其它軟體‎ > ‎補丁管理‎ > ‎

GFI LANguard Network Security Scanner

張貼者:2010年9月24日 下午10:13未知的使用者   [ eddie liu 已於 2012年8月8日 上午3:00 更新 ]
GFI LANguard BoxGFI的LANguard™是一個屢獲殊榮的網絡安全掃描器使用的數以千計的客戶。 GFI的LANguard掃描你的網絡和港口,以發現,評估和正確的安全漏洞最少的管理工作。 作為管理員,你必須另行處理脆弱性問題有關的問題,補丁管理和網絡審計,有時使用多個產品。 然而,與 GFI LANguard這三個基石漏洞管理是針對一個 包。 我們給你一個全面的了解您的網絡設置,幫助您保持一個安全的網絡狀態的速度更快,更有效。








開發商:GFI Software
原廠網址:http://www.gfi.com/lannetscan/lanscanfeatures.htm
更新日期:2011/05/26
採購正式版、大量授權報價、技術支援、軟體諮詢、委託採購、詢問報價請來電 02-29299388 分機16 , 
來信service@orderble.com,或點我
-----------------------------------------------------------------------------



特點

免費版

We Care logo smlGFI的發布了一個免費版本的Gfi LANguard™,符合我們的 '關懷' 主動施以援手,這些經濟困難時期。 使用免費版,企業可以掃描多達五個免費使用的IP產品的完整功能集-沒有任何限制。 點擊這裡 獲取更多信息。

漏洞掃描

在安全審計,漏洞評估超過 15,000製造 - 網絡 IP掃描的IP地址。 GFI的LANguard使您能夠執行多台掃描(在Windows,Mac作業系統,Linux)在所有的環境 - 包括虛擬機,並分析您的網絡的安全設置和狀態。 GFI的LANguard提供了強大的識別和糾正任何威脅,黑客可以利用它們。

虛擬機的檢測
GFI的LANguard現在可以檢測是否掃描機後面或虛擬的。 目前VMware和Virtual PC軟件支持。

設置您自己的自定義漏洞檢查
GFI的LANguard允許您輕鬆地創建自定義漏洞檢查,通過簡單的嚮導輔助設置屏幕。 該嚮導是強大的,足以讓建設複雜漏洞檢查和兼容的腳本引擎使用Python和VBScript。 GFI的LANguard包括一個腳本編輯器和調試器來幫助腳本開發。

廣泛,工業實力的漏洞數據庫
GFI的LANguard附帶一個完整而徹底的脆弱性評估的數據庫,包括標準,如橢圓形(2000 +支票)和SAN前20名。 該數據庫定期更新信息Bugtraq上,SANS的公司,橢圓形公司,CVE等。 通過其自動更新系統,GFI的LANguard始終保持最新的信息關於新發布的微軟安全更新以及新發布的GFI的漏洞檢查軟件和其他以社區為基礎的信息庫,如橢圓形的數據庫。

發現安全漏洞並採取補救措施
GFI的LANguard掃描計算機,識別和分類安全漏洞,建議一門課程的行動,並提供工具,使您解決問題。 GFI的LANguard帶有圖形的威脅程度的指標,提供了一個直觀,加權評估狀況的脆弱性掃描計算機或一組計算機。 只要有可能,一個或多個信息網站鏈接在一個特定的安全問題提供 - 如Bugtraq上的ID或Microsoft知識庫文章編號。

確保第三方安全應用程序(反病毒和反間諜軟件)提供最佳的保護
GFI的LANguard確保支持的安全應用,如防病毒和反間諜軟件更新最新的定義文件和正常運作。 例如,您可以檢查並確定支持的安全應用程序的所有關鍵功能(如實時掃描)啟用。

容易造成不同類型的掃描和漏洞測試
掃描您可以輕鬆地配置為不同類型的信息,如股票在工作站上打開,安全審計和密碼政策,和機器缺少特定的補丁或服務包。 您可以掃描不同類型的漏洞,以確定潛在的安全問題。 這些措施包括:

  • 打開端口: GFI的LANguard掃描開放端口和不必要的檢查,沒有端口劫持已經生效
  • 未使用的本地用戶和組: GFI的LANguard刪除或禁用用戶帳戶是不再使用
  • 列入黑名單的應用: 與GFI LANguard,可以識別未經授權或危險軟件,並加入到黑名單的要關聯的應用程序具有較高的安全漏洞警報
  • 危險的USB設備,無線節點和鏈接: GFI的LANguard掃描所有的設備連接到USB或無線連接,並提醒您的任何可疑活動

還有更多!

