Tip

Nonpareil networking tool: GFi LANguard Network Security Scanner

As somebody who's covered networking and security topics for over 10 years, I've had many occasions to recommend candidates for the network or system administrator's toolkit. I can't think of too many other tools as deserving of mention for consideration for, or inclusion in, such toolkits that are on a par with GFi's LANguard Network Security Scanner (usually abbreviated as NSS).

Aside from being something of a "Swiss Army Knife" in its range of functionality, NSS is simply a great tool to learn and use. Here's a brief recitation of some of this program's most noteworthy capabilities:

  • General network scanning of entire networks by IP address
  • Report on each machine's service pack level, missing security patches, services and applications active, registry profiling
  • Report on wireless access points active, open shares, open ports, weak passwords
  • General patch and update management capabilities, plus network software deployment

In addition, GFi LANGuard can also perform the following tasks:

  • Check for unused user accounts on client machines, identify all local user accounts and groups
  • Audit both Linux and Windows computers for security vulnerabilities
  • Reports on all shares include permission settings, drive root identification, anonymous access and startup folder identification (and optional blocking)
  • Provides remediation advice for vulnerabilities and exposures discovered, with pointers to additional online information (KB

    Requires Free Membership to View

  • articles, BugTraq IDs, CVE IDs, etc.)
  • Profiles wireless access security, identifies all active wireless users
  • Offers comparisons of previous to current scans to detect changes, including new shares, services, users, open ports and so forth

Beyond what the program can do, what it can tell you is perhaps even more valuable. GFi LANguard offers lots of reporting and filtering options to massage the data it gathers for delivery. Default filters permit easy identification of machines with high-risk vulnerabilities, or missing specific hotfixes, updates, or service packs. Scan results can be exported in XML format for further use (especially helpful for database import, or sophisticated text reporting tools). Admins can also employ scan profiles (pre-configured or custom-built) to look for open shares, perform security audits, check password policy compliance, and so forth.

In short, this is a great tool that offers well-designed capabilities that admins will find easy to deploy and use. The product also scales well (testimonials from companies like HP attest to its ability to handle 1,000-plus servers) and is extremely affordable (a license for 25 IP addresses costs $375, one for unlimited addresses costs $999 per management console). The free evaluation version automatically devolves into a limited-functionality freeware version if an evaluation key or license key isn't entered after 30 days. Check it out, and you'll probably end up putting one in your toolkit, too!


Ed Tittel is a full-time freelance writer, trainer, and consultant who specializes in matters related to information security, markup languages, and networking technologies. He's a regular contributor to numerous TechTarget Web sites, technology editor for Certification Magazine, and writes an e-mail newsletter for CramSession called "Must Know News."

This was first published in August 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.