Vulnerability Scan


Overview

If Asset Discovery has not been specifically performed  prior to scanning, then Security Manager Plus's vulnerability scanning will first begin with the discovery of the desired network resources. On completion of  asset discovery, Security Manager Plus detects the open ports and a scan is performed on the open ports for identifying which services or applications are listening in these ports.

 

On identifying the service, tests are run to identify the service specific vulnerabilities and missing patches. When a scan is complete, vulnerabilities are displayed in a color-coded list , like: HIGH , MEDIUM , LOW , that indicates the severity / risk of each potential problem. Clicking on individual vulnerabilities displays information on the name of the vulnerability, a detailed description, and suggested remediation methods.

Scan Preference

There are a various ways to perform scans using Security Manager Plus. You can exercise these options from the New Scan tab drop-down options :

These options run an on-demand scan. Apart from these you can also Schedule Scans for assets and asset groups.

 

Scan Hosts

 

To start a new scan from here :

Scan Network

 

Scan Asset Group

Scan in Progress & viewing logs

When a scan is initiated, a 'Scan in Progress' message appears on screen. On clicking that message or by refreshing the view, you can see the Scan Status column against the asset or asset group name which displays a 'In Progress' message. Clicking on this will pop-up a window which will display the scan progress logs.

 

When a scan is successfully completed,  the Scan Status column gets updated to display this.

 

Stopping a scan

When a scan is in progress, it can be stopped from the [stop] link against the asset name. The Scan Status column for this asset gets updated with the 'Stopped' message.


Copyright © 2010, ZOHO Corp. All Rights Reserved.
ManageEngine