GFI LANGuard Network Security Scanner
February 01, 2006
$495 for up to 32 addresses
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Very flexible. Many options on scan profiles. Many ways to configure the scanning and analysis options.
- Weaknesses: Unclear or incorrect documentation, limited scan results, and confusing interface.
- Verdict: Powerful scanner, although some quirks take getting used to.
This is a straightforward vulnerability scanner that also manages patch deployment. It can push patches and service packs out to target computers by means of a patch agent installed on the target. We found it generally competent and straightforward to install on our Windows 2000 notebook.
Documentation for NSS comes as a downloadable PDF file. It has several errors that seem to stem from an incomplete conversion from a Microsoft Word document. But it is well-illustrated with screen shots and the installation section is adequate. Support is via the website.However, once the product is installed, it is not intuitive to use. Engineers who are familiar with a wide range of scanners will see much that is familiar, but others will find themselves referring to the manual constantly, a problem because the manual is not always as clear as it should be.
We found the options available on the interface confusing at times and the available scan options were not always clearly explained.
In terms of performance, NSS turned in the fewest identified vulnerabilities of all the products we reviewed by a considerable amount.
The product has many useful features and a scripting language based on Microsoft VisualBasic. The feature set is its strongest point, and scans and patch deployments can be scheduled and the scanner run from the command line. The manual is very brief and was little help to us as we struggled with learning the product.
The scanner can store results in a Microsoft SQLServer (good for large systems) or in an Access database. This choice is configured at install time. Reports are defined using scan filters. Scans can be defined using scan profiles.
This is a capable scanner, but to use it effectively requires spending a fair bit of time playing with it in order to understand its quirks and capabilities.
SC Magazine Articles
- Was Spotify breached? Account info shows up on Pastebin
- Report: Ransomware feeds off poor endpoint security
- Researcher finds backdoor that accessed Facebook employee passwords
- Intelligence court affirms FBI's right to search Americans' emails without a warrant
- Most orgs couldn't quickly detect breach, study
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Federal court bucks trend, rules general liability insurance covers data breach
- The anatomy of a spearphishing scam, or how to steal $100M with a fake email
- 3,000 Tidewater Community College workers victimized in W-2 scam
- Ransomware rampant, but chinks found in its armor
- Mining company's data is more valuable than gold
- PCI DSS version 3.2 release extends multifactor authentication requirement
- RSA EMEA Summit: Writing a security strategy that will make Vivaldi proud
- U.S. CIO hints federal adoption of 'bimodal IT' to balance old and new tech