GFI LanGuard Network Scanner
The GFI LanGuard network scanner is a popular network and security tool for scanning and resolving security vulnerabilities. Today, there are tens of thousands of customers that use the product. Like any security scanner, the GFI LanGuard network scanner provides the capability for you to scan your ports and networks to identify and resolve security vulnerabilities. GFI LanGuard provides over 15,000 vulnerability assessments when your network and virtual environments are scanned. Once scanned, you can analyze your network security state and take action to secure the network before it is compromised.
GFI LanGuard provides three broad capabilities:
- Identify and resolve problems related to vulnerability issues.
- Network auditing.
- Patch management.
These capabilities enable any organization to more quickly determine the risk of your current network configurations, and then reach a more secure state as quickly as possible. GFI LanGuard performs network scans based upon the use of published vulnerability databases. GFI LanGuard network scanner uses data from both OVAL and SANS Top 20.
OVAL is an information security community project to standardize how to assess and report upon the machine state of designated computer systems. OVAL includes a special language to encode system details, and several content repositories. OVAL provides data on system assessment to include:
- System information, expressing specific machine states, and reporting the results of an assessment.
- Accurate and actionable information so users may improve their security.
- Reliable information assurance metrics that help ensure interoperability and automation.
The Center for Internet Security (CIS) Top 20 Critical Security Controls (previously called the SANS Top 20 Critical Security Controls), is an ordered set of practices created to stop the most dangerous cyberthreats. The SANS Top 20 has been developed through the global cooperative effort of leading security experts. It is typically updated and revised yearly with new data.
Patch management brings substantial value. GFI LanGuard’s patch management enables you to deploy and manage patches on all machines utilizing a broad variety of Microsoft operating systems. Not only can you upload necessary Microsoft security updates, you can also automatically deploy the missing Microsoft patches or service-packs through GFI LanGuard automation done at the end of your scans.
GFI LanGuard network scanner also has an important network audit function. The software will retrieve hardware information on motherboards, memory, display adaptors, various processors, storage devices, printers, ports in use, and more. You can compare the data from this new scan to determine if any hardware was added or removed since the last scan. Perhaps more important, the GFI LanGuard network scanner can also report on shadow IT software installations (unauthorized software), provide the necessary alerts for your information technology (and possibly your governance and compliance teams). It is also possible to configure the system to automatically deinstall the offending applications.
As noted earlier, over 15,000 vulnerability assessments are made as networks are scanned. GFI LanGuard gives you the capability to perform multi-platform scans and network audit functions to understand how all the configured ports are set up. This includes Windows, Mac, Linux and more extended across all environments including Virtual Machines. The goal is to be able to identify and mitigate any vulnerabilities before a threat actor can do so.
The GFI LanGuard network scanner also easily creates custom vulnerability checks. The software includes a set-up wizard. There is also a scripting engine compatible with Python and VBScript. This comes with a script editor and debugger. GFI LanGuard also makes use of a graphical threat level indicator. This provides an easy-to-understand, weighted assessment of the vulnerability status of a scanned computer. It may also provide a link to a BugTraq ID or a Microsoft Knowledge Base ID.
Very often security controls will fail or stop working as they are out of date. GFI LanGuard can check to see if antivirus and anti-malware software are updated with the latest files and have the right features configured.
Scans can be configured to identify different types of vulnerabilities to identify potential security issues. These include:
- Shadow IT applications are usually both unauthorized and potentially dangerous and should be blocked per your policies. You can also link this to a security alert. GFI LanGuard 9 allows you to define authorized applications which can be installed on the network, and block list applications. During a scan, any unauthorized blocklist applications are identified and (optionally) uninstalled automatically by GFI LanGuard. An integrated Auto-Uninstall Validation tool is provided to help identify which of the detected applications support silent uninstall and can thus be safely and automatically uninstalled.
- GFI LanGuard scans for unnecessarily open ports and makes sure there is no port hijacking.
- GFI LanGuard removes or disables user accounts which are o longer in use.
- GFI LanGuard finds and scans all devices connected to USB or wireless link. You can also link this to a security alert.
GFI LanGuard can help you deploy service packs and patches throughout your networks. It provides you capabilities such as patch auto-download and patch rollback. Your network admin has the option to either to manually approve each patch or set all Microsoft updates as approved.
The GFI LanGuard audit function is important. It identifies if USB devices are connected, what software they are using, any open ports, hardware information, and more.
The GFI LanGuard network scanner will also identify detailed information about the hardware configuration of all the scanned machines on your network. This includes motherboard, processors, memory, storage devices, display adapters, and much more. You can now check whether any hardware was added or removed since your last scan.
GFI LanGuard requires:
- Secure Shell is included in every Linux OS distribution pack.
- Windows 2000 (SP4), XP (SP2), 2003, VISTA operating system · Internet Explorer 5.1 or higher.
- The client for Microsoft Networks component, which is included by default in Windows 95 or later.
Want to learn more? Check out our FREE Bugcrowd University to sharpen your hacking skills.
Organizations the world over need your help! Join our researcher community to connect with hundreds of organization programs focused on finding their security vulnerabilities. Our vast directory includes programs for all skill levels, across many industries and from around the world.
Get started with Bugcrowd
Hackers aren’t waiting, so why should you? See how Bugcrowd can quickly improve your security posture.