GFI LANguard Network Security Scanner Review

April 14th, 2007

admin

GFI Logo
On this 2nd Saturday edition of PaulTech, I am pleased to bring you GFI’s LANGuard “Network Security Scanner”. I’ve been authorized by both Paul and GFI to bring you guys a review of the LANGuard “Network Security Scanner” security suite. I would urge everyone to take note, as computer security is always something to pay attention to, regardless of your skill with computers. After having received and installed my evaluation package, I immediately got to work.

Notes about the installation: While installing, I was asked if I wanted to store the results of subsequent scans in a Microsoft Access/SQL server/MSDE database backend. Though I only have Access database skills, it’s refreshing to see that this program is also tailored towards higher-risk commercial organizations. The software suite consists of four parts: 1) the Security Scanner, 2) a Script Debugger, 3) a Status Monitor, and 4) a LNSS Troubleshooter. This review will focus primarily on the Security Scanner software.

Over on the right is the first screen you will see upon loading up the Security Scanner for the first time. Each different operation, whether “Vulnerability Scanning” or “Network Auditing”, has individual sub-scans that can be performed, which focus on specific issues or specializations. In my test scan, I ran the “Top 20 SANS Vulnerabilities” scan on my localhost, with Access database backlogging. This backlogging means I can open the results of any scan in Microsoft Access at a future time, as well as what the software recommends to do. Apparently, over 15,000 vulnerabilities are scanned for during a full sweep of a network; quite a staggering number.

During my first run through, I realized I have to open a couple ports for the software to communicate with GFI’s server about fetching and scanning my computer for vulnerabilities. After I had followed the instructions to do that, I reran the test. Apparently, my only issue during the scan is I left my Guest account on, and it registered a vulnerability. That’s fixed, now. A picture of the scanning process is over to the left. As you can see at the bottom, up to three scans can be run at the same time (possibly over multiple machines).

Although I don’t have nearly enough room to explain all of the features, like the ability to remotely roll out patches and service packs onto other systems (provding you have the required credentials), and monitor the status of your whole network on one platform, GFI’s LANGuard suite of software looks to be an excellent utility in keeping everything from small- to enterprise-sized networks safe and secure, as well as making it easy to update and patch machines that aren’t secure at the time.

Pricing for the suite is geared toward corporations, with the smallest package (32 IP addresses) going for $575. Consultant licenses are available for network consultants to scan machines that are not under their control.

From what I’ve seen so far, GFI’s LANGuard Network Security Scanner is one of the few “Prime Rib” selections among security management suites. Commercial establishments, if they can stomach the price, are recommended to investigate this software. I was impressed with the features and tools available, but was really blown away by the ease of how I could remotely monitor, scan, and update PCs not readily available to myself; and as such, render a “Highly Recommended” verdict of GFI’s LANGuard package.