GFI LanGuard

GFI LanGuard's patch management feature scans your network automatically or on demand. You receive all the functionality and tools needed to effectively install and manage security and non-security patches. GFI LanGuard supports machines across Microsoft, Mac OS X and Linux operating systems as well as many third-party applications.

GFI LanGuard allows auto-downloads of missing patches as well as patch roll-back, resulting in a consistently configured environment that is protected from threats and vulnerabilities.

GFI LanGuard offers patch management support for third-party software, enabling administrators to detect, download and deploy missing patches for supported applications in the same way they monitor and manage operating systems.

GFI LanGuard offers third-party patch management support for many popular applications like Apple QuickTime; Adobe Acrobat, Adobe Flash Player, Adobe Reader and Adobe Shockwave Player; Mozilla Firefox and Mozilla Thunderbird; Java Runtime and others.

With GFI LanGuard, it is possible to patch third-party applications and upgrade to their latest versions (e.g., if an old version of Adobe Flash is detected, GFI LanGuard provides an option for upgrading to the latest version or applying all patches for the version in use).

GFI LanGuard is the first solution that automates patching for all major web browsers running on Windows systems: Microsoft Internet Explorer, Mozilla Firefox, Google Chrome™, Apple Safari and Opera™ Browser.

During security audits, more than 50,000 vulnerability assessments are conducted. With GFI LanGuard, you can perform multi-platform scans (e.g., Windows, Mac OS, Linux; and iOS, Android™ and Windows phone devices that connect to the Exchange servers) across all environments, including virtual machines, and analyze your network’s security setup and status.

GFI LanGuard gives you the power to identify and correct any threats before hackers can exploit them.

GFI LanGuard scans devices, identifies and categorizes security vulnerabilities, recommends a course of action, and gives you the tools to solve the problem.

It comes with a graphic threat level indicator – an intuitive, weighted assessment of the vulnerability status of a scanned device or group of devices. Wherever possible, a web link or more information on a particular security issue is provided such as a BugTraq ID or a Microsoft Knowledge Base article ID.

GFI LanGuard ships with a complete and thorough vulnerability assessment database, including standards such as OVAL (5,000+ checks) and SANS Top 20. This database is regularly updated with information from BugTraq, SANS Corporation, OVAL, CVE and others.

Through its auto-update system, GFI LanGuard is continually kept up-to-date with information about newly released Microsoft security updates as well as new vulnerability checks issued by GFI and other community-based information repositories such as the OVAL database.

GFI LanGuard integrates with more than 2,500 critical security applications in the following categories: antivirus, anti-spyware, firewall, anti-phishing, backup client, VPN client, URL filtering, patch management, web browser, instant messaging, peer-to-peer, disk encryption, data loss prevention and device access control.

It also provides reports on their status (e.g., if antivirus is enabled and up-to-date, the firewall is turned on; the status of backup software; a list of instant messaging or peer-to-peer applications installed on your network, etc.). It also rectifies any issues that require attention (e.g., trigger antivirus/anti-spyware update; start antivirus/anti-spyware scans; enable antivirus/firewall; uninstall peer-to-peer, etc.).

As well as running vulnerability checks on computers on your network, GFI LanGuard also supports vulnerability scanning on smartphones and tablets running Windows, Android™ and iOS, plus a number of network devices such as printers, routers and switches from manufacturers like HP and Cisco.

GFI LanGuard’s network auditing  gives you a comprehensive view of your network: connected USB devices, smartphones and tablets; software that is installed; any open shares, open ports and weak passwords in use; and hardware information.

The solution's in-depth reports give you an important and real-time snapshot of your network's status.

You can easily analyze scan results using filters and reports, enabling you to proactively secure your network by closing ports, deleting users or groups that are no longer in use, or disabling wireless access points.

GFI LanGuard shows detailed information about the hardware configuration of all the scanned machines on your network.

It retrieves a list of all devices from the Device Manager tool from the Windows operating systems, including motherboard, processors, memory, storage devices, display adapters and many more. Using its network history view, you can now check whether any hardware was added or removed since the last scan.

GFI LanGuard provides a summary of the current network security status and a history of all relevant changes in the network over time. It also drills down through information, from network-wide security sensors to individual security scan results.

Organizations that use or plan to use virtualization on their network can install and use a range of GFI products with confidence.

GFI LanGuard supports and runs on the most common virtualization technologies in use, namely VMware, Microsoft Virtual Server, Microsoft Hyper-V, Citrix and Parallel. It also detects virtual machines hosted by the scanned computer.

All businesses handling cardholder data, regardless of size, have to be fully compliant with strict security standards drawn up by the world’s major credit card companies.

GFI LanGuard provides complete vulnerability management coupled with extensive reporting. That makes GFI LanGuard an essential, highly cost-effective solution for your organization to safeguard your network and gauge the effectiveness of your PCI DSS, HIPAA, SOX, GLB/GLBA or PSN CoCo compliance program.

Multiply the value of GFI LanGuard with powerful reporting – its reports are designed to satisfy the requirements of both management and technical staff.

These reports can be exported to popular formats like PDF, HTML, XLS, XLSX, RTF and CVS, and can be scheduled and sent by email. They can also be used as a template to create new custom reports and are fully re-brandable.

The agent technology enables automated network security audits and distributes the scanning load across client machines. The administrator simply needs to define the network perimeter and provide credentials to enable automatic network discovery, agent deployment and auditing of the client machines. Manual intervention is necessary only when fine-tuning is required.

This feature provides the following benefits:

• High speed: Scan hundreds or thousands of machines in just a few minutes.
• Automation: Agents update the client status on the server on a regular schedule. Every time the application is opened, users can analyze a complete and up-to-date network security overview.
• Scalability: Due to distributed load, it is possible to scan more machines in one go, even in WAN environments.
• Accuracy: Local scans have less failure points than remote scans; agents will continue to work even when computers are not connected to the network.

An agent may also be designated a “relay agent” in order to distribute the remediation load across the network.