GFI LANGuard Network Security Scanner
February 01, 2006
$495 for up to 32 addresses
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Very flexible. Many options on scan profiles. Many ways to configure the scanning and analysis options.
- Weaknesses: Unclear or incorrect documentation, limited scan results, and confusing interface.
- Verdict: Powerful scanner, although some quirks take getting used to.
This is a straightforward vulnerability scanner that also manages patch deployment. It can push patches and service packs out to target computers by means of a patch agent installed on the target. We found it generally competent and straightforward to install on our Windows 2000 notebook.
Documentation for NSS comes as a downloadable PDF file. It has several errors that seem to stem from an incomplete conversion from a Microsoft Word document. But it is well-illustrated with screen shots and the installation section is adequate. Support is via the website.However, once the product is installed, it is not intuitive to use. Engineers who are familiar with a wide range of scanners will see much that is familiar, but others will find themselves referring to the manual constantly, a problem because the manual is not always as clear as it should be.
We found the options available on the interface confusing at times and the available scan options were not always clearly explained.
In terms of performance, NSS turned in the fewest identified vulnerabilities of all the products we reviewed by a considerable amount.
The product has many useful features and a scripting language based on Microsoft VisualBasic. The feature set is its strongest point, and scans and patch deployments can be scheduled and the scanner run from the command line. The manual is very brief and was little help to us as we struggled with learning the product.
The scanner can store results in a Microsoft SQLServer (good for large systems) or in an Access database. This choice is configured at install time. Reports are defined using scan filters. Scans can be defined using scan profiles.
This is a capable scanner, but to use it effectively requires spending a fair bit of time playing with it in order to understand its quirks and capabilities.
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure