jonlee.ca

GFI Languard isn’t your run of the mill security scanner.  This is a full featured enterprise-level software package that can test over 15,000 security vulnerabilities on your network.  With the number of vulnerabilities being discovered on a daily basis, it is hard enough to track and deploy patches while testing for security holes on a single computer, let alone an entire network of computers.

For many network administrators, this daunting task calls for a well-packaged network security scanner and GFI Languard delivers this in baskets.

Features
The feature list for GFI Languard version 9 is huge, but here are some of the more innovative/important features:

• Vulnerability scanning – scans over 15,000 security vunerabilities across all platforms (Windows, Mac OS and Linux).
• Support for virtual machines (running an operating system on an virtual machine doesn’t make it completely secure!).
• Immediately offers detailed analysis of vulnerabilites and offers remedial action.
• Able to script custom vulnerability checks – if your network is running special software you can easily write Python and Visual basic scripts to check non-standard vulnerabilities.
• Tests third party applications (anti-virus/anti-fireware) for adequate protection.
• Patch management – easily install or roll-back Windows patches that may be causing problems.
• Automatically deploy network-wide software installs, patches or service packs.  New Windows service pack? No worries!
• Remote desktop connection support for scanned computers – so you can take the driver seat on vulnerabilites that can’t be fixed automatically.
• Hardware auditing across networks – find out what computers are running what hardware
• Silent installation – deploy GFI Languard across the network without affecting end-users

User Interface
The UI is clean and straight forward.  Given the number of features, it is surprisingly simple.  Take a look at the screenshots on their site and you’ll get a good idea of the quality of software you’re dealing with.

My Results
I consider myself quite computer savvy and like to think that I keep my computer secure and free of vulnerabilities.  I ran GFI Languard on my own system and was happy to see that it only found one vulnerability — having Guest log-in enabled.  I promptly disabled it, ran the scan again and received a clean bill of health.  I don’t have a local network setup to test its networks features on but I’ve heard from some people I’ve talked to that it works as advertised.

Price – Free!
The nice people at GFI understand the importance of security for the everyday personal home user.  As a result, GFI Languard is freeware for personal use (up to 5 IP addresses).  The huge majority of home users and even small businesses won’t have any more than 5 computers so the fully featured freeware offer from GFI deserves a big round of applause.

For large companies with a huge network, pricing starts at $32 per IP address for 10-24 IPs and incrementally goes down to $4 per IP address for over 3000 IPs.

My Gripes
One gripe I have about the software though is that you need to provide it with the administrator username and password for your system.  This is necessary for it to perform some of the required tests but I had to do a small background check to make sure it was legitimate and they weren’t collecting this data for malicious purposes.  And of course, I found that GFI is a well known company having won many awards with many retail products available — otherwise I wouldn’t have installed the program to test it in the first place!

Another thing is that upon starting the program, you get a nag screen asking you to purchase the full version of the software.  It appears that after 10 days, the trial period ends and the software reverts to freeware mode unless you enter a license key.  So you can still use the fully functional software if you close the nag window by pressing the X in the top right hand corner but none of the obvious buttons give an option to continue using the software in freeware mode.

Conclusion
This software is the best network security scanners I’ve ever seen.  Any network administrator would be much better off using it.  Given the awesome price of free, home owners would be doing themselves a favor by running it at least once to patch up any security holes in their system!

Popularity: 3% [?]

This entry was posted on Friday, May 29th, 2009 at 7:56 pm and is filed under Reviews, Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.