Security Tools - Communities of Practice for Security Administrators

This article discuss the user group meetings and Microsoft Teams groups for various security tools on campus. These groups are typically reserved for IT administrators who manage or work with security tools in their environment.
Communities of Practice for Security Tools

The Office of Cybersecurity supports various security tools for use on campus, including Cisco Secure Endpoint (AMP), Palo Alto Firewalls, and Qualys Vulnerability Management. Distributed campus administrators are generally responsible for managing these tools within their group. Security tool Communities of Practice, or "User Groups" exist to increase efficiency, cohesion, and information sharing between IT administrators across campus in their application of the tools. The Office of Cybersecurity manages a Microsoft Teams group for each user group (there are separate Teams groups for Palo Alto, Secure Endpoint (AMP), and Qualys). Admins can communicate with each other by posting and participating in discussions in the Teams groups, and each group meets once per quarter. You can learn more about the user group for each tool and request access to the corresponding Teams group below.

Cisco Secure Endpoint (AMP) Community of Practice
    Cisco Secure Endpoint (AMP) is the endpoint protection and response (EDR) tool for university-owned devices. The Secure Endpoint (AMP) Administrators Microsoft Teams group is a place where admins can discuss new features of the tool, issues with versions of the application, upgrading, security event response, and more. The user group also meets on a quarterly basis to discuss Secure Endpoint (AMP)-related updates, provide training, and other various items. Invites to the quarterly meeting are sent to everyone who has joined the Secure Endpoint (AMP) Administrators Group, but you can also refer to the Campus Event Calendar for meeting dates.

    You can request to join the Secure Endpoint (AMP) Administrators Teams group here.


Palo Alto Firewall Community of Practice 
    The Palo Alto Firewall is the next generation firewall used on campus networks. The UW Madison Firewall Administrators Microsoft Teams group is a place where admins can discuss new features of firewall, issues and outages, security event response, and more. The user group also meets on a quarterly basis to discuss firewall-related updates, provide training, and other various items. Invites to the quarterly meeting are sent to everyone who has joined the Firewall Administrators Group, but you can also refer to the Campus Event Calendar for meeting dates.

    You can request to join the UW Madison Firewall Administrators Teams group here.


Qualys Vulnerability Management & Cloud Agent Community of Practice
    Qualys Vulnerability Management and the Qualys Cloud Agent are the network and host-based vulnerability scanning and detection tools for university-owned devices. The Qualys Administrators Microsoft Teams group is a place where admins can discuss new features of the tools, any issues with versions of the Cloud Agent, upgrading, security event response, and more. The user group also meets on a quarterly basis to discuss Qualys-related updates, provide training, and other various items. Invites to the quarterly meeting are sent to everyone who has joined the Qualys Administrators Group, but you can also refer to the Campus Event Calendar for meeting dates.

    You can request to join the Qualys Administrators Teams group here.