Planning for a GFI LanGuard Installation

Planning for a GFI LanGuard Installation

In this training module we will be talking about what you need to know before you start deploying GFI
LanGuard and the different deployment scenarios that you may encounter. So, to begin with, before
deploying GFI LanGu it pays to know about the topology of the network where GFI LanGuard
will be installed. You need to know, for example, how big the network is, whether this is located at the

same geographical location or if there are distributed portions of it at different geographical locations.
Based on such information you can then take the best decisions on how to install this product. Smaller
networks that do not have any issues with bandwidth consumption can have this product

installed in the Agent-less mode. In this simple installation mode you simply need to choose a machine
where to install GFI LanGuard and then set this product to scan the network computers for
vulnerabilities. It is important to note however that this installation mode uses the resources of the
machine where the GFI LanGuard server is installed and also utilizes a fair amount of bandwidth

to conduct scans and remediation jobs. Growth in network size will necessitate a move to the agent-
based mode of deployment. The agent-based environment is the recommended type of installation
within GFI LanGuard. This type of setup shifts the scan and remediation operations from the GFI
LanGuard server to the GFI LanGuard Agent.

Agents are small software components installed on network computers that communicate with the GFI
LanGuard Server. The installed agent will receive the instruction to scan the computer, perform the
required action and then relay the results back to the GFI LanGuard Server. This saves bandwidth
performance, helps managing environments where laptops are not connected

to the network for extended periods of time and generally provides a more accurate representation of
results since scans are done at local-host level. It is important to note however that the GFI LanGuard
agents are only available for Microsoft Windows Machines; if you have other devise and computers
running other operating systems, then your network will be considered as running in mixed-mode.
In this mode, a segment of the network will be protected using agents while another segment will be
protected using the agent-less method. Another thing to note is that the GFI LanGuard Agents can be set
to be automatically deployed on newly discovered computers; you will not need to manually install
agents on a computer-by-computer basis.

If the network where you are installing GFI LanGuard is larger than 100 computers, or if it is distributed
across different geographical locations, then we highly recommend using Relay Agents. These Relay
Agents can be seen as an extension of the regular GFI LanGuard Agents. A Computer with the GFI
LanGuard Agent installed on it is elevated to the Relay Agent status

so that these computers handle bandwidth hungry processes such as patch and definition downloads.
Once the Relay Agent computer has downloaded the required patches and definitions, it will transfer
them to the other computers that are set to obtain patches from that Relay agent. In the case of
geographically distributed networks we highly recommend that you install

a relay agent per site so that patches and definitions are downloaded only once by the Relay Agent and
then distributed to all the computers within that site. Regardless of the chosen deployment method, you
will also need to ensure that all computers, whether these are hosting the GFI LanGuard server, an
Agent or a Relay server, meet the minimum system requirements for such a service.

We highly recommend that you refer the GFI LanGuard Administrator guide for an in-depth system
requirement listing for all deployment types. So, to recap this training module on deployment, before
installing GFI LanGuard you need to know a little bit on the network topology. You will then need to
decide which deployment scenario best fits your network.

You also need to know whether the computers where the various components will be installed. For in
depth information on deploying GFI LanGuard and different scenarios that you may encounter refer to
GFI LanGuard administrator's manual.
Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

0:00 / 04:50

Auto-play

Subtitles

Subtitles Language

Player Hotkeys

Transcript

Installing and upgrading GFI LanGuard

Installing and upgrading GFI LanGuard

In this training module we will discuss the installation and setup of GFI LanGuard. The aim of this video
to help show you how System Administrators install GFI LanGuard with minimum effort. GFI LanGuard
can be installed on any machine that meets the minimum system requirements. Before starting the
installation we also recommend that you get to know the topology of the network

where GFI LanGuard is being installed. This will enable you to make a better decision on where you
would want to install GFI LanGuard. For further information on this matter we highly recommend that
you first complete the Level 200 training module on Planning for your GFI LanGuard installation or
reading the Deployment Scenarios topic in the Administrator guide.

So, to begin with, first place the installation executable on the machine where you want to install GFI
LanGuard. Next, make sure to logon using administrator credentials on the machine. Launch GFI
LanGuard setup. Select the language to use.

Note, to change the language you will need to reinstall GFI LanGuard. If required, click Install in the pre–
requisite check window to download and install any missing required components. In the GFI LanGuard
welcome screen, click Next. In the database server configuration window provide the name of the
Microsoft SQL server

where the database will be hosted. Select ‘Use Windows Authentication’ if you want the GFI LanGuard
Central Management Server to use the Microsoft Windows credentials of the currently logged in user
when connecting to the Microsoft SQL database. If GFI LanGuard Central Management Server is not
using Windows Authentication when connecting

to the Microsoft SQL database, provide the username and password to be able to connect to the
database. The setup wizard will install GFI LanGuard 2016 on your computer. Click next to continue.
Read the licensing agreement.

To proceed with the installation, select “I accept the terms in the License Agreement” Than click Next.
Specify user details and key in license key. If you are evaluating this product you will be able to get this
key from the email sent to you when you registered for the download.

Click Next. Key in the administrator credentials and password. This is used by the service under which
scheduled operations will operate. Click Next to continue setup. Click Install to install GFI LanGuard in
the default location or Browse to change path.
The Setup wizard will install GFI LanGuard 2016 Central Management Server on your computer. Click
next to continue. Key in the administrator credentials and password. This is used by the service under
which scheduled operations will operate. Click Next to continue setup.

Use this address when connecting to GFI LanGuard 2016 Central Management Server. Click next to
continue. Click Install to install GFI LanGuard Central Management Server in the default location or
Browse to change path. Click next to continue training.

To install GFI LanGuard Central Management Server click install. Click Finish to finalize installation. When
launching GFI LanGuard for the first time, it automatically enables auditing on the local computer and
scans it for vulnerabilities. On completion of this first scan, the GFI LanGuard Home page

displays the vulnerability result. When it comes to upgrading from previous versions, one should note
that GFI LanGuard retains all settings and result information from any previous version of GFI LanGuard.
This enables you to Install GFI LanGuard without uninstalling the previous version, import settings from
other instances or deploy agents on the same machines where you have a previous

version of GFI LanGuard installed. It is also important to note, that Software upgrades from versions
older than GFI LanGuard 9 cannot be performed. License keys of earlier versions of GFI LanGuard are not
compatible and must be upgraded to run GFI LanGuard.

