FN SECURE: Review : GFI LanGuard - Network Security Scanner & Vulnerability Management Tool

Call Us For Workshops Or Seminars.. In Your University, Colleges, or Schools.
Email Us At : vicky@globallyunique.in

Review : GFI LanGuard - Network Security Scanner & Vulnerability Management Tool



GFI-LG-Main


I’m a firm believer in multitasking. I tend to work on several things simultaneously; the more monitors
I have connected the more things I can do in parallel, and I can bounce back and forth between tasks, given that no one interrupts me. When I find an application that can do more than one thing for me, I become very interested, and when it can do three things well, I have myself a winner! GFI LanGuard is just that; a winner, that multitasks for me by providing patch management, network security, and vulnerability scanning into a unified application which makes my network maintenance tasks quick and easy. The latest version was released just a few weeks ago so I decided to take the app out for a spin, really kick the tires, and see what it has to offer. I’ll rate each area on a ten point scale, where high scores are better. Here’s how my test drive went.

0-60 in an instant
The 124MB download came down in an instant, and my trial key was in my inbox before the download was done. GFI LanGuard uses the .NET Framework 3.5 SP1, which it will prompt you to install (along with the Windows Installer 3.1 and MDAC 2.0) if not already present. Beyond that it’s only a couple of clicks and couple of minutes to have up and running. The trial lets you scan up to five ip.addrs during the 30 day evaluation period. Since scanning for and installing patches are things that require an admin account, you should have a service account with admin rights ready to go before you begin the install. I didn’t, but that was an easy fix. For ease of install and setup I give GFI LanGuard 9 out of 10.

Ride and handling
Post install the product offers to launch the management console, and starts a scan of the local system.
Untitled

As you can see, it offers short cuts to a dashboard, a place to remediate issues, agent management, and scanning. Clicking on View details revealed some surprising information about the host I just built and patched up to host this app, and Windows Updates showed no missing patches.
Untitled

But seeing six missing patches, I reran Windows Updates and sure enough, it found the missing patches. This could have just been a matter of timing, and the server might have updated itself this evening, but I would have signed off that the server was fully patched, and obviously it wasn’t.

The two high-security vulnerabilities flagged were a lack of antivirus software, and Windows Defender was also out of date. I clicked on the scan tab, and chose to let it go out and scan my network for other systems. It found them all within a few seconds. With a total of five machines permitted in the evaluation, I decided to add two servers and two workstations from my network. I went with the manual add since I have many more than that, but options included automatically scanning the network, and importing from a list. It’s good to have options.
Untitled

The scan completed and reported the status on all of the machines, including missing patches, running software, open ports, etc.

GFI LanGuard can assess and remediate machines using an account with administrator privileges, but scans must run each time a machine is checked. You also have the option of deploying agents to managed machines, which run in the background and report system status up to the management console. This is optional, but makes checking the status of a machine faster.

Scanning does take a while. The initial scan of my five machines took almost 30 minutes. While two of the clients were on wireless, and the scanning host is a VM, I think an initial scan of a larger network could be a weekend long event or more. Pushing agents first might have been the better choice. For getting the application up and running, I give it another 9 out of 10.

Performance in the curves
Scans are a great way to go, but the real strengths show in remediation. GFI LanGuard offers several great ways to push out and roll back patches and applications. Check out the list below.
Untitled

Testing patches is critical, but sometime you won’t find an issue until a patch or update has been pushed out to clients. One of the most important parts of any patching application is the ability roll back patches, and GFI LanGuard can uninstall patches, service packs, and applications.

I pushed out patches to the Windows 7 workstations for December’s updates, and then uninstalled two of them just to try it out. Installs and uninstalls both worked smoothly, prompting the user for the required reboots each patch needed but otherwise running behind the scenes and out of sight to the user.

The straightaways
I was delighted to find that GFI LanGuard can deploy software as well. I expected it could push patches and updates, but new apps are like finding a turbo-charged 3 liter when you were expecting only a 4 cylinder 1.6. I tested this out by pushing PSPad to a workstation and it worked flawlessly. Check out the options for deployment.
Untitled
Applications can be deployed with or without switches, but configuration files (called auxiliary files) can be pushed out to clients without installation.
Untitled
Users can be warned before the install begins using custom messages.
Untitled

Post installation requirements are covered too. Letting the user decide includes setting a message.

Overall, the ability to manage software beyond patches and service packs makes GFI LanGuard a very powerful and useful addition to your network management toolset.

What about the data
GFI LanGuard offers full reporting that would satisfy the most data hungry managers. There are reports for vulnerabilities, software audits, baselines, and more. Here’s a quick snap of what you can do.
Untitled

Here’s a peek at the security overview for one of my servers. Notice that all patches and service packs are good to go, but that doesn’t mean there aren’t issues. Looks like my Wireshark install needs some attention.
Untitled

Managers may like reports, but I love data that I can act on, and being able to see out-of-date third party applications gives me something real information so I can start assigning tasks. This earns 10 out of 10 in my book.

In conclusion
GFI LanGuard is a worthy application and deserves a place of honor in your application suite. With the ability to patch software, update applications, generate reports, and run security vulnerability scans, this application has something to offer everyone; network and server admins, workstation support, application support, and information security personnel too. Earning an overall nine out of ten for performance, functionality, and usefulness, GFI LanGuard will be the next software purchase for my network.

Leave a Reply

Save this Page

Download as PDF