A closer look at GFI LANguard 9
GFI LANguard is a network security scanner. It performs vulnerability assessments, identifies all possible security threats and provides the tools to remediate vulnerabilities and install missing patches.
The installation is pretty straightforward. To access all of LANguard’s features, you have to install it on the administrator account.
In the Network Audit tab you can perform different types of scan. A Quick Scan discovers high security vulnerabilities and critical missing patches and service packs, a Full Scan scans one or more computers for all security vulnerabilities and builds system inventory, while the Custom Scan and Scheduled Scan are both self-explanatory.
A scan lets you choose the target computer(s) or the entire domain/workgroup, and makes you specify credentials to use in order to logon on to remote targets. The results of a quick scan and actions that can be made:
By choosing to analyze the scan results, you can get insight into specific vulnerabilities affecting your computer:
As an example, below you can find a list of missing service packs and where they can be found:
Now that we found what’s missing in order to make our computer safe, we can proceed to Remediate and the different options available (notice the new Remote Desktop Connections option):
To deploy the service packs, you have to choose the target computer(s), which service packs to deploy, and when you are going to do it (immediately or schedule it for some future time):
You can download the service packs manually or let LANguard do it for you. Once they’re on your local machine, you are ready to patch your computer – just press the Start button. Below are the results and keep in mind there is no progress bar during the process, so you’ll have to wait until it says “Completed” – don’t mistake the seeming inactivity for a freeze up:
The process for installing patches is identical – choose computer(s), choose patches and launch deployment. All the service packs and patches can also be de-installed from any of the computers they were installed on.
A Full Scan is done in the same way, only the results are more ample and encompass things like open ports, installed applications, etc.
On the Dashboard tab you can see your Security Status and check your scheduled operations:
The Configuration Tab lets you configure scanning profiles, the application inventory and Microsoft updates. For example, you can opt for and configure different scanning profiles that focus on specific network data:
Or different network and software audits:
You can also enable the auto-download and auto-deployment of Microsoft patches:
The Utilities tab offers the following tools that may come in handy:
Going back to the scanning and analyzing of results, it has to be said that LANguard has a rather large set of reporting capabilities. Although, for in-depth reports, you can use the LANguard ReportPack that offers an extremely wide variety of executive, statistical, and technical reports for every requirement. For every report there is an example so you can choose what suits your needs:
It’s actually a neat reporting tool that allows you to customize and schedule reports, and what’s most important, saves you a lot of time.
What’s new in Version 9?
It can detect whether a scanned machine is real or virtual, it automatically uninstalls unauthorized applications (if configured to do so), and it can establish a remote desktop connection to fix issues that cannot be fixed automatically. It also has extended hardware auditing facilities, and the above mentioned improved reporting capabilities.
GFI LANguard is a invaluable tool for administrators. The tree crucial tasks of vulnerability management (vulnerability issues, patch management and network auditing) are addressed in one package, saving effort and time.