The process of upgrading to a newer version of GFI LanGuard is very similar to the installation process.
Once GFI LanGuard is installed, it detects the previous installation and automatically launches the
Import and Export Configuration Wizard. This enables you to export various configurations from the
previous version and import them

into the new one. Simply select the configuration to import and click Next to finalize the import process.
So to recap this training module. We have shown you how to install a new version ofGFI LanGuard.
Upgrading to this version of GFI LanGuard is straightforward with settings and scan
results being retained from previous versions. You will however need a new license key if upgrading
from an older version of GFI LanGuard.

Back

GFI LanGuard 12 - Training Level 200

Installing and upgrading GFI LanGuard

Installing and upgrading GFI LanGuard

In this training module we will discuss the installation and setup of GFI LanGuard. The aim of this video
to help show you how System Administrators install GFI LanGuard with minimum effort. GFI LanGuard
can be installed on any machine that meets the minimum system requirements. Before starting the
installation we also recommend that you get to know the topology of the network

where GFI LanGuard is being installed. This will enable you to make a better decision on where you
would want to install GFI LanGuard. For further information on this matter we highly recommend that
you first complete the Level 200 training module on Planning for your GFI LanGuard installation or
reading the Deployment Scenarios topic in the Administrator guide.

So, to begin with, first place the installation executable on the machine where you want to install GFI
LanGuard. Next, make sure to logon using administrator credentials on the machine. Launch GFI
LanGuard setup. Select the language to use.

Note, to change the language you will need to reinstall GFI LanGuard. If required, click Install in the pre–
requisite check window to download and install any missing required components. In the GFI LanGuard
welcome screen, click Next. In the database server configuration window provide the name of the
Microsoft SQL server

where the database will be hosted. Select ‘Use Windows Authentication’ if you want the GFI LanGuard
Central Management Server to use the Microsoft Windows credentials of the currently logged in user
when connecting to the Microsoft SQL database. If GFI LanGuard Central Management Server is not
using Windows Authentication when connecting
to the Microsoft SQL database, provide the username and password to be able to connect to the
database. The setup wizard will install GFI LanGuard 2016 on your computer. Click next to continue.
Read the licensing agreement.

To proceed with the installation, select “I accept the terms in the License Agreement” Than click Next.
Specify user details and key in license key. If you are evaluating this product you will be able to get this
key from the email sent to you when you registered for the download.

Click Next. Key in the administrator credentials and password. This is used by the service under which
scheduled operations will operate. Click Next to continue setup. Click Install to install GFI LanGuard in
the default location or Browse to change path.

The Setup wizard will install GFI LanGuard 2016 Central Management Server on your computer. Click
next to continue. Key in the administrator credentials and password. This is used by the service under
which scheduled operations will operate. Click Next to continue setup.

Use this address when connecting to GFI LanGuard 2016 Central Management Server. Click next to
continue. Click Install to install GFI LanGuard Central Management Server in the default location or
Browse to change path. Click next to continue training.

To install GFI LanGuard Central Management Server click install. Click Finish to finalize installation. When
launching GFI LanGuard for the first time, it automatically enables auditing on the local computer and
scans it for vulnerabilities. On completion of this first scan, the GFI LanGuard Home page

displays the vulnerability result. When it comes to upgrading from previous versions, one should note
that GFI LanGuard retains all settings and result information from any previous version of GFI LanGuard.
This enables you to Install GFI LanGuard without uninstalling the previous version, import settings from
other instances or deploy agents on the same machines where you have a previous

version of GFI LanGuard installed. It is also important to note, that Software upgrades from versions
older than GFI LanGuard 9 cannot be performed. License keys of earlier versions of GFI LanGuard are not
compatible and must be upgraded to run GFI LanGuard.
The process of upgrading to a newer version of GFI LanGuard is very similar to the installation process.
Once GFI LanGuard is installed, it detects the previous installation and automatically launches the
Import and Export Configuration Wizard. This enables you to export various configurations from the
previous version and import them

into the new one. Simply select the configuration to import and click Next to finalize the import process.
So to recap this training module. We have shown you how to install a new version ofGFI LanGuard.
Upgrading to this version of GFI LanGuard is straightforward with settings and scan

results being retained from previous versions. You will however need a new license key if upgrading
from an older version of GFI LanGuard.

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

In this module, we will be talking about the GFI LanGuard Agents, their benefits,

0:05 / 05:19

Auto-play

Subtitles
Subtitles Language

Player Hotkeys

Transcript

Working with GFI LanGuard Agents

Working with GFI LanGuard Agents

In this module, we will be talking about the GFI LanGuard Agents, their benefits, why they are
recommended and how to deploy and configure them. Within GFI LanGuard there are two methods to
manage vulnerabilities, patches and auditing. The first is the “agent-less” method. Using this method,
GFI LanGuard connects directly with the client computers and the GFI LanGuard

server component performs the audit or scan over the network. The second method is using Agents.
Agents are small software components installed on client computers that use the client’s own
resources to scan or audit the client computer. Once a scan is done, scan results are sent to the GFI
LanGuard server.

The main advantage of this system is the maximization of resource use. While the agent-less method
means that the GFI LanGuard server takes responsibility for network-wide scans using its own resources
to do these scans, the agent method implies that the scans are done on the client machines itself, using
the client resources. This saves bandwidth and time since more scans can be run concurrently.

It is important to note however that Agents can only be installed on computers running Microsoft
Windows Operating systems. For detailed information on the GFI LanGuard Agent system requirements
we highly recommend that you refer to the GFI LanGuard Administration guide. Deploying and
managing GFI LanGuard Agents is relatively straightforward.
Select “configuration” and click “Agent management”. Alternatively from the homepage, you may also
select “Manage Agents”. Click Deploy Agents. From this screen you can select the local domain option to
have GFI LanGuard automatically deploy agents on all the computers that are part of the local domain.

To deploy agents on specific computers, choose “Custom”. Click “Custom” to continue training. Click
“Add new rule” to set the custom computers. From the “Rule type” select the value by which this rule
will work. Select “Computer name is” to continue training.

