NETOLOGY

GFI LanGuard Network Security Scanner
Security scanning and patch management

Automatically detect security vulnerabilities on your network
GFI LANguard Network Security Scanner (N.S.S.) checks your network for all potential methods that a hacker might use to attack it. By analyzing the operating system and the applications running on your network, GFI LANguard N.S.S. identifies possible security holes. In other words, it plays the devil's advocate and alerts you to weaknesses before a hacker can find them, enabling you to deal with these issues before a hacker can exploit them.

Provides in-depth information about all machines/devices
GFI LANguard N.S.S. scans your entire network, IP by IP, and provides information such as service pack level of the machine, missing security patches, wireless access points, USB devices, open shares, open ports, services/applications active on the computer, key registry entries, weak passwords, users and groups, and more. Scan results can easily be analyzed using filters and reports, enabling you to proactively secure your network - for example, by shutting down unnecessary ports, closing shares, installing service packs and hotfixes, etc.

Patch management
GFI LANguard N.S.S. is also a complete patch management solution. After it has scanned your network and determined missing patches and service packs - both in the operating system and in the applications - you can use GFI LANguard N.S.S. to deploy those service packs and patches network-wide. It can also deploy custom software network-wide.

Identifies security vulnerabilities & recommends action
Once GFI LANguard N.S.S. has completed scanning a computer, it categorises security vulnerabilities and recommends a course of action. Wherever possible, further information or a web link is included regarding the security issue, for example a BugTraq ID or a Microsoft KnowledgeBase article ID.

Fast TCP & UDP port scanning & identification
GFI LANguard N.S.S. includes a fast TCP/IP and UDP port-scanning engine, allowing you to scan your network for unnecessary open ports. GFI LANguard N.S.S. identifies well-known services (such as www/FTP/telnet/SMTP... ) and applications (via banner grabbing).

Network-wide patch & service pack management
GFI LANguard N.S.S. can deploy missing service packs, and patches network-wide, without user intervention. It is the ideal tool to monitor that Microsoft SUS is doing its job properly and to perform the tasks SUS cannot. Use GFI LANguard N.S.S. to deploy Microsoft Office patches and custom software patches, for patch reporting and for immediate deployment of high alert patches. Microsoft SUS cannot do any of this. GFI LANguard N.S.S. supports patching of English, Spanish, Italian, French and German versions of Microsoft Office as well as custom software patching (e.g., virus updates or client software deployment). If you do not want to use Microsoft SUS, GFI LANguard N.S.S. can deploy patches for English versions of Windows NT/2000/2003/XP, Microsoft Exchange Server, Microsoft SQL Server and Microsoft ISA Server.

Finds all shares on your network
GFI LANguard N.S.S. enumerates all shares on your network, including administrative and printer shares (C$, D$, ADMIN$) and shows you who has access to the share. Use this feature to:
Check if permissions of shares are set correctly
Check whether a user is sharing his/her whole drive with other users
Prevent anonymous access to shares
Ensure that startup folders or similar system files are not shared as this could allow less privileged users to execute code on target machines.

Wireless node/link detection
GFI LANguard N.S.S. can detect machines/devices which are connected to your network via a wireless link. Wireless links are a tremendous security risk if they are not secured properly. Detecting unauthorised and possibly unsecured wireless links is therefore extremely important. Via an advanced algorithm wireless machines are identified.

Automatically alerts you of NEW security holes/changes using scan result comparisons
GFI LANguard N.S.S. can perform scheduled scans (e.g., daily or weekly) and can automatically compare them to previous scan results. Any new security holes or changes appearing on your network are emailed to you. This enables you to quickly identify newly created shares, installed services, added users, newly opened ports and more.

Find unused local users & groups
GFI LANguard N.S.S. enumerates all local users and groups, and identifies user accounts no longer being used. This allows you to remove/disable these accounts, which could present a security hole.

Easy filtering of scan results
Easily analyze the scan results by clicking on one of the default filter nodes to show, e.g., machines with high security vulnerabilities or machines missing a particular service pack. Easily customize existing filters or create new custom filters from scratch. You can also export scan results data to XML.

