Vulnerability Database synchronization

 

Central Vulnerability Database gets updated periodically with the details of the latest patches that are released by Microsoft, Apple, Linux and other 3rd party vendors. Every Central Server has a local Vulnerability Database, in order to perform patch management activities. Enterprises need to sync their local Vulnerability Database with the Central Vulnerability Database to ensure that their database is up-to-date. All the endpoints in the network are scanned for missing patches based on the local Vulnerability Database information.  By urtilizing the web console, you can schedule the time at which the local Vulnerability Database synchronizes with the Central Vulnerability Database. By default, this sync is scheduled to the time at which Vulnerability Manager Plus server is installed.

Though there could be a lot of patches released frequently, not every enterprise has the need to manage all those patches. Administrators can also configure patch DB settings to manage patches specific to different OS platforms as well as third party applications. All the computers will be scanned for missing patches based on the types of patches specified.

For example, you can choose to manage patches related to Mac operating system and only Windows 3rd party applications. Then, computers will be scanned for missing patches related to "Mac OS and Windows 3rd party applications".

To configure the Vulnerability Database settings, follow the steps below:

  1. Click the Admin tab to invoke the Admin page.

  2. Click the Patch Management -Schedule Vulnerability Update Patch Settings -> Vulnerability Database Settings icon

  3. Select the types of Patches that you wish to manage, like Windows, Mac, Linux or 3rd Party Patches. If you want to manage only Microsoft patches or 3rd party patches for Windows Operating System, you can specify it accordingly. Enabling Microsoft update checkbox lets you manage all the Microsoft update types. You can further drill down and enable each type of Microsoft update individually. This provides you the feasibility to customize Patch Management based on your requirement. If you select only Microsoft update, the local Vulnerability Database will sync all the update details from the Central Vulnerability Database, but the computers will be scanned for missing patches related to Microsoft alone.

  4. The "Enable Scheduled Vulnerability Update" will be selected by default. To disable scheduler, clear this option.

  5. You need to specify the time for the Vulnerability Database to be synchronized. This will happen everyday.

  6. Click Save Changes to save the configuration.

 
  • It is recommended to schedule the Vulnerability Settings on daily basis. This would ensure that the Vulnerability Database is up-to-date and secure from threats and vulnerabilities.