This simulation will now select a computer for you. Click the “Select” option to continue. From this
screen you can choose the computers to add agents to. Click any of the computer names to have this
simulation do this for you. As you can see, the selected computers are now added to the list.

Click “Next” to continue training. In this screen, you need to either confirm using the currently set
credentials or change the credential settings. Click “Next” to continue training. Here click “Finish” to
have GFI LanGuard install the Agent.

Click “Finish” to continue training. Agents and their status are listed in the computer list. From this
screen, you can also change Agent Settings. Click “Agent Settings” to continue training. This dialog box
provides you with three tabs.

The first tab enables you to set the general operations. Here you set the auto-uninstall feature which
causes Agents to automatically be uninstalled if these do not communicate with the GFI LanGuard
server for the given period of time. You can also set the communications IP address and port. These are
used to communicate and report statistics to GFI LanGuard.

Click “Update Timeframe” tab to continue training. Here you set when GFI LanGuard can download
updates. Click “Advanced” to continue training. In the “Advanced” tab you can enable the feature that
allows the GFI LanGuard Agent to create a temporary share for the transfer of information on agent
machines when administrative

shares are not enabled. Click OK to continue training. The next thing we will be talking about are relay
agents. In larger networks, the amount of data transferred from the GFI LanGuard server and the GFI
LanGuard clients may be quite large; to the extent that you may experience a degradation
in network performance. To assist in mitigating this issue, GFI LanGuard enables you to designate
specific agents as Relay Agents. These Relay Agents work as caching points for patches and definitions.
Relay agents download patches and definitions directly from the GFI LanGuard server or from

another Relay agent and then forwards them to the other client computers. This saves bandwidth in
local and geographically distributed networks, reduces hardware load from the GFI LanGuard server and
widens the range of machines that can be protected. To configure a machine with an agent as a relay
server, right click the computer to designate as a relay server and select “Properties”.

Select the “Relays” tab. Click “Set as relay”. Click “Next”. Choose the caching location for the relay agent.
This is used to store audit and remediation information.

Click “Next”, Click “Finish”. Next you would want to have computers connect and download patches and
service packs from the relay agents. To do this, right click on the agent that you want to control through
the relay agent. Select “Properties”.

Select “Relays” tab. Select “Use Relay Agent” option and select the relay agent to which to connect. Click
“Ok”. So, to recap this training module, within GFI LanGuard, agents enable you to streamline and
optimize GFI LanGuard operations.

Deployment is quite flexible and Relay agents save you bandwidth and frustration. For in-depth details
and instructions, refer to the GFI LanGuard Administration guide.

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

When creating a news scanning profile, you are given the option of copying settings from
 1:45 / 02:30

Auto-play

Subtitles

Subtitles Language

Player Hotkeys

Transcript

GFI LanGuard Scanning profles

Scanning Profiles with GFI LanGuard

In this module, we will be talking about scanning profiles. We will discover what they are and how to
customize them. Within GFI LanGuard, scanning profiles are a series of checks against which a computer
is checked to determine several outcomes. In practice, this enables you to focus on specific issues when
checking your network

for vulnerabilities or missing patches. These may also be used to omit vulnerability and missing patches
checks in favour of checks that discover what hardware and software is installed on machines within
your network. By default, GFI LanGuard ships with quite a large number of pre-configured scanning
profiles that you can use to check your network against.
These include scanning profiles that relate only to vulnerability assessment, such as the “High security
vulnerabilities” and the “Critical Patches” scanning profiles. You have also a range of scanning profiles
that deal with “Network and Software Audit”. These include profiles such as the “Software Audit” and
“Network Discovery” profiles. There are times however when you might need to scan your network
computers for the widest

range of vulnerabilities as well as Network and Software auditing checks. In this case you can use the
“Complete vulnerability assessment” and “Full Scans” profiles. A detailed list together with the relative
description of each and every scanning profile is provided in the GFI LanGuard Administration Guide.
Apart from the preconfigured scanning profiles, GFI LanGuard provides you with the facility

of editing existing scanning profiles as well as creating new ones. This is done through the built-in
scanning profile editor. Through this editor, you can create a new scanning profile, edit which
vulnerabilities and patches are checked for, as well as delete or rename exiting vulnerability and
network or software audits.

When creating a news scanning profile, you are given the option of copying settings from an existing
profile. A word of warning on editing default profiles. Editing existing profiles causes the original settings
to be lost. We highly recommend that rather than editing existing profiles, you copy the profile settings

to a new scanning profile and then use that profile to scan your network. So to recap this training
module, GFI LanGuard ships with a number default scanning profiles that assist you in discovering
vulnerabilities, missing service packs and updates. Most of the times you will not need to move away
from the default scan profiles, however GFI LanGuard provides you with the facility to edit or add new
scanning profiles.

You should however exercise caution when editing default scanning profiles since this may cause
degraded security scanning performance.

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

You have enabled a scheduled scan for agentless computer.

2:22 / 03:22

Auto-play

Subtitles

Subtitles Language

Player Hotkeys

Transcript

Practice - Scheduled and Manual Scans

GFI LanGuard, Scheduled and Manual scans, Exercises.

In this module you will have three tasks to execute. The first task is to set a scheduled scan for a
computer that doesn’t have Agent installed on it. First click “Configuration”. Next click “Scheduled
Scans”.

Select “New Scheduled Scan Icon” from the top menu. From the available options select “Scan a list of
computers” and click Next button. Click Computers or Range… … and Input a computer IP address. Click
“Add” to add a computer to a list and click “Next” to proceed.
Now let’s set this scan to run weekly at 9 o’clock in the evening. Set a “weekly” option first. Now set the
time to 9PM and click Next to proceed. Select “Monday” and click “Next”. Now select “Full Vulnerability
Assessment” and click “Next”.

Here you can leave credentials option as it is and proceed to the next screen. For power saving options
un-select to shut down computer after the job has finished and click next. In Auto remediation options
select to download and deploy missing updates and click next. Select “Email the scan report”.

Click “Next” to proceed. Review the selected scan options and click finish. To enable the configured
scheduled scan all you need to do is click “Enable” button located in the top menu. Well done!

You have enabled a scheduled scan for agentless computer. For the next exercise your task is to set a
scheduled scan for a computer with Agent installed on it. From the sidebar select Agents Management.
For this training exercise right click the first computer listed in the table

and click Properties. Now select “Agent status” and select “Change scan schedule”. Select “Enable
schedule” and click OK. Now for Auto remediation options click Change settings.