輕鬆地分析和過濾掃描結果
GFI的LANguard使您可以輕鬆地分析和過濾掃描結果通過點擊一個默認的過濾節點。 這使您能夠識別,例如,機器具有高安全漏洞或機器缺少特定的服務包。 自定義過濾器也可以非常容易地從頭開始創建或定制的和現有的腳本。 此外,您可以掃描結果導出到XML數據。

補丁管理和整治

當掃描完成後,GFI的LANguard給你所有的功能和工具,你需要高效地安裝和 管理的修補程序 在所有機器上微軟的操作系統和不同的產品在38種語言。 點擊這裡 查看完整的清單。

GFI的LANguard還允許自動下載缺少的修補程序以及補丁回滾和定制軟件可以進行部署,造成了一貫配置的環境是安全對漏洞。

補丁管理非微軟軟件
GFI的LANguard還提供了補丁管理支持非微軟軟件,使管理員能夠檢測,下載和部署缺少的修補程序支持的應用程序在相同的方式是為微軟的更新。 GFI的LANguard提供補丁管理支持許多流行的應用,例如蘋果的QuickTime,安裝Adobe Acrobat,Adobe Flash播放器,Adobe Reader軟件,Adobe Shockwave播放器,Mozilla的Firefox,Mozilla雷鳥,Java運行時和其他人。 點擊這裡的完整列表

自動部署網絡範圍的修補程序和服務包管理
與 GFI LANguard你可以輕鬆地部署服務包和補丁缺少網絡範圍。 GFI的LANguard是理想的工具,以確保微軟 WSUS是正常工作,它執行任務 WSUS不,如部署Microsoft Office和定制軟件的補丁。 GFI的LANguard還為您提供新的功能,如補丁自動下載和修補復原。 這也是Unicode的兼容,並能支持補丁管理目前在超過 35種語言支持Microsoft。 網絡管理員可以選擇手動或批准設置的所有每個補丁微軟的更新已經批准。 如果獲得批准手動補丁的網絡管理員可以選擇接收電子郵件通知時,新的微軟更新可用。

未經授權的應用自動修復
修復操作可以觸發自動在年底預定掃描。 除了報告所有安裝的程序,GFI的LANguard允許用戶定義哪些應用程序授權或未經授權被安裝在網絡上。 此列表的應用程序可以很容易地定義為每個掃描輪廓使用應用程序清單工具。 在掃描期間,任何未經授權的應用程序標識和(可選)自動卸載 GFI的LANguard。 集成的自動卸載驗證工具旨在幫助確定哪些應用程序支持無聲的檢測卸載,因此可以安全地和自動卸載。

遠程桌面連接
GFI的LANguard允許有用的選項一個遠程桌面連接來解決安全問題,在掃描計算機不能自動修復。

部署自定義和第三方軟件和修補程序全網絡
除了 部署補丁和服務包,GFI的LANguard使您能夠輕鬆地部署補丁軟件或第三方網絡範圍內。 您可以使用此功能來部署客戶端軟件,更新自定義或非微軟的軟件,病毒更新,以及更多的幾乎任何應用程序,可以運行在默默可推使用GFI LANguard網絡。 這個定制軟件部署功能意味著你可以不用微軟SMS,這是複雜的,太貴了,小到中等規模的網絡。

網絡和軟件的審計

GFI的LANguard的 網絡審計 為您提供全面的看法,您的網絡-什麼USB設備連接,安裝了什麼軟件,任何打開的股票,開放端口和弱口令在使用,和硬件信息。 該解決方案的深度報導給你一個重要的和實時快照您的網絡的狀態。 掃描結果可以很容易地使用過濾器進行分析和報告,使您能夠積極主動地保護網絡,通過關閉端口,刪除用戶或團體都不再使用,或禁用無線接入點。

擴展硬件審計工具
GFI的LANguard現在可以顯示詳細的信息有關的所有硬件配置您的網絡上掃描機。 所有設備從 設備管理器 工具從Windows操作系統檢索,包括主板,處理器,內存,存儲設備,顯示適配器等等。 使用基準比較,你現在可以檢查是否有硬件是添加或刪除自上次掃描。

自動接收新的安全漏洞警報
GFI的LANguard能夠如期執行例行掃描,可以自動比較結果的上掃描。 任何新的安全漏洞或安全設置的更改您的網絡上發現通過電子郵件發送給你的分析。 這使您能夠快速識別新創建的共享,安裝服務,安裝的應用程序,添加的用戶,新開口岸等。 GFI的LANguard會產生特定的報表和電子郵件通知每當有軟件或硬件變化檢測網絡內的審計。 我們的報告還顯示什麼整治行動的進行。

