Frequently Asked Questions

What is Security Manager Plus ?

Security Manager Plus is a vulnerability scanner and reporting software for detecting and assessing network vulnerabilities across heterogeneous networks comprising servers, workstations, laptops, routers, switches and other network entities.

What are the components of Security Manager Plus ?

Security Manager Plus consists of the following primary components

What type of systems and services does Security Manager Plus scan ?

  • Web Servers
  • Database Servers
  • Application Servers
  • RPC Services
  • CGI Scripts
  • FTP
  • DNS
  • POP3
  • SNMP

 

  • SMTP
  • IMAP
  • SSH
  • SSL
  • Proxy Servers
  • UDP
  • TCP/IP
  • Registry

 

  • User Accounts
  • Dos Vulnerabilities
  • SQL Injection vulnerabilities
  • Trojans and Viruses
  • Switches
  • Routers
  • Windows
  • Linux
  • VPNs

    • and many more...

How does the Security Manager Plus Server installed in the enterprise, be in sync with the latest vulnerability and patch information ?

The Security Manager Plus Server will periodically download the the latest vulnerability and patch information published in the Central Repository Server hosted in the ManageEngine site, and use the information as a baseline for its vulnerability assessment operations.

Is Security Manager Plus a Patch Management software ?

Yes indeed. Security Manager Plus is primarily a vulnerability assessment and reporting software with patch management capabilities. It does help you in identifying & deploying the missing patches for Windows operating systems. Supported Windows operating systems are : Windows Vista, Windows 2003 Server, XP Professional, 2000 Server and Professional, NT Workstation and Server and applications are : IIS, IE, SQL Server, MDAC, Media Player, .NET Framework, MSXML, DirectX and MS Office.

How many different types of vulnerabilities do you detect ?

Security Manager Plus 5 currently performs scans for more than 3500 vulnerabilities and missing patches, and this number keeps growing as and when we update our Central Repository Server with the latest vulnerability signatures.

What impact will Security Manager Plus have on my network?

Security Manager Plus is designed to minimize both the scan time as well as the network bandwidth it uses. Thus, its impact on network traffic load is minimal.

Should the machine in which Security Manager Plus is installed have a Internet connection ?

Yes. The Security Manager Plus server machine must have access to the Internet for it to download the latest vulnerability signatures from the Central Repository Server hosted in the ManageEngine site.

Is Security Manager Plus host-based or network-based ?

Security Manager Plus is a network-based vulnerability assessment and reporting software that scans for vulnerabilities on all networked resources, including servers, network devices (e.g. routers, switches, etc.), and workstations. Security Manager Plus can assess any device that has an IP address.

How to create and use a Custom Security Certificate in Security Manager Plus ?

Security Manager Plus, by default,  comes with its own  ManageEngine Security Certificate. If you wants to create and use your own Certificate, the following are the steps to do.

The following are the Steps for creating a Certificate using the 'keytool', a program that is available in JDK.

  1. Step 1
    Type the following command:

    keytool -genkey -alias tomcat -keyalg RSA -dname 'CN=<domain name>, OU=<Organizational Unit>, O=<Organization>, L=<City Name>, S=<State Name>, C=<Country>' -validity <number of days> -keypass <keypassword> -storepass <storepassword> -keystore server.keystore

    E.g.,
    keytool -genkey -alias tomcat -keyalg RSA -dname 'CN=demo.SecurityManagerPlus.com, OU=Zoho Corp., O=Zoho Corp., L=Pleasanton, S=CA, C=USA' -validity 365 -keypass demo -storepass demo -keystore server.keystore

  2. Step 2

    Copy the 'server.keystore' file to <Security Manager Plus_Home>/conf

  3. Step 3

    Edit the file <Security Manager Plus_Home>/conf/server.xml and change the keystorePass value to the one created above. For the above example, keystorePass="demo"

  4. Step 4

    Restart the Security Manager Plus Server.

What is the Licensing Policy for Security Manager Plus ?

We provide a Professional Edition download that becomes a limited free edition after 30 days of evaluation, unless a registered license key is purchased. This registered license key is valid for a year from the date of purchase (Annual Subscription) beyond which it becomes a limited free edition.

The limited Free Edition has all the functionality's provided by the professional edition except that the number of scans is limited to any 5 IPs (only) of the users choice , and product support is not available.

How do I enable scanning the Linux systems in 'sudo' mode ?

Below are the steps to enable scanning the Linux systems in 'sudo' mode :

  1. Go to the Security Manager Plus Server system and stop Security Manager Plus service.
  2. Edit wrapper.conf file present in <Security Manager Plus_Home>/conf directory.
  3. Search for the configuration parameter smp.linux.usesudo in the wrapper.conf file.
  4. If the above configuration parameter is found, set its valuse as "ture".
    The line should read as :  wrapper.java.additional.XX=-Dsmp.linux.usesudo=true    (For example, wrapper.java.additional.39=-Dsmp.linux.usesudo=true)
  5. If the above configuration parameter is not found, make entry for the above parameter in a new line.
  6. Save the wrapper.conf file and Exit.
  7. Start the Security Manager Plus service.
    Now, all the Linux systems will be scanned in 'sudo' mode.


Copyright © 2010, ZOHO Corp. All Rights Reserved.
ManageEngine