GFi LANguard Network Security Scanner

More information

Overview

Three pillars of network vulnerability management

GFI LANguard Network Security Scanner (N.S.S.) is an award-winning solution that addresses the three pillars of vulnerability management: Security scanning, patch management and network auditing.  Having to deal with problems related to vulnerability issues, patch management and network auditing separately, at times using multiple products, is a major concern for administrators.  Thanks to GFI LANguard N.S.S., all three issues are dealt with in a single solution, using a single, integrated console with extensive reporting functions.

Detect security vulnerabilities on your network

Networks are checked IP by IP and scanned for over 15,000 vulnerability assessments.  GFI LANguard N.S.S.  gives administrators the information and tools they need perform multi-platform scans across all environments, to analyse their network’s security health and effectively install and manage patches on all machines across different operating systems and in different languages.  This results in a consistently configured environment that is secure against all vulnerabilities.

Award winning security scanner and patch management

Voted the best commercial network security scanner by users of Nmap for two years running, named the winner in the Patch Management category in TechTarget’s 2006 ‘Products of the Year’ awards and voted the Gold Winner in 2005, in the Testing and Auditing category, GFI LANguard N.S.S.  is the most complete vulnerability management solution in one convenient integrated package.

Why use GFI LANguard N.S.S.?

• Audit your network for security vulnerabilities (Windows and Linux)
• Detect unnecessary shares, open ports and unused user accounts on workstations
• Check for and deploy missing security patches and service packs in OS and Office
• Very affordable 3-in-1 security vulnerability solution
• #1 Windows commercial security scanner (voted by Nmap users for two years running).  

Features

Vulnerability scanning

During security audits, networks are checked IP by IP and scanned for over 15,000 vulnerability assessments.  GFI LANguard N.S.S.  gives administrators the information and tools they need to perform multi-platform scans (Windows, Mac OS, Linux) across all environments and to analyse their network’s security health from a single source of data.  It ensures that administrators identify weaknesses before hackers do so.

IMPROVED! – Identify security vulnerabilities and take remedial action

GFI LANguard N.S.S.  scans computers, identifies and categorises security vulnerabilities , recommends a course of action and provides tools that enable you to solve these issues.  GFI LANguard N.S.S.  also makes use of a graphical threat level indicator that provides an intuitive, weighted assessment of the vulnerability status of a scanned computer or group of computers.  Wherever possible, further information or a web link is included regarding the security issue, for example a BugTraq ID or a Microsoft Knowledge Base article ID.  View screenshot.

IMPROVED! – Extensive, industrial-strength vulnerabilities database

GFI LANguard N.S.S.  ships with a complete and thorough vulnerability check database, which includes standards such as the OVAL vulnerability checks (2000+ checks) and the SANS Top 20 vulnerability checks.  This database is regularly updated with information from BugTraq, SANS Corporation, OVAL, CVE and more.  Through its auto-update system, GFI LANguard N.S.S.  is always kept updated with information about newly released Microsoft security updates as well as new vulnerability checks issued by GFI and other community based information repositories such as the OVAL database.

Ensures that third party security applications such as anti-virus and anti-spyware offer optimum protection

GFI LANguard N.S.S.  also checks that supported security applications such as anti-virus and anti-spyware software are updated with the latest definition files and are functioning correctly.  For example, you can ensure that supported security applications have all key features (such as real-time scanning) enabled.

Easily creates different types of scans and vulnerability tests

Administrators can easily configure scans for different types of information; such as open shares on workstations, security audit/password policies and machines missing a particular patch or service pack.  Different types of vulnerabilities can be scanned for to identify potential security issues such as:

• Open ports: GFI LANguard N.S.S.  scans your network for unnecessary open ports (such as www, FTP, Telnet, SMTP) through its TCP/IP and UDP port scanning engine and check that no port hijacking is in force.  
• Unused local users and groups: User accounts that are no longer being used present a high security risk to your entire network and it is highly recommended to remove or disable these accounts.  
• Blacklisted applications: Through the discovery of all the applications that are currently installed on the target computers, you can identify unauthorised or dangerous software.  This is achieved through blacklists of applications that you want to locate and associate with a high security vulnerability alert.  
• Dangerous USB devices, wireless nodes and links: Uncontrolled USB and wireless device installations are a serious security problem.  GFI LANguard N.S.S.  scans all devices connected to USB or wireless links and alerts you of any suspicious activities.
• And much more!

NEW! – Setup your own custom vulnerability checks

GFI LANguard N.S.S.  enables you to easily create custom vulnerability checks through wizard-assisted custom-vulnerability condition setup screens.  You can also write complex vulnerability checks using the GFI LANguard N.S.S.  VBScript-compatible script engine.  GFI LANguard N.S.S.  includes a script editor and debugger to help with script development.

Easily analyse and filter scan results

GFI LANguard N.S.S.  enables you to easily analyse and filter scan results by clicking on one of the default filter nodes.  This enables you to identify, for example, machines with high security vulnerabilities or machines that are missing a particular service pack.  Custom filters can also very easilty be created from scratch or simply customised.  You can also export scan results data to XML.

Patch management

When a scan is complete, GFI LANguard N.S.S.  gives administrators all the functionality and tools they need to effectively install and manage patches on all machines across different operating system platforms and 38 languages.  GFI LANguard also allows auto-downloads of missing patches as well as patch roll-back.  Custom software can also be deployed.  This results in a consistently configured environment that is secure against all vulnerabilities.