檢查以確保網絡安全審計是啟用全
GFI的LANguard R2的檢查,如果每個 NT/2000/XP/2003/VISTA/2008/2008 / 7機啟用安全審核。 如果沒有,GFI的LANguard提醒您,並允許您啟用遠程審計。 安全事件審計是高度推薦,因為它在實時檢測入侵者。

掃描和檢索數據從 Linux操作系統系統
它可以遠程提取數據從 Linux操作系統為基礎的系統和掃描結果顯示在相同的方式為基於 Windows的計算機。 這意味著 Linux和基於 Windows的計算機可以分析一個掃描會議! GFI的LANguard包括許多 Linux的安全檢查,包括rootkit的檢測。GFI的LANguard可以使用SSH私鑰文件,而不是傳統的密碼字符串的憑據來驗證基於 Linux的目標計算機。

產生額外功能

監測儀表板
GFI的LANguard儀表板顯示的概括所有的掃描結果從數據庫中提供了一個概述最易受感染的計算機安全狀況的趨勢的網絡。

GFI的價值乘以LANguard與強大的報告
報告的目的是滿足要求的管理人員和技術人員。 GFI的LANguard提供了圖形化的快照網絡的安全狀態。 從趨勢報告管理(ROI)的日常鑽取報告,技術人員,GFI的LANguard為您提供了易於查看的信息必須充分保持你的網絡之上的安全環境。執行報告現在可以直接從 GFI的LANguard。

幫助您遵守PCI DSS與其他法規
所有的企業持卡人的數據處理,無論大小,都必須完全符合嚴格的安全標準制定了由世界主要的信用卡公司。 GFI的LANguard提供完整的漏洞管理相結合的具有廣泛 ReportPack插件。 這使得GFI的LANguard一必要的,極具成本效益的解決方案,為您的組織,以保障您的網絡和衡量成效的PCI法規遵從計劃。

無聲安裝支持
您可以執行無人參與的Gfi LANguard默認安裝在多台計算機在後台無需任何用戶交互或干預。 定制的部署參數,也可以通過建立微軟轉換(MST)文件。

更多關於 MST文件

預定義驗證細節
GFI的LANguard允許你存儲獨立的身份驗證目標計算機的每個細節在你的網絡,避免了需要指定的認證證書之前,每次掃描。 在一個掃描會話時,它可以審計所有這些目標,你的網絡,即使他們需要不同的認證的詳細信息和/或方法。

支持虛擬環境
組織使用或計劃使用虛擬化他們的網絡可以安裝和使用範圍的GFI產品的信心。 GFI的LANguard支持和運行在最常見的虛擬化技術使用,即VMware,微軟虛擬服務器和微軟 Hyper - V。

本地化
GFI的LANguard也可以在意大利和德國。

其他特點:

  • 自動檢查密碼策略在網絡上所有機器
  • 檢查的程序的自動運行(潛在的木馬)
  • 發現如果操作系統是廣告太多的信息
  • 同時進行掃描,通過多線程掃描引擎
  • 提供NetBIOS主機名,當前登錄的用戶名和MAC地址
  • 股份提供一個清單,用戶(詳細信息),服務,會話,遠程 TOD的(時間一天)和註冊表信息,從遠程計算機(Windows)
  • SNMP的設備檢測,檢測的SNMP網絡設備步行如路由器,網絡打印機等
  • 提供可選擇的命令行部署工具
  • 所有已安裝的Windows服務標識
  • 支持微軟 Windows Vista









Features

Freeware Version Available

We Care logo smlGFI has released a freeware version of GFI LANguard™, in line with our ‘We Care’ initiative to offer a helping hand in these difficult economic times. Using the freeware version, companies can scan up to five IPs for free using the product’s full feature set – with no restrictions whatsoever. Click here for more information.

Vulnerability Scanning

During security audits, over 15,000 vulnerability assessments are made - scanning the network IP by IP. GFI LANguard gives you the capability to perform multi-platform scans (Windows, Mac OS, Linux) across all environments - including Virtual Machines and to analyze your network’s security set-up and status. GFI LANguard gives you the power to identify and correct any threats before hackers can exploit them.

Detection of Virtual Machines
GFI LANguard can now detect whether a scanned machine is rear or virtual. Currently both VMware and Virtual PC software are supported.

Set up your own Custom Vulnerability Checks
GFI LANguard allows you to easily create custom vulnerability checks through simple wizard-assisted set-up screens. The wizard is powerful enough to allow building of complex vulnerability checks and the scripting engine is compatible with Python and VBScript. GFI LANguard includes a script editor and debugger to help with script development.

