirements for the UCOP Mandate =====+==== Method One (preferred): Book an appointment with SSCS ====
  
-The [[https://www.security.uci.edu/projects/uc-mandate-2025/|UCOP Cybersecurity Mandate]] requires compliance by May 2025.+Send us an email ([[sscs@uci.edu]]) to make an appointment to set up the ZotDefend requirements on your computer. This is only required on university-owned computers, not on tablets, phones, or personal devices.
  
-We will use an application called BigFix to install the following packages:+=== Property Tag ===
  
-  * [[https://www.oit.uci.edu/services/security/edr/|Trellix HX]] +Please provide your computer's property tag, which is on a barcode sticker on your computer and looks like this:
-  * [[https://www.security.uci.edu/services/vmp/|Tenable Nessus]]+
  
-==== BigFix Installer ====+{{:proptag.png?200|}}
  
-You can download the installer for BigFix for your computer on your own, or we can help you with this during our appointment.+=== Appointment info ===
  
-  * For Mac: [[https://sites.socsci.uci.edu/~cndavis/share/BigFix-SocSci-Mac.zip|BigFix-SocSci-Mac.zip]] +The appointment should take 15-30 minutes, during which we will install an application called BigFix. This will add the computer to our inventory and we can use that to install the other remaining required applications in the background while you can continue using the computer normally.
-  * For Windows: [[https://sites.socsci.uci.edu/~cndavis/share/BigFix-SocSci-Win.zip|BigFix-SocSci-Win.zip]]+
  
-The BigFix installer is password protected. We will provide the password to open the .zip archives during our appointment with you.+We will use BigFix to install the following packages:
  
-If you are installing this on your own, please email us ([[sscs@uci.edu]]) with the computer's property tag number, and we can send you the password.  The property tag looks like this barcode sticker:+  * [[https://www.oit.uci.edu/services/security/edr/|Trellix HX]] 
 +  * [[https://www.security.uci.edu/services/vmp/|Tenable Nessus]] 
 +  * [[https://duo.com/docs/duo-desktop-faq#install,-upgrade,-and-uninstall|Duo Desktop]]
  
-{{:proptag.png?200|}}+==== Method TwoInstall the ZotDefend components on your own ====
  
-===== 2. Enforcement of more strict security standards =====+=== Instructions for Windows computers === 
 +If you use a Windows computer and would prefer to do this on your own, you can download the installer for BigFix here:
  
-In addition to the Trellix and Tenable security packages described above, OIT is requiring the following:+  * For Windows[[https://sites.socsci.uci.edu/~cndavis/share/BigFix-SocSci-Win.zip|BigFix-SocSci-Win.zip]]
  
-  * Duo Desktop - this is an application that can scan your computer to determine if it meets OIT's requirementsThe requirements for now are just to have the Trellix and Tenable agents installed.+The BigFix installer is **password protected**We will provide the password to open the .zip after you have sent us the property tag for your computer. See the example image above for what a [[ #property_tag|property tag]] looks like.
  
-Duo Desktop is required in order to verify your device's status when accessing the following websites and services: +After BigFix is installed, we can use that to automate the installation of Duo Desktop, Trellix HX, and Tenable Nessus.
-  * KFS +
-  * Docusign +
-  * [[https://uci.service-now.com/sp?id=kb_article_view&sysparm_article=KB0013436|additional sites and services listed here]]+
  
-Please be aware that OIT might change the security requirements in the future as well. We will update this page as more information becomes available.+=== Instructions for Mac computers ===
  
-==== Temporary Exemption ==== +If you use Mac computerthen we recommend scheduling an appointment with us by contacting us via email ([[sscs@uci.edu]]). You can install BigFix, but we have observed that BigFix will usually not install Trellix HX correctly. If the installation ends in a broken state, then we must manually uninstall and reinstall it.
-If you need to quickly access site that has been blockedyou can request a temporary exemption at the link below:+
  
-  * [[https://activate.uci.edu/sso-zotdefend-exemption]]+If you want to install BigFix on your own, you can use this link:
  
-===== OIT information about ZotDefend =====+  * For Mac: [[https://sites.socsci.uci.edu/~cndavis/share/BigFix-SocSci-Mac.zip|BigFix-SocSci-Mac.zip]]
  
-Here are the OIT published pages about the ZotDefend project:+The BigFix installer is **password protected**. We will provide the password to open the .zip after you have sent us the property tag for your computer. See the example image above for what a [[ #property_tag|property tag]] looks like.
  
-  * [[https://www.oit.uci.edu/2025/03/26/secure-your-devices-with-new-zotdefend-security-package/|ZotDefend announcement]] +=== Instructions for Linux computers ===
-  * [[https://www.oit.uci.edu/org/projects/zotdefend/|ZotDefend Project Overview]] +
-  * [[https://uci.service-now.com/sp?id=kb_article_view&sysparm_article=KB0013436|KB article - List of sites where enforcement of ZotDefend requirements can occur]] +
-  * [[https://uci.service-now.com/sp?id=kb_article_view&sysparm_article=KB0013446|KB article - ZotDefend FAQ]]+
  
-===== FAQs about ZotDefend =====+Please reach out to us via email ([[sscs@uci.edu]]) to let us know which computer(s) you are setting this up on and we can send you an installation script. When you reach out to us, please provide the property tag for your computer. See the example image above for what a [[ #property_tag|property tag]] looks like. 
 + 
 +===== Frequently Asked Questions about ZotDefend =====
  
