FAQs

• Ensure the device is reachable from the VMP server.
• Ensure the prerequisites from "/bin/nmap" are installed, specifically Npcap and vcredist. You can find these in the Control Panel as Npcap OEM and Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005.

Discovery may take time depending on the number of IP addresses provided. If the subnet contains a large number of IPs, the process could be slower. Try entering one or two known IP addresses to check if discovery is successfully identifying network devices.

• Ensure the device is reachable (try pinging it from the VMP server).
• Confirm that the VMP server's IP address is added to the SNMP host list in the device's SNMP configuration.
• Verify that the SNMP community string or password is correct and valid.

• Ensure that SSH is enabled and the device is reachable.
• Verify that the correct username and password are being used.
• Check if the correct prompt is configured by logging in to the device manually.
• Most firmware details can be retrieved in user mode; privileged mode is rarely required. Therefore, enable credentials are typically not necessary. If you choose to provide them, please ensure they are valid.

• Enable SNMP (v1/v2c/v3) or SSH on the devices.
• Ensure VMP communication over SNMP/SSH is allowed by the firewall.
• Add appropriate credentials in VMP scan settings.

Visit the Supported Network Devices page.

When a network device is flagged as “unsupported,” it indicates that the device's firmware or model is not currently recognized by Vulnerability Manager Plus for vulnerability detection. To address this issue, follow these steps:

1. Collect Device Details:

• Identify the vendor name (e.g., Cisco, Juniper, Fortinet).
• Determine the model and series (e.g., Catalyst 2960, FortiGate 60E).

2. Retrieve sysObjectID:

• Use an SNMP walk tool or MIB browser to query with the following command:
• snmpwalk -v2c -c [community_string] [device_ip] .1.3.6.1.2.1.1.2.0
• This helps Vulnerability Manager Plus identify the exact device family.

3. Get Firmware Version via SSH:

• Log in to the device using PuTTY/SSH.
• Execute the appropriate command to retrieve the firmware version (this varies by vendor, e.g., show version for Cisco).
• Copy the output.

4. Submit the Details to Support:

• Compile all collected details and submit them to support for further assistance.

Yes, you can apply the same set of credentials as is to multiple devices. To avoid the tedious task of entering credentials for each device individually, Network Device support in VMP allows you to create common credentials and share them across multiple devices.

Since the discovery of network devices follows a credential-less approach, we attempt to retrieve the MAC address to identify the vendor (manufacturer) name. However, the MAC address is accessible only within the same LAN segment. When a response packet passes through multiple routers, the MAC address is not forwarded for security reasons. As a result, some devices listed in the managed devices table may initially show an unknown manufacturer name. This will be resolved once the network device scan is successfully completed.

Yes, it is supported for Cisco and Juniper devices via the VMP server console.

Agent installation is not needed for vulnerability scan in network devices. VMP server will be responsible for all the network devices operations. To perform a vulnerability scan on network devices:

• Discover the network devices and add to the managed devices table. Provide comma separated network devices IP addresses or single IP address, or with subnet mask or a range of IP addresses -> Click Discover -> Devices will be listed -> Click and add to the managed devices table.
• Make sure SNMP is enabled, SSH is enabled with known username/password and ensure VMP Server can ping and access SNMP/SSH ports of the device
• Add Credentials by navigating to Network Devices → Credentials. Here, add SNMP credentials by: SNMP v1/v2c → Community string; SNMP v3 → Username, Auth & Privacy passwords and Add SSH credentials
• Map the credentials to the device.
• Automatically scan will be triggered after credential mapping.

Patch Manager Plus is a dedicated patch management solution from ManageEngine that focuses solely on identifying and deploying patches for operating systems and over 1100 third-party applications across Windows, macOS, and Linux environments. It is available in both cloud and on-premises versions, making it ideal for organizations seeking a straightforward, platform-agnostic patching tool. In contrast, Vulnerability Manager Plus offers a more comprehensive security solution that includes not just all features of patch management but also vulnerability scanning and detection, security configuration audits, and compliance reporting. It is available only as an on-premises solution and is better suited for organizations looking for deeper vulnerability insights and threat-based remediation. In short, while Patch Manager Plus is ideal for focused patching needs, Vulnerability Manager Plus serves as a full-fledged vulnerability management platform with integrated patching capabilities. To know more about the differences, refer to this page.

Currently, ManageEngine Vulnerability Manager Plus is available exclusively as an on-premises solution. A cloud-hosted version will be expected to be released by Q4 of 2025. Meanwhile, Endpoint Central, which includes both patch and vulnerability management feature as a part of its suite, is available as a cloud solution that you can use.

Refer to this page to know all the supported applications. Support is provided only for the mentioned.

As of now, ManageEngine Vulnerability Manager Plus (VMP) is available exclusively as an on-premises solution. On the other hand, Patch Manager Plus (PMP) offers a cloud-based version that provides comprehensive patch management across various operating systems and third-party applications. However, VMP and PMP Cloud are separate products, and there is currently no integration that allows VMP to be used as a SaaS solution with PMP Cloud as an add-on. For organizations seeking a cloud-based vulnerability management solution, use Endpoint Central, which includes both patch and vulnerability management feature as a part of its suite and is available as a cloud solution.

You can renew the license by filling the details in this page.

Yes. We offer support based on the OS version mentioned in this page. Irrespective of the hardware.

For each machine, under specific System summary -> Installed software tab, the installed software table will be available. Export for the same will be available in the right side top of the table.

Vulnerability checks require no specific configuration. Once the agents are installed, the next Vulnerability and Patch scan will automatically use the detection checks available from the Security Research Team's findings through a vulnerability database sync.

No. As of now we do not have provision for checking the files for detecting credentials and passwords.