Products > GFI LANguard VulnerabilityManager > Features	Print this page  |  Datasheet

GFI LANguard VulnerabilityManager scans computers, identifies and categorizes security vulnerabilities, carries out over 15,000 vulnerability assessments, recommends a course of action and provides tools that enable you to solve these issues. GFI LANguard VulnerabilityManager also makes use of a graphical threat level indicator that provides an intuitive, weighted assessment of the vulnerability status of a scanned computer or group of computers. Wherever possible a web link or more information on a particular security issue is provided, such as a BugTraq ID or a Microsoft Knowledge Base article ID.

GFI LANguard VulnerabilityManager ships with a complete and thorough vulnerability assessment database which includes standards such as OVAL (2,000+ checks) and SANS Top 20. This database is regularly updated with information from BugTraq, SANS Corporation, OVAL, CVE and others. Through its auto-update system, GFI LANguard VulnerabilityManager is always kept updated with information about newly released Microsoft security updates as well as new vulnerability checks issued by GFI and other community-based information repositories such as the OVAL database.

GFI LANguard VulnerabilityManager also checks that supported security applications such as anti-virus and anti-spyware software are updated with the latest definition files and are functioning correctly. For example, you can ensure that supported security applications have all key features (such as real-time scanning) enabled.

You can easily configure scans for different types of information; such as open shares on workstations, security audit/password policies and machines missing a particular patch or service pack. You can scan for different types of vulnerabilities to identify potential security issues. These include:

• Open ports: GFI VulnerabilityManager scans for unnecessary open ports and checks that no port hijacking is in force.
• Unused local users and groups: Remove or disable User accounts no longer in use.
• Blacklisted applications: Identify unauthorized or dangerous software and add to blacklists of applications you want to associate with a high security vulnerability alert.
• Dangerous USB devices, wireless nodes and links: Scans all devices connected to USB or wireless links and alerts you of any suspicious activity.
• And much more! View screenshot.

GFI LANguard VulnerabilityManager allows you to easily create custom vulnerability checks through wizard-assisted custom-vulnerability condition setup screens. You can also write complex vulnerability checks using the GFI LANguard VulnerabilityManager VBScript-compatible script engine. GFI LANguard VulnerabilityManager includes a script editor and debugger to help with script development.

GFI LANguard VulnerabilityManager enables you to easily analyze and filter scan results by clicking on one of the default filter nodes. This enables you to identify, for example, machines with high security vulnerabilities or machines that are missing a particular service pack. Custom filters can also very easily be created from scratch or customized. You can also export scan results data to XML. View screenshot.

You can perform an unattended default installation of GFI LANguard VulnerabilityManager on multiple computers in the background without any user interaction or intervention. Customization of the deployment parameters is also possible through the creation of Microsoft Transform (MST) files. More information about MST files!

GFI LANguard VulnerabilityManager allows you to store separate authentication details for every target computer on your network, avoiding the need to specify authentication credentials prior to every scan. In a single scanning session, it is possible to audit all the targets in your network, even if they require different authentication details/methods.

• Automatically checks the password policy for all machines on the network
• Checks for programs that run automatically (potential trojans)
• Finds out if the OS is advertising too much information
• Performs simultaneous scans through the multithread scan engine
• Provides NetBIOS hostname, currently logged username and MAC address
• Provides a list of shares, users (detailed info), services, sessions, remote TOD (time of day) and registry information from remote computer (Windows)
• SNMP device detection, SNMP Walk for inspecting network devices like routers, network printers and more
• Offers alternative command line deployment tool
• Identifies all installed Windows services
• Support for Microsoft Windows Vista.

Many leading companies have chosen GFI LANguard VulnerabilityManager. Here are just a few: Daimler Chrysler, NATO, Siemens Communications Limited, EDS, United Overseas Bank Ltd, Virgin Mobile, Medical Research Council (UK), Anglicare, KLM, and many more. Customer list and customer testimonials.