Our internal researchers procure vulnerability information for Windows Operating systems and other Microsoft products from Microsoft's official security guidance page, and for different Linux distros from the official security advisories of the respective vendors. For third-party products, we obtain the vulnerability data from NIST and CVE details, and the respective vendors' official security advisory pages.
Our internal researchers procure information regarding security misconfigurations from recommendations in STIG and CIS, and also from respective vendor websites.
All the CIS benchmarks that are used for Endpoint Central's audits are arrived at from the official CIS website.
Any of the Windows computers in your network with the requirements mentioned here can be hosted as your Central server.
Currently, if the operating systems meet any of the following criteria, we consider them as server machines:
We recommend purchasing server licenses for any Linux machine when deploying them as servers within the organization.
Navigate to Agent --> Computers in the console interface. Create a filter for Operating System with tags "server" and "Oracle". The Red Hat Enterprise Linux OS server machines cannot be identified using the web console as its subscription has to be checked.
The free edition allows management of any number of servers, as long as the total number of endpoints does not exceed 25.
Under software vulnerabilities, patches are displayed as a resolution to fix a known threat or vulnerability.
Common Vulnerability Scoring System (CVSS v3.0) is used to assess the severity of vulnerabilities based upon the ease of exploit and the approximated potential of impact. Scores range between 1 and 10 with 10 being most severe. Additionally patches can be looked up using their CVE ID
We detect web and database server vulnerabilities by scanning listening ports and identifying the application and its version. Vulnerabilities are identified by comparing the detected version to the vulnerability database.For further clarification on vulnerability applicability, please contact the vendor.
NOTE: Web/database servers will be detected only when they are actively running.For Endpoint Central and other ManageEngine products, we use CVE analysis data from our internal security experts to exclude non-applicable vulnerabilities and display only applicable ones. In the initial days after a CVE is released, vulnerabilities may be detected, but if our analysis determines they are not applicable, they will be removed in subsequent scans after a database sync.
You can track the status of deployed security configurations from Deployments> Security configurations and re-deploy the failed deployments from here.
The product currently supports security configuration management only for systems running on Windows OS
When a system is quarantined, it is isolated from the network to prevent potential security risks. Users will be notified, and administrators can take necessary actions to remediate compliance issues.
Yes, once the compliance issues are addressed, administrators can lift the quarantine, allowing the system to resume normal operations.
Regular audits are recommended, with the frequency determined by organizational policies. Monthly or quarterly audits are common, but more frequent daily checks may be necessary for highly dynamic environments.
Absolutely! The policy is highly customizable to accommodate the unique requirements of your organization. Administrators can define rules tailored to specific compliance standards and security policies.
You can track the status of high-risk software uninstallation from Deployments> Software uninstallation.
Static group exclusion happens immediately, whereas for Dynamic groups, it reflects after the next scan.
