GFI LANGuard Network Security Scanner
February 01, 2006
$495 for up to 32 addresses
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Very flexible. Many options on scan profiles. Many ways to configure the scanning and analysis options.
- Weaknesses: Unclear or incorrect documentation, limited scan results, and confusing interface.
- Verdict: Powerful scanner, although some quirks take getting used to.
This is a straightforward vulnerability scanner that also manages patch deployment. It can push patches and service packs out to target computers by means of a patch agent installed on the target. We found it generally competent and straightforward to install on our Windows 2000 notebook.
Documentation for NSS comes as a downloadable PDF file. It has several errors that seem to stem from an incomplete conversion from a Microsoft Word document. But it is well-illustrated with screen shots and the installation section is adequate. Support is via the website.However, once the product is installed, it is not intuitive to use. Engineers who are familiar with a wide range of scanners will see much that is familiar, but others will find themselves referring to the manual constantly, a problem because the manual is not always as clear as it should be.
We found the options available on the interface confusing at times and the available scan options were not always clearly explained.
In terms of performance, NSS turned in the fewest identified vulnerabilities of all the products we reviewed by a considerable amount.
The product has many useful features and a scripting language based on Microsoft VisualBasic. The feature set is its strongest point, and scans and patch deployments can be scheduled and the scanner run from the command line. The manual is very brief and was little help to us as we struggled with learning the product.
The scanner can store results in a Microsoft SQLServer (good for large systems) or in an Access database. This choice is configured at install time. Reports are defined using scan filters. Scans can be defined using scan profiles.
This is a capable scanner, but to use it effectively requires spending a fair bit of time playing with it in order to understand its quirks and capabilities.
Sign up to our newsletters
SC Magazine Articles
- 'Sexy Girls' wallpaper app in Google Play store accessed account info
- Zeus variant targeting Canadian banks, U.S. banks may also be a target
- New attack uses ransomware to drop trojans and keyloggers
- 'GHOST' bug in Linux library enables remote takeover of victim's system
- Firm finds link between Regin spy tool and QWERTY keylogger
- Report: From Q3 to Q4, 90 percent increase in global DDoS attacks observed
- Researchers observe databases being encrypted, websites held for ransom
- ZeroAccess botnet reactivates, click fraud activity resumes
- BCBS of Tennessee shares personal data on 80K in marketing campaign
- Tips for organizations in the wake of the biggest corporate hack in history