Automatically downloads security patch & vulnerability information
GFI LANguard N.S.S. always has up-to-date information about Microsoft security patches and new vulnerabilities because it automatically downloads Hotfix, security bulletins and new vulnerability checks.

Extensive, industrial-strength vulnerabilities database
GFI LANguard N.S.S. ships with a complete vulnerabilities database, which also includes top SANS issues, as well as Linux and cgi vulnerabilities. The GFI LANguard N.S.S. vulnerabilities database is regularly updated with issues reported to BugTraq, SANS, CVE and other sources. New vulnerabilities can be downloaded automatically from the GFI site.

Easily create different types of scans/vulnerability tests with Scan Profiles
Using Scan Profiles, administrators can configure scans for different types of information. For example, administrators can scan for open shares on workstations, security audit and password policies, machines missing a particular patch or service pack. Different types of vulnerabilities can be scanned for, and the scan can also be performed using different identities.

Add custom vulnerabilities using scripts/conditions
You can add your own vulnerability checks using conditions, e.g., check for particular registry entries/values. You can also write complex vulnerability checks using the GFI LANguard N.S.S. VBscript-compatible script engine. GFI LANguard N.S.S. includes a script editor and debugger to help with script development.

Check if auditing is enabled & enable network-wide auditing
GFI LANguard N.S.S. checks if each NT/2000/XP machine has security auditing enabled. If not, GFI LANguard N.S.S. alerts you and allows you to enable auditing remotely. Security event auditing is highly recommended - it allows you to detect intruders in real time. GFI LANguard N.S.S.'s companion product GFI LANguard Security Event Log Monitor (S.E.L.M.) automates network-wide, real time analysis of security events.

Check password policy
GFI LANguard N.S.S. can automatically check password policy of local users, for all machines on the network.

Deploy custom/3rd party software & patches network-wide
Besides deploying patches and service packs, GFI LANguard N.S.S. allows you to easily deploy 3rd party software or patches network-wide. Use this feature to deploy client software, update custom or non-Microsoft software, virus updates and more. The custom software deployment feature obsoletes the need for Microsoft SMS, which is too complex and expensive for small to medium sized networks.

USB device scanning
USB can be a potential security problem - almost any device can be connected, including removable hard disks, digital cameras, wireless access points and more. Many of these devices can be a potential security risk and as an administrator you have little control over this. Regularly scanning what USB devices are connected to your network helps you eliminate unauthorized and dangerous USB devices. GFI LANguard N.S.S. scans all devices connected to the USB hub, filters authorised USB devices (e.g. mouse) and only alerts you to dangerous/unknown USB devices.

Report NTFS & Share permissions
GFI LANguard N.S.S. will display both Share and NTFS permissions for all shares in your network - allowing you to easily check and lock down your shares.

Checks status of GFI LANguard Portable Storage Control (P.S.C.)
GFI LANguard N.S.S. can also check that the Portable Storage Control service is active. GFI LANguard P.S.C. gives you network wide control of portable storage devices: Control which users can use a USB stick, MP3 player, IPOD, floppies and more.

New Linux vulnerability checks
GFI LANguard N.S.S. includes numerous Linux security checks, including root kit detection.

SSH scripting feature allows custom Unix/Linux vulnerability checks
GFI LANguard N.S.S. includes an SSH client which allows you to connect to remote Linux/Unix machines and launch scripts. With this feature you can create custom security checks.

Multithread scan engine
GFI LANguard N.S.S. can scan up to 3 computers at a time, thereby drastically reducing the total time taken to perform a network wide scan.

Other features:

Checks for programs that run automatically (potential Trojans)

Makes an inventory of your network

Finds out if the OS is advertising too much information

Provides NETBIOS hostname, currently logged username and MAC address

Provides a list of shares, users (detailed info), services, sessions, remote TOD (time of day) and registry information from remote computer (Windows)

SNMP device detection, SNMP Walk for inspecting network devices like routers, network printers...

Identifies all installed Windows services.