IMPROVED!– Automatically deploy network-wide patch and service pack management

With GFI LANguard N.S.S.  you can easily deploy missing service packs and patches network-wide.  GFI LANguard N.S.S.  is the ideal tool to monitor that Microsoft SUS is doing its job properly and it performs tasks SUS cannot do such as deploying Microsoft Office and custom software patches.  GFI LANguard N.S.S.  also provides you with new features such as patch auto-download and patch rollback.  It is also Unicode compliant and able to support patch management in all the 38 lanugages currently supported by Microsoft.

Deploys custom/3rd party software and patches network-wide

Besides deploying patches and service packs, GFI LANguard N.S.S.  enables you to easily deploy 3rd party software or patches network-wide.  Use this feature to deploy client software, update custom or non-Microsoft software, virus updates and more.  The custom software deployment feature obsoletes the need for Microsoft SMS, which is too complex and expensive for small to medium sized networks.

Network and software auditing

GFI LANguard N.S.S.'s auditing function tells administrators all they need know about their network – wireless access points, open shares, open ports, weak passwords and others – giving them an important and real-time snapshot of the network’s status.  Scan results can be easily analysed using filters and reports, enabling administrators to proactively secure their network – for example, by shutting down unnecessary ports or closing shares, etc.

Automatically receive alerts of new security holes

GFI LANguard N.S.S.  can perform scheduled scans (for instance daily or weekly) and can automatically compare results to previous scans.  Any new security holes or security setup changes discovered on your network are emailed to you for analysis.  This enables you to quickly identify newly created shares, installed services, installed applications, added users, newly opened ports and more.

Predefine authentication details

GFI LANguard N.S.S.  allows you to store separate authentication details for every target computer on your network, avoiding the need to specify authentication credentials prior to every scan.  In a single scanning session, it is possible to audit all the targets in your network, even if they require different authentication details/methods.

Check if security auditing is enabled network-wide

GFI LANguard N.S.S.  checks if each NT/2000/XP/VISTA machine has security auditing enabled.  If not, GFI LANguard N.S.S.  alerts you and allows you to enable auditing remotely.  Security event auditing is highly recommended – it detects intruders in real time.

Scan and retrieve OS data from Linux systems

It is possible to remotely extract OS data from Linux-based systems and scan results are presented in the same way as for Windows-based computers.  This means that both Linux and Windows-based computers can be investigated in a single scanning session!  GFI LANguard N.S.S.  includes numerous Linux security checks including rootkit detection.  GFI LANguard N.S.S.  can use SSH Private Key files instead of the conventional password string credentials to authenticate to Linux-based target computers.

Other features

Multiply the value of GFI LANguard N.S.S.  with powerful reporting

Reports designed to satisfy the requirements of both management and technical staff.  These deliver a graphical view of the security health status of your network.  From trend reports for management (ROI) to daily drill-down reports for technical staff; the GFI LANguard N.S.S.  ReportPack provides you with the easy-to-view information you need, to fully understand the ever-changing security environment of your network.  Full automation and custom scheduling provide you with true install-and-forget functionality!

Silent installation support

You can perform an unattended default installation of GFI LANguard N.S.S.  on multiple computers in the background without any user interaction or intervention.  Customisation of the deployment parameters is also possible through the creation of Microsoft Transform (MST) Files.

UPDATED! – Other features:

• Automatically checks the password policy for all machines on the network
• Checks for programs that run automatically (potential trojans)
• Finds out if the OS is advertising too much information
• Performs simultaneous scans through the multithread scan engine
• Provides NetBIOS hostname, currently logged username and MAC address
• Provides a list of shares, users (detailed info), services, sessions, remote TOD (time of day) and registry information from remote computer (Windows)
• SNMP device detection, SNMP Walk for inspecting network devices like routers, network printers and more
• Offers alternative command line deployment tool
• Identifies all installed Windows services.  

Report Pack Add-on

Get the info you need when you need it with the GFI LANguard N.S.S.  ReportPack add-on

The GFI LANguard N.S.S.  ReportPack add-on is a full-fledged reporting companion to GFI LANguard N.S.S.  This reporting package can be scheduled to automatically generate graphical IT-level and management reports based on the data collected during your security scans.

The reports created are designed to satisfy the requirements of both management and technical staff deliver a graphical view of the security health status of your network.  From trend reports for management (ROI) to daily drill-down reports for technical staff; the GFI LANguard N.S.S.  ReportPack provides you with the easy-to-view information you need, to fully understand the ever-changing security environment of your network.  Full automation and custom scheduling allow you true install-and-forget functionality!

The GFI LANguard N.S.S.  ReportPack allows you to create different types of reports, including:

• Executive reports: Provide overview and trend analysis information through graphical reports
• Statistical reports: Provide information related to vulnerability and operating system distribution throughout the network
• Technical reports: Provide technical information on vulnerabilities, missing patches and trojans
• Top 20 reports: Provide the top 20 most vulnerable hosts based on open ports, missing patches or trojans.  

NOTE: The GFI LANguard N.S.S.  ReportPack is an add-on to the GFI LANguard N.S.S.  software; please download and install GFI LANguard N.S.S. before installing the ReportPack.