For this training as an option select “Uninstall unauthorized applications” and click OK to proceed. Well
done! You have enabled a scheduled scan on a computer that has a Agent installed. For the next
exercise your task is to run a manual scan.

The easiest way to run a manual scan is from the GFI LanGuard dashboard. Select Dashboard. From the
left sidebar right click “Entire Network”. Select scan and choose “Custom scan” option. Click “Scan”
button to start scanning.

Well done! You have started a manual scan on the selected computers. Note that full scans on large
networks may take a while to complete. Congratulations, you have successfully completed this exercise.
Continue to the next training module.
Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

For this training exercise choose “Full Vulnerability Assessment”.

0:00 / 06:10

Auto-play

Subtitles

Subtitles Language

Player Hotkeys

Transcript

Vulnerability and patch scans

Scanning for vulnerabilities and missing patches with GFI LanGUard

In this training module we shall be talking about scanning for vulnerabilities and missing patches. This
feature enables you to discover weaknesses in your network’s defences; weaknesses that can lead to
your network being breached through wilful or unintentional means. It also enables you to discover a
wide range of information about your network;

enabling you to take better decisions when it comes to, for example, upgrading specific network
components or which devices need maintenance. So, in this training module we shall be seeing what
scan types are available and how to set and execute them. Broadly speaking, within GFI LanGuard you
can launch scans either on a schedule or manually.

The first, and perhaps, most convenient of the two methods are scans that are set to run on a schedule.
Setting scheduled scans very much depends on whether the target machines you are scanning have
agents installed on them. If the target machines do not have an agent installed on them then you will set
the scheduled

scans from the configuration tab. Click configuration tab to continue training. Next click scheduled scans.
Click “New scheduled scan” icon. Select one of the options.

These options enable you to scan a single machine, a domain or organizational unit, a range or a list of
computers, etc. Depending on the option chosen, in the next screen you will be provided with the
various options where you will choose the relevant target computers. In this screen you can also set a
job description.

For the purposes of this training simulator, select “Scan a list of computers” option. and click Next. In
this screen you will select your scan targets. As previously discussed this screen may be different,
depending on the scan target type chosen in the previous screen.

For the sake of this training exercise, click the “Computer or Range” area to have this simulation choose
the required options for you. Click Next to continue training. In this screen you will set the date and time
when this scan will run. For the purpose of this training exercise, we will set the scan to run weekly

at nine o’clock in the evening. Click Next to continue training. Select the scanning profile to use for this
scheduled scan. For this training exercise choose “Full Vulnerability Assessment”. Click Next to continue
training.
In this screen you may be required to provide Remote Login Credentials. This very much depends on
your network setup and may not be required. Click Next to continue training. In the power saving option
screen, select if to wait or wake up offline computers and if to shut down the computer if the scan job
finishes between the set times.

Click Next to continue training. You will now also set up the Auto-remediation options. This enables you
to have GFI LanGuard download missing updates and service packs as well as uninstalling unauthorized
software discovered on the target computers. Click Next to continue training.

In this screen you will configure scan reporting. This enables you to email reports and to set the type of
reports sent. Click Next to continue training. Review the selected scan options and click Finish. So, once
you have configured a new scan for devices and computers in the agent-less mode,

all you need to do is to enable this scan. To do this select the Enable button. Click Enable to continue
training. Computers that do have an agent deployed on them are set to have scans scheduled
automatically in a completely different manner.

To set a scheduled scan for computers with an agent, first you need to select the Agents management
screen from the Configuration page. Click Agents Management to continue training. Right click the agent
for which to set a scheduled scan and click properties. Select Agent status tab to continue training.

From the “Scanning Profile” area, make sure that you have the correct scanning profile selected. Click
“Change scan schedule” to continue training. To enable scheduled scans, select “Enable Schedule”.
Configure the date, time and recurrence pattern for this schedule scan.

Click OK to continue training. Click Chance Settings to continue training. Select any of the required
options to have this scanning schedule download and deploy missing updates, service packs and update
rollups as well as unauthorized software uninstallations. Click OK to continue training.

Once we have covered how to configure scheduled scans, we can now move on to how to run a manual
scan. You would want to use this feature when, for example, you are troubleshooting specific issues. The
easiest way to run a manual scan is from the GFI LanGuard dashboard. From here you simply need to
right-click the entire network node, a group of computers

or a specific computer. Then select Scan, Custom scan. You will see that the Scan Target area is pre-
populated with the option you selected from the dashboard. Next select the profile to scan with from
the profile area.

Also, if required, set the credentials for this scan. Click Scan to have this scan start immediately. Not that
full scans on large networks may take a while to complete. In the meantime you may go back to the
dashboard screen and continue viewing results for previously scanned targets.

It is important to note that for computers that have an agent installed on them you can click the “Scan
Now” option to have GFI LanGuard perform the default scheduled scan right now without waiting for
the time that triggers such scan. So, to recap this training module, there is a difference in how one uses
scans within GFI LanGuard and this difference is based on whether the scan target

has an agent installed on it or not. Both manual and scheduled scans, regardless of whether an agent is
installed or not eventually lead to the same result; you will be able to view detailed information about
your network and take better decisions on how to protect it against threats.

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

In this training module, we will be discussing how to interpret the scan results from GFI LanGuard.

0:08 / 01:58

Auto-play
Subtitles

Subtitles Language

Player Hotkeys

Transcript

Interpreting scan results

Interpreting Scan Results with GFI LanGuard.

In this training module, we will be discussing how to interpret the scan results from GFI LanGuard. The
Scan Results Overview and Scan Results Details sections can be found within the Scan tab. You can view
manual scan results in two ways. The first is by running a new scan and then seeing results as displayed
in the Scan Result Overview and the Scan Results Details sections.

