There are many software suites out there that can scan your entire network for security vulnerabilities, but they are mostly very expensive. Recently, while testing software, I came across another program that provides solutions for computer security, application security and network security all in one package for a cheap price.
GFiLANguard is an award-winning software suite that address three main areas of security for IT networks: security scanning, patch management, and network auditing. The program will scan your entire network looking for over 15,000 possible vulnerabilities.
The great thing about GFI LANGuard is that it can either be used immediately without any configuration or you can customize it by writing your own custom vulnerability checks using Pythod or VB scripts. It also has a very extensive reporting engine, which makes it easy for you to detect, analyze, and fix any security threats.
Here’s a quick overview of the main features of the three areas that GFI LANGuard targets.
Security Vulnerability Scanning
- Scans for over 15,000 security vulnerabilities on your entire network
- Ability to perform multi-platform security scans, i.e. Windows, Mac, Linux
- Ability to detect virtual machines running in either VMware or Virtual PC
- Ability to create custom vulnerability checks using wizard-assisted screens (includes a script editor and debugger)
- Scans, identifies and categorizes security vulnerabilities. Recommends solutions and provides tools to fix problems.
- Ensures that third-party security programs, like anti-virus and anti-spyware programs, are up-to-date and functioning.
- Quickly create different types of scans and vulnerability checks such as open ports, unused local users and groups, blacklisted applications, dangerous USB devices, unauthorized wireless nodes, etc.
Patch Management and remediation
- Ability to install and manage patches on machines running different versions of Windows and other software products, such as Office, etc.
- Auto-download of missing patches and the ability to roll-back patches
- Ability to deploy custom software to client machines
- Monitors Microsoft WSUS to make sure patches are being properly applied and performs additional tasks such as deploying MS Office and custom software packages.
- Ability to choose which applications are authorized and which are not authorized to run on the network. Unauthorized applications are uninstalled automatically if they support silent uninstalls.
- Ability to remote desktop into client machines to fix security threats or deploy software
Network and Software Auditing
The network auditing function will go through in great detail and tell you about which USB devices are connected to computers, what software is installed, which shares are open, which ports are open, which accounts are using weak passwords, and information about hardware.
- Detailed information about hardware configurations of all machines on the network, including motherboard, processors, memory, storage devices, display adapters and more.
- Create automatic scheduled scans on a daily, weekly or monthly basis and have alerts sent of new security holes. New scans will be compared to previous scans so only the information that has changed will be emailed to you instead of everything.
- Ability to enable security auditing on all NT/2000/XP/Vista machines.
- Ability to scan and report on Linux machines also
Overall, the program has a lot of feature and many more that I have not mentioned here. If you are looking for a software suite for your IT department that checks for security vulnerabilities, GFI LANGaurd is your cheapest answer.
You can always use free tools like Microsoft Baseline Security Analyzer, but it’s meant for individual computers, not large networks. Enjoy!