If you have any questions on how to buy or use RedCheck security scanner, please visit the FAQ section.

Sign in to Customer Support Portal


RedCheck is a high-end security scanner intended for IT specialists and cybersecurity teams. The scanner is used for centralized and/or local detection of vulnerabilities in system and application software, potential security flaws in system configurations, policy compliance checks, integrity control, software and hardware inventory, and audit results documentation.

Key features:
• OVAL content based audit of vulnerabilities and critical security updates for modern software platforms covers: Мicrosoft, Red Hat, РОСА, Debian, Ubuntu, ORACLE, etc.
• Security configuration audit for compliance with policies recommended by software vendors and expert organizations
• Assessment of compliance with policies and standards, including CIS, PCI DSS, USGSB, and ISO/IEC 27002.
• Detailed inventory of enterprise network hardware and software assets
• File-level integrity monitoring
• Network activity assessment
• Password complexity check
• Nmap network utility support
• Detailed and incremental reports on each audit area

RedCheck can be installed on any modern computer running Microsoft Windows operating system.

System requirements:

Scanner requirements

Number of scanned nodes 1 — 100 100 — 500 500 — 3000
CPU 2 GHz Dual Core 2.4 GHz Xeon 2.4 GHz Xeon
Cores 2 2 4
HDD 500 MB 1 GB 1 GB
RAM 2 GB 4 GB 8 GB
Network bandwidth 100 Mbps 100 Mbps 100 Mbps

MS SQL Server requirements

Number of scanned nodes 1 — 100 100 — 500 500 — 2000
CPU 2 GHz Dual Core 2.4 GHz Xeon 2.4 GHz Xeon
Cores 2 2 4
RAM 2 GB 4 GB 8 GB
MS SQL Server Edition Express Standard Standard

The RedCheck scanner and agents installed in OS Windows require the following software for correct operation:
— Microsoft .NET Framework full 4.0 or higher;
— SQL Server 2008 and higher (all editions including Express).
Microsoft SQL Server 2012 SP1 Express is a part of setup.exe distribution file, so RedCheck automatically installs and configures it.

Remember that the connection between RedCheck and Microsoft SQL Server requires the SQL Server and Windows Authentication mode.

To request a demo version, please fill the form at
You will receive a link to download RedCheck in the reply mail.

RedCheck licenses are based on the number of targets you want to scan from a single RedCheck console.
Every license has an expiration date; the default license duration is one year, which can be renewed. Technical support, security content updates, and software updates are available for clients with valid licenses.
While installing RedCheck, you need a 32-bit license key for activation (available on RedCheck official letterhead). Once the license is activated, you will see hosts available for scanning in the console. The number of scanned hosts is set in your license.
If you move your console to another computer, your activation key might become unavailable. In this case, please contact technical support team for details about how to reactivate the license.
If you buy an additional license to extend the number of hosts available for scanning, these hosts will appear in the console after the next content synchronization.
Application Server Security Audit module requires a separate license. A single license is provided for one IP address with installed applications (web servers). There are limitations: there should be no more than two web servers (two DNS names) on the same IP address.
To buy a license, please contact ALTEX-SOFT sales department:

We deliver two installation packages: RedCheck.msi and Setup.exe.

RedCheck.msi is for specialists and requires basic skills in deploying and configuring Microsoft SQL server, with an installation guide being also provided.

Setup.exe is for quick software deployment with preset parameters, just by a double left-click.

We deliver two installation packages: RedCheck.msi and Setup.exe.
RedCheck.msi is for specialists and requires basic skills in deploying and configuring Microsoft SQL server, with an installation guide being also provided.
Setup.exe is for quick software deployment with preset parameters, just by a double left-click.

For the latest releases of MS SQL Server, please visit the Microsoft official website.
To download MS SQL Server, you usually need just to type MS SQL Server in a search line and go to the download page.
(Note: use official vendor websites only!)