Alternatively you can use the saved scan results that are by default stored in a database. You can load
these results by first going to the Scan Results Overview page. Next, expand a computer node to access
the results retrieved during a previous scan. Scan results can also be exported to XML. Security scan
results are organized into two sub–nodes and are tagged

as Vulnerability Assessment Network & Software Audit. While a scan is in progress, each computer node
has an icon that categorizes the response time. The Scan Results Details in the Scan tab provide you with
a vulnerability level meter assigned to the computers or groups that have been scanned. The Dashboard
section provides you with information for specific computers or selected groups.
From the computer tree select the computer or group and view the vulnerability meter from the right
pane. Select Entire Network to view the vulnerability level for all your scan targets. GFI LanGuard groups

the discovered vulnerabilities into categories sorted by severity rating. These can be High,
Medium or Low.

For more information on how these severity levels are worked out and to further information on
interpreting results, please refer to the GFI LanGuard administrators’ guide. So to recap this training
module we discussed how and where to find the scan results, how to view manual scan results, the
dashboard, how to export scan results and severity ratings.

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

GFI LanGuard offers a number of features that enable you to fix issues discovered during scans.

0:04 / 06:03

Auto-play

Subtitles

Subtitles Language

Player Hotkeys
Transcript

Automatic remediation

GFI LanGuard Automatic remediation.

GFI LanGuard offers a number of features that enable you to fix issues discovered during scans. Broadly
speaking, within GFI LanGuard there are two remediation types that can be run. The first remediation
type can be set to run automatically. The second type is manual. In this module we shall be talking about
automatic remediation.

Automatic remediation enables you to automate the deployment of missing patches and service packs
in all languages supported by both Microsoft and a number of 3rd party vendors. This feature requires
you to approve patches prior to their deployment. We shall therefore first show you how this is done.
Select the Configuration tab to start your training.

From the Software Updates area, select Patch Auto-deployment. In this screen you are offered the
facility to either manually approve patches or to have patches automatically approved. To manually
approve a patch for auto-deployment network-wide, simply click in the approval area and select
Approve.

Click anywhere in the Approval area to have this simulation do this for you. Now click Automatic
Approval to continue training. Automatic Approval enables you to specify which group of patches are
automatically approved according to a category for the particular vendor. By default, no automatic
approvals are configured; all you need to do now is either select the

name of the vendor or expand the vendor name and then select a product name. Once this is selected,
you can customize what type of security updates to automatically approve. When done, patches that fall
within this category are automatically approved. Apart from Patch Auto-approval, you might also want
to configure unauthorized application uninstall. Unauthorized applications may cause security and legal
liability if these are not properly
licensed for use within your network. To set this feature, you first have to identify the unauthorized
application which was detected in a scan, and then validate, or test, the application uninstallation
process. If this test is Ok, then you may enable specific scanning profiles to have that application
automatically approved.

Applications that are not detected by the GFI LanGuard scans can also be manually added to the
unauthorized application list. So, to begin with, from the Configuration tab, we will first access the
Applications inventory option. From the list of applications detected click "Add". From the summary
screen click "Next".

In this screen key in a complete or partial application name. You may also provide the version details
and the publisher. Click "Next". Next select which scanning profile will identify the chosen application as
a high security vulnerability for uninstallation.

Select Full scan Option to continue training. Click Next to continue training. In this screen you need to
review the list of applications which names partially match the name of the chosen application.
Applications in this list will be affected by the configuration set in the particular list.

Click "Next" to continue training. Click "Finish" to continue training. Once both application approval and
application uninstall are configured you then need to configure the agents to action this setup. To do
this, from the configuration screen, select Agents Management.

Right click the agent for which to configure auto remediation and select properties. Click any of the
agents listed in the screen to let the simulation do this for you. Select Agent Status tab. From the auto-
remediation settings area, click change settings button. Here you will select which auto remediation
options to enable.

You can opt to enable missing updates, missing service packs, update rollups or unauthorized
applications. Once you have selected any of these options, you will be allowed to configure additional
auto remediation options. Select “Download and deploy missing updates” checkbox to continue
training.
Select "Configure Auto remediation options" to continue training. The before deployment tab enables
you to enable and configure a warning on the client machines before a patch is deployed. You can also
stop services before deployment and select the network share to use for deployment purposes.

Click "After Deployment" to continue training. After deploying a patch you may want to shut down or
reboot the computer. In case you opt to do this you may also set a schedule for reboot or shutdown, or
give the user the facility to decide when to shut down their computer. You may also want to configure a
notification message.

Other options include the facility to delete copied files and to run a patch verification scan. Click
"Advanced" tab to continue training. In the advanced tab, you can specify the number of processing
threads allowed to start when deploying updates, and the timeout in seconds when an agent will
attempt to deploy an update.

It also enables you to configure an administrative account under which the update will run. Click OK to
continue training. Click OK to save configuration options. Click OK. So, to recap this training module,
Automatic remediation enables you to automate the deployment

of missing patches and service packs in all languages supported by both Microsoft and a number of 3rd
party vendors. This saves the administrator time and effort in automating an important task that helps
safeguard network security. For information about manual remediation, refer to the “Manual
remediation” training module.

For additional information about automatic remediation, refer to the GFI LanGuard administrator's
guide. Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

GFI LanGuard offers a number of features that enable you to fix issues discovered during scans.
 0:05 / 04:44

Auto-play

Subtitles

Subtitles Language

Player Hotkeys

Transcript

Manual Remediation

GFI LanGuard Manual remediation.

GFI LanGuard offers a number of features that enable you to fix issues discovered during scans. Broadly
speaking, within GFI LanGuard there are two remediation types that can be run. The first remediation
type can be set to run automatically. The second type is manual. In this module we shall be talking about
manual remediation.

Manual remediation enables you to fix issues detected during scans. This option also enables the
deployment of patches on computers that have no agents installed on them. Click remediate tab to
continue training. Within the Remediate tab, you are presented with a number of options that enable
you to deploy software updates, uninstall software updates, deploy custom software, uninstall
applications and fix problems associated with your malware protection for computers on your network.
You will also be able to connect to machines to solve problems directly on such machines via Remote
Desktop Connection. We shall now be describing these options. Click Deploy Software updates to
continue training.

In this screen you will first select the computer or a group of computers on which to deploy an update.
Next you will choose one or more updates from the list of provided updates. Once this is done you will
click the Remediate tab to start deploying updates. Click remediate to continue training.

From the deploy software updates dialog, edit the deployment options. You can opt to deploy
immediately or at a specific date and time. You can also customize the credentials to use and set the
pre-and post-deployment options. These include any message that are shown to the users and the
facility to reboot and shutdown machines after installing patches.

