ManageEngine Vulnerability Manager Plus is an Enterprise vulnerability management software that helps you scan, assess, prioritize and remediate vulnerabilities in your network endpoints. It comprises of features like vulnerability scanning and assessment, automated patch management, security configuration management, zero-day vulnerability mitigation, high-risk software audit and web server hardening.
The following guide will help you understand the process of vulnerability management with the help of an architecture diagram.
The External Crawler residing at the Zoho Corp. site probes the internet continuously to:
Then the authenticity and functional correctness of the patches are tested and correlated with the corresponding vulnerability it addresses.
After thorough analysis, the final consolidated data containing information on vulnerabilities, patches, security configurations, server hardening and high-risk software are then hosted in the central vulnerability database. The Central Vulnerability Database is a portal in the Zoho Corp. site, which is constantly updated with the latest information that serves as the baseline for vulnerability management in the enterprise.
IT administrators or network security teams need the following components to perform vulnerability management in the enterprise:
The Vulnerability Manager Plus server helps you to centrally perform all the vulnerability management tasks in your network endpoints. Some of the tasks include the following:
Any of the Windows computers in your network with the requirements mentioned here can be hosted as your Vulnerability Manager Plus server. This Vulnerability Manager Plus server at the customer site subscribes to the Central Vulnerability Database, from which it synchronizes the latest information on vulnerabilities and its remedies. Patches are downloaded directly from vendor sites and stored centrally in the server's patch store and will be replicated to your network endpoints to conserve bandwidth.
To perform Vulnerability scanning and management, a lightweight, multipurpose agent will be installed by the server in your network systems. The agent contacts the server every 90 minutes to get the data to perform vulnerability scanning in endpoints as well as to carry out the tasks delegated by the server. It returns back the result to the server after completion of the task. The agent also maintains a continuous thin connection with the server in order to perform on-demand tasks.
The web console is a graphical user interface to access the server and perform vulnerability management tasks. It empowers users with a single pane view to perform all the vulnerability management tasks from anywhere, anytime.