GFI LNSS does a good job identifying Windows missing patches/service packs, does a decent job detecting various registry/user never logged on/password never expires/etc. vulnerabilities. Does a good job distributing patches to workstations/servers. I would categorize it as MS patch management (with a lot of manual intervention) and a little vulnerability assessment. Not to be confused with a Pen Testing firm. Others' mileage may have varied, of course.
Feel free to ask more specifics. -Derek -----Original Message----- From: Bill Songstad (WCUL) [mailto:[EMAIL PROTECTED] Sent: Mon 12/1/2008 7:20 PM To: NT System Admin Issues Subject: GFI LANGuard Vs Security Company Does anybody have any experience using GFI's Languard for vulnerability scanning? I'm looking for something to scan my computers for known vulnerabilities to common applications. Currently I am using a Security Company's scanner and it is convenient, and easy to report on, but it is quite expensive and I'd like to know what I'd get for the $690 to GFI as compared to ten times that to the company that does our Pen Tests. Does GFI work? Is it easy? Accurate? Anyone have any real-world experiences? Bill ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Derek Lidbom Director of Technology and Interactive Development, Trone 336.812.2010 [EMAIL PROTECTED] http://www.trone.com/ Confidentiality Notice: This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please notify me immediately by replying to this message and deleting it from your computer. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
