Vulnerability Database synchronization

 

The Central Vulnerability Database hosted at the Zohocorp site gets updated periodically with the latest details of

  • Known and emerging vulnerabilities
  • Latest patches that are released by Microsoft, Apple, Linux and other 3rd party vendors.
  • Security configuration baselines and remediation content
  • Web server hardening content
  • High-risk software list
  • New compliance policies and changes related to existing policies

The Central Vulnerability Database is a portal in the Zoho Corp. site, which is constantly updated with the latest information that serves as the baseline for vulnerability management in the customer organization. The Vulnerability Manager Plus Server (central server) located in the customer organization has a local database bundled to it. In order to perform regular vulnerability management with the latest vulnerability information, organizations need to sync their local database with the Central Vulnerability Database to ensure that their database is up-to-date. All the endpoints in the customer network are scanned based on the content in the local database information. By utilizing the web console, you can schedule the time at which the local database within the server synchronizes with the Central Vulnerability Database. By default, this sync is scheduled to the time at which the Vulnerability Manager Plus server is installed.

Note: Compliance policy related data alone will not be updated to the central server during the above mentioned scheduled vulnerability database sync. Rather, the new files and changes related to compliance policies from the central vulnerability database synchronize separately with the central server everyday at 1 am automatically.

Though there could be a lot of patches released frequently, not every enterprise has the need to manage all those patches. Administrators can also configure patch DB settings to manage patches specific to different OS platforms as well as third party applications. All the computers will be scanned for missing patches based on the types of patches specified.

For example, you can choose to manage patches related to Mac operating system and only Windows 3rd party applications. Then, computers will be scanned for missing patches related to "Mac OS and Windows 3rd party applications".

To configure the Vulnerability Database settings, follow the steps below:

  1. Click the Admin tab to invoke the Admin page.

  2. Click on Patch Settings -> Vulnerability Database Settings icon

  3. Select the types of Patches that you wish to manage, like Windows, Mac, Linux or 3rd Party Patches. If you want to manage only Microsoft patches or 3rd party patches for Windows Operating System, you can specify it accordingly. Enabling Microsoft update checkbox lets you manage all the Microsoft update types. You can further drill down and enable each type of Microsoft update individually. This provides you the feasibility to customize Patch Management based on your requirement. If you select only Microsoft update, the local Vulnerability Database will sync all the update details from the Central Vulnerability Database, but the computers will be scanned for missing patches related to Microsoft alone.

  4. The "Enable Scheduled Vulnerability Update" will be selected by default. To disable scheduler, clear this option.

  5. You need to specify the time for the Vulnerability Database to be synchronized. This will happen everyday.

  6. Click Save Changes to save the configuration.

 
  • It is recommended to schedule the Vulnerability Settings on daily basis. This would ensure that the Vulnerability Database is up-to-date and secure from threats and vulnerabilities.