Extensive, Industrial Strength Vulnerabilities Database
GFI LANguard ships with a complete and thorough vulnerability assessment database, including standards such as OVAL (2,000+ checks) and SANS Top 20. This database is regularly updated with information from BugTraq, SANS Corporation, OVAL, CVE and others. Through its auto-update system, GFI LANguard is always kept up-to-date with information about newly released Microsoft security updates as well as new vulnerability checks issued by GFI Software and other community-based information repositories such as the OVAL database.

Identify Security Vulnerabilities and Take Remedial Action
GFI LANguard scans computers, identifies and categorizes security vulnerabilities, recommends a course of action and provides tools that enable you to solve the problem. GFI LANguard comes with a graphic threat level indicator that provides an intuitive, weighted assessment of the vulnerability status of a scanned computer or group of computers. Wherever possible, a web link or more information on a particular security issue is provided - such as a BugTraq ID or a Microsoft Knowledge Base article ID.

Ensures Third Party Security Applications (Anti-Virus and Anti-Spyware) Offer Optimum Protection
GFI LANguard ensures that supported security applications such as anti-virus and anti-spyware software are updated with the latest definition files and are functioning correctly. For example, you can check to be certain that supported security applications have all key features (such as real-time scanning) enabled.

Easily Creates Different Types of Scans and Vulnerability Tests
You can easily configure scans for different types of information, such as open shares on workstations, security audit and password policies, and machines missing a particular patch or service pack. You can scan for different types of vulnerability to identify potential security issues. These include:

  • Open ports: GFI LANguard scans for unnecessary open ports and checks that no port hijacking is in force
  • Unused local users and groups: GFI LANguard removes or disables User Accounts which are no longer in use
  • Blacklisted applications: With GFI LANguard, you can identify unauthorized or dangerous software and add to blacklists of applications you want to associate with a high security vulnerability alert
  • Dangerous USB devices, wireless nodes and links: GFI LANguard scans all devices connected to USB or wireless links and alerts you of any suspicious activity

And much more!

Easily Analyze and Filter Scan Results
GFI LANguard enables you to easily analyze and filter scan results by clicking on one of the default filter nodes. This enables you to identify, for example, machines with high security vulnerabilities or machines that are missing a particular service pack. Custom filters can also very easily be created from scratch or customized from and existing script. Also, you can export scan results data to XML.

Patch Management and Remediation

When a scan is complete, GFI LANguard gives you all the functionality and tools you need to effectively install and Manage Patches on all machines across different Microsoft operating systems and products in 38 languages. Click here to view a full list.

GFI LANguard also allows auto-downloads of missing patches as well as patch roll-back and custom software can be deployed, resulting in a consistently configured environment that is secure against vulnerabilities.

Patch Management for Non-Microsoft Software
GFI LANguard also offers patch management support for non-Microsoft software, enabling administrators to detect, download and deploy missing patches for supported applications in the same way as is done for Microsoft updates. GFI LANguard offers patch management support for many popular applications like Apple Quicktime,  Adobe Acrobat, Adobe Flash Player, Adobe Reader, Adobe Shockwave Player, Mozilla Firefox, Mozilla Thunderbird, Java Runtime and others.Click here for a full list

Automatically Deploy Network-wide Patch and Service Pack Management
With GFI LANguard you can easily deploy missing service packs and patches network-wide. GFI LANguard is the ideal tool to ensure that Microsoft WSUS is working properly and it performs tasks WSUS does not, such as deploying Microsoft Office and custom software patches. GFI LANguard also provides you with new features such as patch auto-download and patch rollback. It is also Unicode compliant and able to support patch management in over 35 languages currently supported by Microsoft. The network administrator has the option to either manually approve each patch or set all Microsoft updates as approved. If patches are approved manually the network administrator can choose to receive email notifications when new Microsoft updates are available.

Automatic Remediation of Unauthorized Applications
Remediation operations can be triggered automatically at the end of scheduled scans. Apart from reporting on all installed applications, GFI LANguard allows the user to define which applications are authorized or not authorized to be installed on the network. This list of applications can be easily defined for each scanning profile using the Applications Inventory Tool. During a scan, any unauthorized applications are identified and (optionally) uninstalled automatically by GFI LANguard. An integrated Auto-Uninstall Validation tool is provided to help identify which of the detected applications support silent uninstall and can thus be safely and automatically uninstalled.

Remote Desktop Connection
GFI LANguard allows the useful option of a remote desktop connection to fix security issues on scanned computers that cannot be fixed automatically.

