Frequently Asked Questions

What is Security Manager Plus ?

Security Manager Plus is a network vulnerability scanner for detecting, assessing and remediating network vulnerabilities across heterogeneous networks comprising servers, workstations and laptops.

What are the components of Security Manager Plus ?

Security Manager Plus consists of the following three primary components

  • External Vulnerability Aggregator
  • Central Repository Server
  • Security Manager Plus Server
  • Security Manager Plus Agents (optional)

The External Vulnerability Aggregator and Central Repository Server resides at the ZOHO Corp. site. The Security Manager Plus Server resides in your enterprise site. Agents can be within your enterprise or on remote geographical locations.

What type of systems and services does Security Manager Plus scan ?

  • Web Servers
  • Database Servers
  • Application Servers
  • RPC Services
  • CGI Scripts
  • FTP
  • DNS
  • POP3
  • SNMP
  • SMTP
  • IMAP
  • SSH
  • SSL
  • Proxy Servers
  • UDP
  • TCP/IP
  • Registry
    • User Accounts
    • Dos Vulnerabilities
    • SQL Injection vulnerabilities
    • Windows
    • Linux
    • VPNs

and many more...

How does the Security Manager Plus Server installed in the enterprise, be in sync with the latest vulnerability and patch information ?

The Security Manager Plus Server will periodically download the the latest vulnerability and patch information published in the Central Repository Server hosted in the ZOHO Corp. site, and use the information as a baseline for its vulnerability assessment operations.

How many different types of vulnerabilities do you detect ?

Security Manager Plus 5 currently performs scans for more than 3500 vulnerabilities and missing patches, and this number keeps growing as and when we update our Central Repository Server with the latest vulnerability signatures.

What impact will Security Manager Plus have on my network?

Security Manager Plus is designed to minimize both the scan time as well as the network bandwidth it uses. Thus, its impact on network traffic load is minimal.

Should the machine in which Security Manager Plus is installed have an Internet connection ?

Yes. The Security Manager Plus server machine must have access to the Internet for it to download the latest vulnerability signatures from the Central Repository Server hosted in the ZOHO Corp. site.

Is Security Manager Plus host-based or network-based ?

Security Manager Plus is a network-based vulnerability scanner and reporting software that scans for vulnerabilities on all networked resources, including servers and workstations. Security Manager Plus can assess any device that has an IP address.

How can one create and use a Custom Security Certificate in Security Manager Plus ?

Security Manager Plus, by default, comes with its own ZOHO Corp. Security Certificate. If you want to create and use your own Certificate, follow these steps :

The following are the Steps for creating a Certificate using the 'keytool', a program that is available in JDK.

  1. Step 1
    Type the following command:

    keytool -genkey -alias tomcat -keyalg RSA -dname 'CN=<domain name>, OU=<Organizational Unit>, O=<Organization>, L=<City Name>, S=<State Name>, C=<Country>' -validity <number of days> -keypass <keypassword> -storepass <storepassword> -keystore server.keystore

    keytool -genkey -alias tomcat -keyalg RSA -dname ', OU=ZOHO Corp., O=ZOHO Corp., L=Pleasanton, S=CA, C=USA' -validity 365 -keypass demo -storepass demo -keystore server.keystore

  2. Step 2
    Copy the 'server.keystore' file to <Security Manager Plus_Home>/conf

  3. Step 3
    Edit the file <Security Manager Plus_Home>/conf/server.xml and change the keystorePass value to the one created above. For the above example, keystorePass="demo"

  4. Step 4
    Restart the Security Manager Plus Server.


Network Security Scanner & Patch Management Software trusted by