 ==== How do I request an exemption? ==== ==== How do I request an exemption? ====
Line 72: Line 70:
   * [[https://activate.uci.edu/sso-zotdefend-exemption]]   * [[https://activate.uci.edu/sso-zotdefend-exemption]]
  
 +You may do this on personal devices and as often as needed.
 ==== What are the software components being installed? ==== ==== What are the software components being installed? ====
  
-These four components are being installed on Windows and Mac computers: +  * BigFix is a software management tool that OIT has selected for the IT groups across campus to use to remotely install software. This is only for Windows and Mac computers, not Linux.
-  * BigFix is a software management tool that OIT has selected for the IT groups across campus to use to remotely install software.+
   * [[https://www.oit.uci.edu/services/security/edr/|Trellix HX]] is the software that OIT selected to meet the EDR (endpoint detection and response) requirement of the mandate.   * [[https://www.oit.uci.edu/services/security/edr/|Trellix HX]] is the software that OIT selected to meet the EDR (endpoint detection and response) requirement of the mandate.
   * [[https://www.security.uci.edu/services/vmp/#endpoint|Tenable Nessus]] is the software that OIT selected to meet the vulnerability management requirement of the mandate   * [[https://www.security.uci.edu/services/vmp/#endpoint|Tenable Nessus]] is the software that OIT selected to meet the vulnerability management requirement of the mandate
-  * [[https://duo.com/docs/duo-desktop-faq#install,-upgrade,-and-uninstall|Duo Desktop]] is installed when needed to access websites that OIT has determined require enforcement of a more strict security policy+  * [[https://duo.com/docs/duo-desktop-faq#install,-upgrade,-and-uninstall|Duo Desktop]] is installed when needed to access websites and services that OIT has determined require enforcement of a more strict security policy. See the next FAQ for details.
  
-Linux computers only need the Trellix HX and Tenable Nessus components, but they can have DuoDesktop installed as well.+ 
 +==== Which websites require Duo Desktop, in addition to Trellix HX and Tenable Nessus? ==== 
 + 
 +Duo Desktop is required in order to verify your device's status when accessing the following websites and services: 
 +  * KFS 
 +  * Docusign 
 +  * Atlassian 
 +  * OneTrust 
 +  * [[https://uci.service-now.com/sp?id=kb_article_view&sysparm_article=KB0013436|additional sites and services listed here]] 
 + 
 +Please be aware that OIT might change the security requirements and/or the list of sites and services that require enforcement. We will update this page as more information becomes available.
  
 ==== What is the UC Cybersecurity Mandate? ==== ==== What is the UC Cybersecurity Mandate? ====
Line 105: Line 113:
     * this is done by requiring DUO when logging in to gmail and outlook email systems     * this is done by requiring DUO when logging in to gmail and outlook email systems
  
-==== What does UCOP have to say about EDR? ====+==== Is ZotDefend required on personal computers too? ====
  
-UCOP has released the following FAQ regarding concerns about the EDR software, Trellix HX:+No, it is neither required nor recommended to install or configure any of this on computers/devices personally owned by you. All official university business should be done on university-owned computers. 
 + 
 +Keep in mind that tablets, phones, and similar devices are also exempt from the ZotDefend project. 
 + 
 +==== But I use a personal computer for work... ==== 
 + 
 +If you do not have a university-owned computer (purchased either with school funds or grant funding), reach out to us at [[sscs@uci.edu]] and we can help you determine what to do. 
 + 
 +==== What has OIT published about ZotDefend? ==== 
 + 
 +Here are the OIT published pages about the ZotDefend project: 
 + 
 +  * [[https://www.oit.uci.edu/2025/03/26/secure-your-devices-with-new-zotdefend-security-package/|ZotDefend announcement]] 
 +  * [[https://www.oit.uci.edu/org/projects/zotdefend/|ZotDefend Project Overview]] 
 +  * [[https://uci.service-now.com/sp?id=kb_article_view&sysparm_article=KB0013436|KB article - List of sites where enforcement of ZotDefend requirements can occur]] 
 +  * [[https://uci.service-now.com/sp?id=kb_article_view&sysparm_article=KB0013446|KB article - ZotDefend FAQ]] 
 + 
 +==== What do I do if I installed ZotDefend following OIT's self-enrollment instructions? ==== 
 + 
 +Please reach out to us ([[sscs@uci.edu]]) and let us know the [[ #property_tag|property tag]] of your computer. If you are unable to access KFS, DocuSign, or other services that require ZotDefend, then we need to schedule an appointment with you to help sort things out. Even if ZotDefend is working for you, please still send us the property tag of any computer that you self-enrolled since this helps us accurately track and report our inventory. 
 + 
 +==== What is UCOP's response to my concerns about Trellix? ==== 
 + 
 +UCOP has released the following statement regarding concerns about the EDR software, Trellix HX:
  
   * [[https://security.ucop.edu/services/threat-detection-and-identification/edr-overview.html]]   * [[https://security.ucop.edu/services/threat-detection-and-identification/edr-overview.html]]
 +
 +There is also an FAQ which covers questions about compatible devices, privacy/security, and concerns about teaching/research:
 +
 +  * [[https://security.ucop.edu/services/threat-detection-and-identification/edr-faqs.html]]
  
 [[https://socsci.uci.edu/zdinstallers|{{::uci18_simpleseal_blue_nofill_90.png?25|}}]] [[https://socsci.uci.edu/zdinstallers|{{::uci18_simpleseal_blue_nofill_90.png?25|}}]]
zotdefend.1748621895.txt.gz · Last modified: 2025/05/30 16:18 by jnilsson