Deploys Custom and Third Party Software and Patches Network-wide
Besides Deploying Patches and Service Packs, GFI LANguard enables you to easily deploy third party software or patches network-wide. You can use this feature to deploy client software, update custom or non-Microsoft software, virus updates and more; practically any application that can run silently can be pushed in the network using GFI LANguard. This custom software deployment feature means you can do without Microsoft SMS, which is complex and too expensive for small to medium-sized networks.

Network and Software Auditing

GFI LANguard’s Network Auditing gives you a comprehensive view of  your network - what USB devices are connected, what software is installed, any open shares, open ports and weak passwords in use, and hardware information. The solution's in-depth reports give you an important and real-time snapshot of your network's status. Scan results can be easily analyzed using filters and reports, enabling you to proactively secure the network by closing ports, deleting users or groups which are no longer in use, or disabling wireless access points.

Extended Hardware Auditing Facility
GFI LANguard can now show detailed information about the hardware configuration of all the scanned machines on your network. All devices from the Device Manager tool from Windows operating systems are retrieved, including motherboard, processors, memory, storage devices, display adapters and much more. Using baseline comparisons you can now check whether any hardware was added or removed since the last scan.

Automatically Receive Alerts of New Security Holes
GFI LANguard can perform routine scheduled scans and can automatically compare results to previous scans. Any new security holes or security set-up changes discovered on your network are emailed to you for analysis. This enables you to quickly identify newly-created shares, installed services, installed applications, added users, newly-opened ports and more. GFI LANguard will generate specific reports and email notification whenever there are software or hardware changes detected within the audited network. Our reports also show what remediation operations were performed.

Check to Ensure Security Auditing is Enabled Network-wide
GFI LANguard checks if each NT/2000/XP/2003/VISTA/2008/2008 R2/7 machine has security auditing enabled. If not, GFI LANguard alerts you and allows you to enable auditing remotely. Security event auditing is highly recommended as it detects intruders in real time.

Scan and Retrieve OS data from Linux Systems
It is possible to remotely extract OS data from Linux-based systems and scan results are presented in the same way as for Windows-based computers. This means that both Linux and Windows-based computers can be analyzed in a single scanning session! GFI LANguard includes numerous Linux security checks including rootkit detection. GFI LANguard can use SSH Private Key files instead of the conventional password string credentials to authenticate to Linux-based target computers.

Additonal Features

Monitoring Dashboard
The GFI LANguard dashboard shows summarized results of all scans from the database and provides an overview of the most vulnerable computers and security status trends of the network.

Multiply the Value of GFI LANguard with Powerful Reporting
Reports are designed to satisfy the requirements of both management and technical staff. GFI LANguard delivers a graphical snapshot of the security status of your network. From trend reports for management (ROI) to daily drill-down reports for technical staff, GFI LANguard provides you with the easy-to-view information you need to fully keep on top of your network’s security environment. Executive reports are now available directly from within GFI LANguard.

Helps You Comply with PCI DSS and Other Regulations
All businesses handling cardholder data, regardless of size, have to be fully compliant with strict security standards drawn up by the world’s major credit card companies. GFI LANguard provides complete vulnerability management coupled with an extensive ReportPack add-on. That makes GFI LANguard an essential, highly cost-effective solution for your organization to safeguard your network and gauge the effectiveness of your PCI compliance program.

Silent Installation Support
You can perform an unattended default installation of GFI LANguard on multiple computers in the background without any user interaction or intervention. Customization of the deployment parameters is also possible through the creation of Microsoft Transform (MST) files.

More Information about MST files

Predefine Authentication Details
GFI LANguard allows you to store separate authentication details for every target computer on your network, avoiding the need to specify authentication credentials prior to every scan. In a single scanning session, it is possible to audit all the targets in your network, even if they require different authentication details and/or methods.

Support for Virtual Environments
Organizations that use or plan to use virtualization on their network can install and use a range of GFI products with confidence. GFI LANguard supports and runs on the most common virtualization technologies in use, namely VMware, Microsoft Virtual Server and Microsoft Hyper-V.

Localization
GFI LANguard is also available in Italian and German.

Other Features:

  • Automatically checks the password policy for all machines on the network
  • Checks for programs that run automatically (potential trojans)
  • Finds out if the OS is advertising too much information
  • Performs simultaneous scans through the multithread scan engine
  • Provides NetBIOS hostname, currently logged username and MAC address
  • Provides a list of shares, users (detailed info), services, sessions, remote TOD (time of day) and registry information from remote computer (Windows)
  • SNMP device detection, SNMP Walk for inspecting network devices like routers, network printers and more
  • Offers alternative command line deployment tool
  • Identifies all installed Windows services
  • Supports Microsoft Windows Vista