Click OK to continue training. Click "Deploy Software Updates" dialog to return to the main remediation
tab options, and continue training. Click Uninstall software updates to continue training. The Uninstall
Software updates page enables you to uninstall service packs that, for example, have been recalled by
the vendor.

Using this feature works exactly like deploying a patch. Simply select the machine or group of machines
to uninstall patches from, select the patch to uninstall and click remediate. You will also need to
configure the deployment options. Click the Uninstall Software updates link to return to the Main
remediation tab options

and continue training. Click Deploy Custom software. As its name suggests, this fixables you to deploy
custom software. Here you first select the machines where to deploy the software package. Next you
will use the add button to add the software packages to deploy.

Once done, click deploy. Once again, you will be asked to configure deployment options. Click the
deploy custom software header to return to the main remediation screen options, and continue
training. Click Uninstall Applications to continue training.
Manually uninstalling applications from within GFI LanGuard is very similar to installing them. Simply
select the machine or group of machines from where to uninstall an application and select one of the
applications which was previously approved for installation. Click the uninstall applications header to
continue training. Click Malware protection to continue training.

This option is used to fix vulnerabilities related to anti-malware software on client computers. So, you
can, for example, launch anti-virus scans or enable the local firewall. To use this feature, select the
machine or group of machines to fix issues upon. Next, select the issues to fix. Next click remediation.

You will also need to, as usual, configure the usual deployment actions. Click the Malware Protection
header to continue training. Click Remote desktop support via Remote Desktop Connection to continue
training. This screen enables you to start a remote desktop connection to the chosen computer. Simply
double-click the computer to connect to.

Apart from all the aforementioned options, you can view remediation jobs from within the remediation
jobs tab. So, to recap this training module; Manual remediation enables you to manually fix missing
patches and service packs discovered during scans. In the manual mode you will also be able to fix
malware issues and connect remotely to

machines via Remote desktop connection. For information about automatic remediation refer to the
“Automatic remediation” training module. For further, in-depth, information about manual remediation
refer to the GFI LanGuard Administration guide.

Adjust Font Size

Transcript Autoscroll

Adjust Font Size

Transcript Autoscroll Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

In this training module we shall be talking about the GFI LanGuard database, what is it

0:05 / 02:37

Auto-play

Subtitles

Subtitles Language

Player Hotkeys

Transcript

GFI LanGuard Database

The GFI LanGuard Database.

In this training module we shall be talking about the GFI LanGuard database, what is it used for and how
to configure and maintain it. GFI LanGuard uses a database to store scan results and any other
information related to agents and the machines where these are installed. GFI LanGuard only supports a
Microsoft SQL Server-based database.
This includes Microsoft SQL Server Express, which is the free of charge version of this database. We shall
now see the GFI LanGuard database configuration options. Select Configuration tab. From the list of
options and features in the configurations list, select Database Maintenance Options.

Click Database Backend settings. The first tab enables you to configure the database. The top part of the
screen shows the currently configured database. There are instances where you may need to specify
authentication and credentials. Click Scanned Computers to continue training.

The scanned computers tab enables you to manage the number of computers that are scanned by GFI
LanGuard. A list of computers is displayed together with the number of computer nodes that have been
scanned to date. Given that the license is based on the number of computers scanned, you may run into
a situation

where you have old computers in this list that you no longer need to scan. In this screen you can select
computers to delete from the list. Simply press the Shift key on your keyboard and select one or more
computers from the list. Click Delete selected computers to have these computers deleted. Click Saved
Scan results to continue training.

The saved scan results tab enables you to see a list of scan results that GFI LanGuard performed over a
period of time. From this screen you can select a number of scan results and either delete them or mark
them as read-only. Marking scan results as read-only causes GFI LanGuard to not delete these results in
automated

database results clean-up operations. Click Retention to continue training. The retention tab enables
you to configure automated clean-up operations. In this tab you can configure a number of options,
such as the facility to keep the last number of scans or to keep a number of scan profiles per scan target
and the facility

to either never delete scan history or to keep it for a specific time period. Click OK. So, to recap this
training module, GFI LanGuard needs a database to store information. You can use Microsoft SQL
Express as a database without any problems. GFI LanGuard also provides you with comprehensive
database configuration and maintenance mechanisms
that enable you to keep the database in tip-top condition.

Adjust Font Size

Transcript Autoscroll Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

In this training module we shall be talking about Activity Monitoring and Alerting.

0:06 / 03:39

Auto-play

Subtitles

Subtitles Language

Player Hotkeys

Transcript
Monitoring and Notifications

Activity monitoring and notifications.

In this training module we shall be talking about Activity Monitoring and Alerting. Activity monitoring
enables you to learn how GFI LanGuard is performing on your network. Alerting, on the other hand,
enables you to have GFI LanGuard send notifications, daily digest reports and product news. Within GFI
LanGuard’s Activity Monitoring page you can monitor security scans,

software updates download, remediation operations and product updates activity. We shall be going
through these four screens to show you what each of these do. Within GFI LanGuard’s Activity
Monitoring page you can monitor security scans, software updates download, remediation operations
and product updates activity. We shall be going through these four screens to show you what each of
these do.

In the security scans screen you can see the queue, progress and status of all scans that are currently in
progress. Right clicking a listed scan provides you with several options, amongst which the facility to
stop an ongoing scan and the facility to view scan results. You can also filter the security scans.

This feature enables you to configure the type of scans to monitor. By default all scans are monitored.
Click Software updates download to continue training. In this screen you can monitor and manage the
software updates that are being downloaded. Right clicking a download enables you to change
download priority or cancel a patch download.

You can also pause all downloads from this screen. Click Monitoring Remediation operations to continue
training. The remediation operations view enables you to see and cancel scheduled remediation jobs
according to need. All you need to do to cancel a remediation job is to right click a job and select Cancel

selected deployment. Click Monitoring Product Updates to continue training. This screen shows you GFI
LanGuard’s activity in terms of program updates. The GFI LanGuard Updates page shows the list of
update operations that GFI LanGuard has undertaken. You can expand the list for more details.
Click GFI LanGuard Agent Updates to continue training. This tab shows the list of deployed agents and
when they were updated. You can expand the individual agents for more details. Now that we’ve been
through the monitoring options, we’ll explore how to set up the GFI LanGuard notifications.

