GFI LanGuard 2012
Strengths: Full vulnerability management suite in one easy-to-use application.
Weaknesses: None that we found.
Verdict: This is a very well-integrated vulnerability management system. It is our selection for Recommended – on-premises product.
GFI LanGuard 2012 offers a full set of vulnerability scanning and management features. This product brings together vulnerability scanning, remediation and patch management, and network and software auditing all under one easy-to-use product. LanGuard is software-based and can be installed on almost any Microsoft Windows machine in the enterprise environment and can scan Windows, Linux/UNIX and Mac OS targets on the network.
We found installation and deployment to be easy and straightforward. The initial setup was done by simply running the installation executable. When we launched the installer, we were presented with a short installation wizard that also preloaded all the necessary components needed to run the LanGuard software, including the .NET Framework and other prerequisites. After the installation was complete, we were able to launch the application and get started. The first time we launched the application, it ran a scan of the local machine and gave a full vulnerability and inventory report. After that scan was complete, we began using the interface, which we found easy and intuitive to navigate. Also, it features many colorful charts and graphics, as well as many expandable scanning results.
This solution can run in both agent-based as well as agentless modes. Agents can be easily deployed to provide scanning ability to remote machines or laptops that may need to leave the enterprise. This ensures that all inventory is monitored even when not connected directly to the network. From a compliance standpoint, this tool comes preloaded with many scanning templates that cover various regulations, including PCI DSS, HIPAA, GLBA, and PSN CoCo (Public Services Network Code of Connection) among many others. LanGuard allows for administrators to scan network assets for vulnerabilities on an ongoing basis, as well as monitor possible changes that could affect security and compliance, such as newly installed applications.
Documentation was comprised of a few PDF guides, including installation, administrator and scripting manuals. The installation guide provided a detailed overview of implementation of the product, agent deployment and a basic feature overview. We found all guides to contain many screen shots and step-by-step instructions in a clear and organized format.
GFI includes full product and technical support for one year as part of the purchase price. After the first year, customers can purchase additional assistance as part of an annual maintenance contract. Aid offered includes 24/7 phone- and email-based technical support, as well as access to updates and upgrades, web-based chat, and a full online knowledge base and user forum.
At a price starting at around $12 per seat for 100 to 249 seats, this product may seem a little expensive at first glance, but we find it to be an excellent value for the money. GFI LanGuard is really a few different nicely designed and easy-to-use products in one. With the purchase of this product, customers get a vulnerability scanner, patch management system and compliance auditing platform all in one, which we find is well worth the cost.