Close the door on patch vulnerabilities

GFI LanGuard enables you to manage and maintain end-point protection across your network. It provides visibility into all the elements in your network, helps you assess where there may be potential vulnerabilities, and enables you to patch them. The patch management and network auditing solution is easy-to-use and easy-to-deploy.

Protect your network with patch management, auditing and security scanning

Patch management, auditing and security scanning

GFI LanGuard is a leading network security scanner and patch management solution that acts as a virtual security consultant. It gives you a complete picture of your network set up, provides risk analysis, and helps you maintain a secure and compliant network with minimal effort.

So how does LanGuard work? The first step is to scan the network to discover all your devices, including mobile devices, and search for security issues.

Once discovered, the devices can be managed either by performing remote agentless scans or by deploying agents.

To perform a remote agent list scan, you simply need to specify your target machines. Select a scanning profile that indicates what to look for, enter proper credentials and there you go.

GFI LanGuard will remotely detect your servers workstations laptops, mobile devices such as smartphones and tablets, and even virtual machines, routers switches and printers. Using the dashboard to analyze the scan results.

LanGuard Feature Summary

View your network and find threats

  • Automatically discover all the elements in your network, including computers, laptops, mobile phones, tablets, printers, servers, virtual machines, routers and switches.
  • Group your devices for better management. Distribute management to different teams and see everything from a central management dashboard.

Find gaps that threats can exploit

  • Scan your network for missing patches.
  • Find gaps in common operating systems. Identify missing patches in web browsers and third-party software.
  • Identify non-patch vulnerabilities by using an updated list of 60,000+ known issues as well as items such as open ports and system information about users, shared directories and services.

Decrease vulnerability

  • Provides automated network security reports to help you demonstrate compliance with multiple requirements such as PCI DSS, HIPAA and SOX.

LanGuard Features In Detail

Patch management for operating systems, third-party apps and web browsers
Compatible with Microsoft®, Mac OS X® and Linux® operating systems. Scan your network automatically or on demand. Auto-download missing patches or roll-back patches. Also provides third-party patch management support for Apple QuickTime®, Adobe Flash® Player, Mozilla Firefox®, Java® Runtime and more. Automates patching for web browsers running on Windows® systems, including Mozilla Firefox, Google Chrome™ Apple Safari® and Opera™.

Detect vulnerabilities before hackers do
GFI LanGuard can identify more than 60,000 vulnerabilities. It scans devices, identifies and categorizes security vulnerabilities, recommends a course of action, and provides tools to resolve the problem. The threat level indicator graph provides a weighted assessment of the vulnerability status of your scanned devices.

Web-based reporting
Provides a web-based reporting interface using a secure (https) connection. For large networks, you can install multiple GFI LanGuard instances (sites) and use a single web console for a centralized view and aggregated reporting. Reports can be exported to popular formats such as PDF, HTML, XLS, XLSX, RTF and CSV. They can be scheduled and sent by email, and can be used as a template to create custom reports.

Track the latest vulnerabilities and missing updates
GFI LanGuard ships with a vulnerability assessment database, which includes standards such as OVAL (11,500+ checks) and SANS Top 20. The database is regularly updated with information from BugTraq, SANS Corporation, OVAL, CVE and more. The auto-update feature continuously refreshes the system with newly released Microsoft security updates and vulnerability checks.

Integrates with third-party security apps

Integrates with more than 4,000 security applications, including antivirus, anti-spyware, firewall, anti-phishing, backup client, disk encryption, data loss prevention and device access control. Provides status reports and lists of instant messaging or peer-to-peer applications installed on your network, and resolves issues that require attention such as triggering antivirus or anti-spyware updates.

Check vulnerabilities on networked devices
GFI LanGuard keeps your switches, routers, access points and printers secure from attack. It provides vulnerability scanning on smartphones and tablets running Windows, Android™ and iOS® as well as network devices such as printers, routers and switches.

Know what’s happening on your network
Network auditing gives you a comprehensive view of elements in your network, including connected USB devices, smartphones and tablets, as well as installed software, open shares, open ports, weak passwords and hardware information. Secure your network by closing ports, deleting obsolete users and disabling wireless access points.

Security audits
The interactive dashboard provides a summary of current network security status and a history of all relevant changes in the network over time. Drill down through information, from network-wide security sensors to individual security scan results.

Run in virtual environments
Supports and runs on common virtualization technologies, such as VMware®, Microsoft Virtual Server, Microsoft Hyper-V®, Citrix® and Parallel. It also detects virtual machines hosted by a scanned computer.

Comply with PCI, HIPAA and more
GFI LanGuard provides vulnerability management coupled with extensive reporting to help you comply with standards and regulations. It helps safeguard your network and gauge the effectiveness of your PCI DSS, HIPAA, SOX, GLB/GLBA or PSN CoCo compliance programs.

Run in agent-less or agent-based mode
You can configure GFI LanGuard to run in agent-less or agent-based mode. Agent-based technology enables automated network security audits and distributes the scanning load across client machines.