Click Configuration tab to continue settings. Click Alerting Options. From the Alerting Options page,
select the “here” option. In the General tab you can configure the email server and email address details
for email notifications. These notifications are sent after each scheduled scan.

Click Notifications tab to continue training. Here you select the notification types that can be sent in
addition to the scheduled scan notification. These include a daily digest, which is a condensed list of all
changes done on the network. You will also need to configure when the digest is generated. You can
also enable new product news updates; this enables you to be notified of new release

and updates as these occur. So, to recap everything, GFI LanGuard offers you a system through which
you can monitor GFI LanGuard activities and have Alerts issued out to you. Through this system you can
keep up to date with all the GFI LanGuard happenings.

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

In this training module we’ll be discussing how to configure program updates.

0:05 / 01:51

Auto-play

Subtitles
Subtitles Language

Player Hotkeys

Transcript

Configuring program updates

Configuring Program Updates in GFI LanGuard.

In this training module we’ll be discussing how to configure program updates. This feature enables GFI
LanGuard to detect the latest vulnerabilities and maintain its scanning performance. Configure GFI
LanGuard to auto-download updates released by GFI to improve the protection that GFI LanGuard offers
you.

To manually configure proxy server settings for Internet updates go to the configuration tab click
program updates and Edit proxy settings. Select Override automatic proxy detection; configure the
options by selecting one of these three options: Connect directly to the Internet, Connect via a proxy
server,

Proxy server requires authentication, then click OK. By default, GFI LanGuard checks for the availability
of software updates once per day. To configure auto-update settings, click on Program Updates. Edit the
“Enable scheduled updates” section to configure the frequency of update checks. Specify whether GFI
LanGuard is to download updates from the GFI website

or from an alternative location. Then click OK. To install program updates manually, click Check for
updates. Again, specify the location from where the required update files will be downloaded.
You can also change the default download path if you wish. To do this select Download all update files to
this path to provide an alternate download path to store all GFI LanGuard updates. Click Next to proceed
with this update. Select updates.

Click next, then Start to start the update process. So to recap this training module, we discussed how to
manually configure proxy server settings for Internet update, how to configure GFI LanGuard schedule
to check for the availability of software updates and how to install program updates manually.

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

In this training module we’ll be discussing how to configure program updates.

0:05 / 01:51

Auto-play

Subtitles

Subtitles Language

Player Hotkeys
Transcript

Configuring program updates

Configuring Program Updates in GFI LanGuard.

In this training module we’ll be discussing how to configure program updates. This feature enables GFI
LanGuard to detect the latest vulnerabilities and maintain its scanning performance. Configure GFI
LanGuard to auto-download updates released by GFI to improve the protection that GFI LanGuard offers
you.

To manually configure proxy server settings for Internet updates go to the configuration tab click
program updates and Edit proxy settings. Select Override automatic proxy detection; configure the
options by selecting one of these three options: Connect directly to the Internet, Connect via a proxy
server,

Proxy server requires authentication, then click OK. By default, GFI LanGuard checks for the availability
of software updates once per day. To configure auto-update settings, click on Program Updates. Edit the
“Enable scheduled updates” section to configure the frequency of update checks. Specify whether GFI
LanGuard is to download updates from the GFI website

or from an alternative location. Then click OK. To install program updates manually, click Check for
updates. Again, specify the location from where the required update files will be downloaded.

You can also change the default download path if you wish. To do this select Download all update files to
this path to provide an alternate download path to store all GFI LanGuard updates. Click Next to proceed
with this update. Select updates.

Click next, then Start to start the update process. So to recap this training module, we discussed how to
manually configure proxy server settings for Internet update, how to configure GFI LanGuard schedule
to check for the availability of software updates and how to install program updates manually.

Adjust Font Size

Transcript Autoscroll Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

In this training module we shall be talking about the GFI LanGuard Central Management

0:05 / 02:17

Auto-play

Subtitles

Subtitles Language

Player Hotkeys

Transcript

Central Management Server - Introduction

Using the GFI LanGuard Central Management Server Console.

In this training module we shall be talking about the GFI LanGuard Central Management Server Console
and how to use it. To access the console, key in the IP address from any supported internet browser. Not
all users will see the same dashboards and pages. What the user sees depends on the access rights
granted to each user from the settings area.

For example, you might want to assign reporting rights to a particular group of users so that they are
able to generate reports from within the console. These users will not have access to the more advanced
areas of the console, like the settings tab. The home tab offers two different graphical overviews. The
first view, which is also the default one, is called Sites Overview.

This provides a map with pointers that show the location of GFI LanGuard deployments across the
world. High, Medium and Low markers, colour coded red, yellow and green respectively, define the
vulnerability status of the sites at a glance. An additional filter can be toggled to display the Vulnerability
Status, Auditing Status, Patch Management Status and License Usage.

The second graphical representation offers an in-depth look at the status of top sites in an interactive
infographic with 4 main nodes. The bottom part of the home page contains three widgets with
additional information, such as a list of events describing actions carried out or problems that have been
identified by GFI LanGuard Central Management Server - for example, when a service is not running.

The Security Sensors widget provides information related to security issues such as missing updates or
malware protection issues. You can drill down on any item in the list for further details. The third widget
provides information about Missing Updates, Operating Systems and Software running within your
network.

Next, we take a look at the dashboards tab. The dashboards in GFI LanGuard Central Management
Server Console provide information related to issues, missing patches or updates, vulnerabilities and
other important information that provide insight into the security status of your entire network. After
you click Dashboard in the top navigation menu, you are presented with a tile for each

available dashboard. The first of these is the Overview page. It provides instant access to important
information obtained from various GFI LanGuard installations, such as the vulnerability level of
computers, domains or entire networks, missing update alerts, vulnerability trends and top issues that
need to be addressed.
Click the Computers tile to access the second dashboard. This contains information related to computers
audited by GFI LanGuard such as discovered machine names, IP addresses, Domain names, installed
Operating Systems and other relevant data. The third tile displays the History dashboard. Here you can
see a list of changes done to target computers between audits, including

changes related to vulnerability level, user accounts, groups, ports, shares and registry entries. Audit
results can be filtered by date, grouped by computer, information category or date and exported in
several formats. The fourth dashboard is called Vulnerabilities and provides a list of missing updates and
types of vulnerabilities affecting your network.