Configure connection to a database for RedCheck normal operation.
1. Run SQL Server Configuration Manager
2. On the left, left-click on a certain instance of SQL Server Network Configuration — Protocols for MSSQLSERVER
3. On the right, in TCP/IP configuration section, click Enable and then OK in the warning window
4. On the left, left-click on SQL Native Client 11.0 Configuration — Client protocols
5. On the right, in TCP/IP configuration section, click Enable and then OK in the warning window
6. Restart SQL Server for changes to take effect

In peer-to-peer networks, a user should be within a REDCHECK_ADMINS group to make sure the software and agents operate properly. Otherwise, such a group should be created. To do so:

1. Open a management console and type MMC. Enter an admin password or its confirmation if prompted
2. Select LOCAL USERS AND GROUPS in the left side
3. Double-click on the GROUPS folder
4. Select CREATE A GROUP in the ACTION menu
5. Type in a name: REDCHECK_ADMINS
6. Click ADD and enter a user account name to be used for further console start/scanning
7. Click CHECK NAMES and then OK
8. Click CREATE

If you created a REDCHECK_ADMINS local group and added a user thereto, then log out or reboot once RedCheck is installed.

If a network has a domain structure and several accounts are used to run RedCheck management console and scan target hosts, then each account should be within a REDCHECK_ADMINS global security group. To create a REDCHECK_ADMINS global group:

1. Open an ACTIVE DIRECTORY – USERS AND COMPUTERS snap-in by using Win+R keyboard combination to open RUN dialog box, entering dsa.msc in the OPEN field there and then clicking OK.
2. In the snap-in tree, expand your domain node and go to an item where the global group will be created. Right-click this item and select CREATE and then GROUP in the context menu
3. In the pop-upped dialog box NEW OBJECT – GROUP, enter REDCHECK_ADMINS in the GROUP NAME field and select GLOBAL in GROUP TYPE section.
4. Add a user account who will start console/scanning
5. Having filled in all mandatory fields, click OK

If you created a global group and added a user thereto, then apply the changes to a domain controller and on all client machines once RedCheck is installed.
All local REDCHECK_ADMINS groups should be deleted.

Open TCP/8732 for correct connection between the RedCheck console and an agent. If you use the default Microsoft Windows firewall, follow the instructions given below for Microsoft Windows 7:
1) Open Windows Firewall. Click Start — Control Panel. Type «firewall» in the search box, and click Windows Firewall in the search results
2) On the left, select «Advanced settings». Click on «Windows Firewall with Advanced Security», and in the right panel click New Rule
3) Select Port rule type and click Next
4) Specify TCP type and 8732 local port and click Next. Specify profile according to your network configuration

For agentless scanning, the scanner should be connected to Windows Management Instrumentation (WMI) of a scanned node, with settings being done locally, on the node, or centrally, using Windows Group Policies as well as other network administration tools. For local settings of the scanned node, proceed as follows:

1) Open WINDOWS FIREWALL by clicking START button and then CONTROL PANEL, entering ‘firewall’ in a search line and selecting WINDOWS FIREWALL
3) Scroll down in the ALLOWED PROGRAMS AND FEATURES list and tick a box in WINDOWS MANAGEMENT INSTRUMENTATION (WMI) line depending on the network architecture: domain or work group. Click ОК.

Linux, Cisco IOS and VMware are subject to agentless scanning, with SSH protocol (port 22 by default) being used as a transport.

Double-check the following:
1. Port 8732 has been opened on a client machine and is not blocked by either firewall or other security tools
2. WMI has been configured
3. RedCheck_Admins group has been configured
4. The machine is available via a command line and Ping function
5. The agent utility is running on the remote machine

(If all the above is OK but the issue remains, please contact our helpdesk via

If the red indicators are on in the status and notification line, navigate to Troubleshooting Wizard (Tools > Troubleshooting Wizard) to check the operability of key software components:
1) Databases
2) Synchronization services
3) Scanning services
4) License verifications

The wizard will either resolve issues or provide detailed troubleshooting guidance if the issue cannot by resolved by RedCheck.
If RedCheck cannot resolve the issue, please be ready to email detailed error reports to the software developers:

If a license is not activated, open HELP drop-down menu, select ABOUT REDCHECK, copy ACTIVATION CODE line with a left-click and Ctrl+C combination, and email a license file generation request to,
with the license key and program activation code attached to the email.

