Home > Network Administration, Network Security > Product Review of GFI LANguard 9.0

Product Review of GFI LANguard 9.0

July 26th, 2009 Leave a comment Go to comments

The fine folks over at GFI were kind enough to send me a copy of the latest release of their LANguard product which is currently at version 9.0. As a disclaimer, GFI does advertise on my site, but this is not a paid advertisement, and our business relationship is has no influence on my review of the product.

 

I’ve used various GFI products for several years and remember using LANguard many years ago while working for the Department of Education. As I have taken on a more security-focused role in my new position with EWA GSI I have found myself using LANguard again and am enjoying the newest version of the product just as much as I did the older versions.

 

The big three features LANguard boasts are vulnerability management, patch management, and network auditing. I’ll address each of those individually.

 

Vulnerability Management

 

My primary use of LANguard has always been in this category. Some of my earliest learning experiences with network security were centered on LANguard security scans and in my current security role I’m making use of it right where I left off.

 

The scanning engine boasts over 15,000 scanning signatures and does seem to be quite thorough. I compared GFI LG scans side by side with Nessus scans on the same hosts and found the reporting from the LG scans were picking up quite a few more items of interest when it came to Windows hosts. The scanning options are quite robust and the reporting and remediation interface couldn’t be much better. 

 

gfi1

 

Patch Management

 

I’ve previously always used WSUS for patch management. However, if you’ve used WSUS you know that it can sometimes be unreliable and the reporting and troubleshooting features associated with it are still greatly lacking. I’m no longer directly managing a network so I evaluated the patch management features of LG on my home network and was pleasantly surprised.

 

I ran several scans against the devices on my networks and some of the virtual machines in my test networks that I had purposely halted automatic updates on. LG reported the missing updates on these machines and I was able to efficiently deploy those updates to the machines. I’ve always thought OS updates should be something that “just works” and LG fit the bill on this.

 

Network Auditing

 

There is a LOT of competition in this area but I was really impressed with what LG could offer here. I think a network auditing solutions biggest weak point is usually the reporting interface, and just as with the other areas of LG, the reporting is pristine. Not only can you perform on the spot audits, but you can also check for things such as illegal software installations by running comparisons against baseline audits.

 

gfi2

 

Pricing

 

GFI has released a full-featured FREE version of LANguard to be used for up to 5 IPs. After that, pricing is done on a per-IP basis with prices starting from around $32USD per IP for a 10-24 IP block.

 

Conclusion

 

I’ve always thought GFI was a great company with some really great products and LANguard 9.0 only helps to reinforce this opinion. I will continue to use the product alongside Nessus for my security scanning needs and would fully recommend it for network management and auditing.

 

You can check out LANguard and other GFI products at http://www.gfi.com.

Categories: Network Administration, Network Security Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.