1. Home
  2. Technical
  3. Zone+ Security Monitor FAQ

Zone+ Security Monitor FAQ

Zone+ Security Monitor is a web security monitoring system that gives a user an overview of website vulnerabilities and potentially dangerous actions on the web server.

How to install the Security Monitor?

The Security Monitor can be installed via the Zone+ application manager.

Zone+ Security Monitor is a web security monitoring system that gives a user an overview of website vulnerabilities and potentially dangerous actions on the web server.
Screenshot

What is a homepage fast scan interval?

During a quick scan, Zone+ Security Monitor checks only the main page with open/public access.

What is a website deep scan?

During this deep scan, Zone+ Security Monitor checks all pages of the site with open/public access.

What is a server scan?

During server scan Zone+ Security Monitor analyses files on the server. This allows detection of vulnerabilities as well as problems not visible with open or public access.

What is advanced defacement analysis?

Zone+ Security Monitor can detect changes on the main page and notifies the user when anomalous changes occur, for example, main page is changed,, page content is replaced with one picture file or text is changed to Arabic etc

What is SSL analysis?

Zone+ Security Monitor checks the validity period of SSL/TLS certificate on site, its chain and SSL/TLS configuration problems.

How does Zone+ Security Monitor recognize malicious software?

Zone+ Security Monitor analyzes files based on known antivirus signatures and behaviour pattterns when source code of files has been changed.

What information does Zone provide Zone+ Security Monitor with, when the user orders the service through Zone+?

Zone provides Zone+ Security Monitor the following:

ZoneID Username

ZoneID contact information

Domain name for monitoring

This information is necessary to compose and transmit scan reports.

Does Zone+ Security Monitor copy user data to its servers?

No. Zone+ Security Monitor scans files on the Zone server, only list of files and the hash composed based on these files are copied to the Zone+ Security Monitor servers. This information is used to detect vulnerabilities and malicious software, as well as for composing the reports.

What is Zone+ Security Monitor’s privacy policy?

Find additional information on security policy here: https://nimbusec.com/en/privacy.html

What are Zone+ Security Monitor’s terms of use?

Find terms of use here: https://nimbusec.com/en/terms-of-use.html

Does Zone+ Security Monitor work like a firewall?

No. Zone+ Security Monitor is not an active tool for data monitoring. Unlike a firewall, which scans data in realtime, Zone+ Security Monitor scans are performed at specific intervals.

Does Zone+ Security Monitor remove malicious software from the server?

No. Zone+ Security Monitor works only as a server monitoring system. Malicious software on the website must be removed by website administrator. Also, this service can be ordered either from Zone or Zone+ Security Monitor.

Can I change the Zone+ Security Monitor settings?

Yes. When Zone+ Security Monitor is ordered and activated, you can enter the control panel via Zone+.

How will Zone+ Security Monitor warn me about security issued and problems found?

By default, Zone+ Security Monitor sends alerts via email. When “Aggressive” package is chosen, users will be notified via SMS as well. The ZoneID contact information is used when sending notifications. Zone+ Security Monitor management can be accessed via Zone+.

Where can I see the results and history of Zone+ Security Monitor scans?

The overview, report and history of scans are available in Zone+ Security Monitor control panel, which is accessible via Zone+.

What to do if the result is false-positive?

If you are sure that the file detected by the Zone+ Security Monitor doesn’t contain virus and malicious code, then you can mark it as “False positive”. In order to mark file as false-positive, in Zone+ Security Monitor management choose “Bulk actions” and “False positive” next to the corresponding file.

When does the server scan take place?

The initial scan is performed within 15 minutes after the application is installed.

Server scans are scheduled according to chosen package as follows:

Basic: Every Sunday at 10

Advanced: Every morning at 8

Aggressive: Every 4 hours (0, 4, 8, 12, 16, 20)

The infected files are removed from the server, but are they still present on the report?

The deleted files will be present in report until the next scan is completed, i.e. scan results will be updated according to selected package. If you need to scan the server before the next scheduled scan, please contact the support at tuki@zone.fi.

Updated on 20. Sep 2024
Was this article helpful?

Related Articles