Hey - our auditors need to run some domain wide vulnerability scans of our servers and workstations. To do so requires domain level admin rights.
As windows admins yourselves - how practical is it to monitor the performance these scans are having - and terminate the scans remotely if its deemed to be having a network performance impact? What tools can be used to monitor domain performance of these scans - and what tools can be done to terminate there scanning tools remotely from the admins desk?
Also - what would a back out plan include for auditors running vulnerability assessments? What technical controls are in place for a "back out" plan around users running vulnerability scanning software?