If there is no internet connection on a computer where RedCheck is installed, the content is updated via synchronization without any access to the internet.
To use this type of synchronization, proceed as follows:
1. Please write us on to obtain a license file.
2. Go to Altex Soft Update Center to get security content
3. Transfer the content in any convenient way to the computer where RedCheck is installed
4. Unpack zip to a folder where updating will be run Start RedCheck, open TOOLS drop-down menu and select OFFLINE SYNCHRONIZATION
5. In the opening window, specify a path to the folder with the unpacked content
6. Click OK and wait until the synchronization is finished
If you cannot finish the synchronization for any reason, please email to

For Linux scanning

1. Install OpenSSH Server package
2. Open a firewall port (port 22 by default)
3. Allow connection to certain SSH users
To configure SSH, go to /etc/ssh/sshd_config
To allow an SSH connection on behalf of the Root user, add the following:
PermitRootLogin yes
Once all necessary configurations are done, reboot: service ssh restart

For VMware scanning

VMware ESXi Server and VMware Vcenter Server should be scanned over SSH protocol v. 2 or higher, with SFTP module being on.
To configure SSH:
1. Activate SSH via ESXi host console (Option 1)
Go to host settings and select ENABLE SSH on TROUBLESHOOTING OPTIONS tab

2. Activate SSH via vSphere client (Option 2)

For Cisco IOS scanning

The scanning uses SSH protocol (port 22 by default) as a transport.
To activate SSH in Cisco IOS, take the following six mandatory steps:
1. Set a device name using a HOSTNAME command
(config)#hostname sw01

2. Set a user name and password
(config)#username Admin1 secret 5 $1$ukk…

3. Configure a DNS domain using an IP DOMAIN-NAME command
(config)#ip domain-name

4. Generate an RSA key to activate SSH on the device using (config)#crypto key generate rsa
Verify the key using #show crypto key mypubkey rsa
If the key is available, you will see its name and generation date:
% Key pair was generated at: 00:07:18 YEKT Jul 31 2014
Key name:
Usage: Encryption Key
Key Data:
xxxxxxxx xxxxxxxx xxxxxxxx …

5. Allow a virtual terminal to support SSH
(config)#line vty 0 4
(config-line)#transport input ssh
(config-line)#login local (if aaa new-model is not used in step 2)

6. Set v.2 to be used
(config)#ip ssh version 2

Make sure a super user account (root by default) is active and remote access over SSH is allowed.
To activate the super user root account, change its password: passwd root
To allow remote access over SSH for the super user root account, configure an SSH server by editing a configuration file and adding the following directive: PermitRootLogin yes. The default name of an SSH server configuration file is /etc/ssh/sshd_config. The SSH server configuration file may already contain PermitRootLogin directive. In this case, simply change the directive’s value to YES. If a system’s security policy does not allow the use of a super user account required to run the scanning, opt for user accounts of other types.

1. The link to download the updated distribution kit will be provided to you in your account on customer support portal after submitting the request.
2. Run the installer (if the software is already deployed) and follow the instructions
3. Enjoy the upgraded RedCheck once the installer finishes its work

The complete reinstallation of the scanner is not needed.

The most common reasons for this problem are incorrect account configuration and scanning service being down. For account configuration, see the relevant section in the admin guide. Configure in line with the network topology and restart the scanning service RedCheckSVR.

Make sure the pinging account has been configured in line with the admin guide and network topology. Check to be sure the agent is installed and active on a remote machine.

Make sure the WMI-related system settings are OK and there is no blocking by personal firewalls or antivirus applications. Note that a pinging account must have admin privileges.

Install Nmap.exe and specify a path by clicking Alt+S and going to NMAP COMPONENT tab.

Still have a question?
Just email our helpdesk and we will get back to you.

Thank you for your request.
We will answer you as soon as possible.