Select items from the list to display additional details. The Patches dashboard displays a list of missing or
installed patches and service packs found during a network audit. When a patch or service pack is
selected from the list, the Details section provides more information on the selected item.

Click the sixth tile to view the Ports dashboard with details on open TCP or UDP ports found during a
network audit. The Software dashboard lists installed applications found during a network audit. Select
any application from the list to view additional information on the selected item. Similar to the software
dashboard, the Hardware tab displays information on the hardware found

during a network audit. The final dashboard is called System Information and here you have access to
information associated with the operating system of scanned targets, such as users and groups, ongoing
processes and currently running services. For each of the dashboards, you can use advanced filtering
and grouping options that enable

you to quickly find a site, computer or domain and immediately display results. These options can be
managed from the Computer Tree on the left side of the screen. When a computer or group is selected
from the computer tree, results in the dashboard are automatically updated. Press CRTL and select
multiple computers to display results for specific computers.

You can also save filters and then use them to generate targeted reports. By default, the GFI LanGuard
Central Management Server console offers a number of pre-defined reports. New ones can be added by
customizing existing reports and saving them with a new name. To use one of the reports, simply hover
over one of the report names and click Generate to run the report.

To schedule a report, hover over a report and click Schedule, then define options in the General tab such
as a schedule for the selected report, the Recurrence pattern if you want the report to be generated a
number of times. Use the Customize tab to apply filters to the target for more targeted reports.

For example, you can generate reports for high vulnerability issues only. You can also define export
options such as the export format and email settings. Existing reports can be modified and saved as new
reports. Simply hover over one of the report names, click Customize and modify the available options
such as Report name, Report Items, Filters and Grouping & Sorting.

So, to recap this training module, GFI LanGuard Central Management Server Console is a convenient tool
that connects multiple GFI LanGuard instances into one centralized dashboard. The data collected from
the remote LanGuard instances is presented in a set of dashboards and leveraged by pre-defined reports
that help you stay on top of network related problems such as security issues and vulnerabilities.

Adjust Font Size

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

Open GFI LanGuard and click the Configuration tab.

0:37 / 04:14

Auto-play
Subtitles

Subtitles Language

Player Hotkeys

Transcript

Central Management Server Configuration

Configuring the GFI LanGuard Central Management Server.

In this training module we shall be talking about the GFI LanGuard Central Management Server, what it
is used for and how to configure it for optimal use. In the GFI LanGuard Installation training module, we
have already gone through the installation process for this feature. Once the installation is complete,
there is however some basic configuration to be done.

This will enable the GFI LanGuard Central Management Server to start receiving data into the console.
This configuration is done from within each GFI LanGuard deployment. Open GFI LanGuard and click the
Configuration tab. Locate the Central Management Server option.

Click Configure GFI LanGuard Central Management Server. From the General tab, select the enable
central management checkbox. Here you should also provide the server address and port that your
instance of GFI LanGuard will use to communicate with the central management server. The ‘Use GFI
LanGuard service credentials to authenticate’ checkbox is enabled by default.
This enables you to use your existing GFI LanGuard service credentials to authenticate with the central
management server. If you disable it, you will need to provide a username and a password to be used
with the Central Management server. In the Site Details tab, you provide the details that will be shown
in the central management console.

These include the name of your GFI LanGuard instance, a description, the location name and the latitude
and longitude values. These two values are required by the console to display the location of each
LanGuard deployment on a map and are automatically populated by the system. After the GFI LanGuard
Central Management Server is configured from within LanGuard,

there are additional settings configurable from within the console. Let’s start with a look at the database
settings. Open the GFI LanGuard Central Management Server console. To do this, you can either click
the link from within GFI LanGuard, or by keying in the address in your Internet browser.

Click the Settings icon in the top right corner of the screen and select Database. The Database Server
details will be the ones you already provided during the installation. Here you can modify these details
as required. If you want to create a new database, use the Database Name field to type the name of the
database you want to create in SQL Server.

The database name you key in must be unique; otherwise you will overwrite the existing database. Next
you need to specify data retention settings - these define whether to keep historical data stored in the
database or whether to delete this data after a specified amount of time. By default, GFI LanGuard
Central Management Server is set to keep historical data for a period of 36 months.

To change data retention settings simply select between the ‘Never delete history’ or ‘Keep history for a
specified period’ options, and then use the Months field to specify an amount in months. The Email tab
enables you to configure settings that enable GFI LanGuard Central Management Server to send
important administrative notifications.

To configure sender and recipient details you just need to set up the sender email address that will be
used to send the required emails, the address of the server through which emails are routed, and the
Email Addresses of recipients. If the SMTP server requires a username and a password to authenticate
when sending administrative notifications, you must also enable Authentication and enter a username
and password in the appropriate fields.
When done, click Verify Email Settings to ensure that email settings are configured correctly. So, to
recap this training module, we have seen all the configuration that needs to be done. This configuration
enables the GFI LanGuard Central Management Server Console to collect data from remote LanGuard
instances to deliver information in a centralised console that helps you identify problems at remote
sites.

Adjust Font Size

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

In this training module we shall be talking about the GFI LanGuard Central Management

0:06 / 06:33

Auto-play

Subtitles

Subtitles Language
Player Hotkeys

Transcript

Using the Central Mangement Server

Using the GFI LanGuard Central Management Server Console.

In this training module we shall be talking about the GFI LanGuard Central Management Server Console
and how to use it. To access the console, key in the IP address from any supported internet browser. Not
all users will see the same dashboards and pages. What the user sees depends on the access rights
granted to each user from the settings area.

For example, you might want to assign reporting rights to a particular group of users so that they are
able to generate reports from within the console. These users will not have access to the more advanced
areas of the console, like the settings tab. The home tab offers two different graphical overviews. The
first view, which is also the default one, is called Sites Overview.

This provides a map with pointers that show the location of GFI LanGuard deployments across the
world. High, Medium and Low markers, colour coded red, yellow and green respectively, define the
vulnerability status of the sites at a glance. An additional filter can be toggled to display the Vulnerability
Status, Auditing Status, Patch Management Status and License Usage.

The second graphical representation offers an in-depth look at the status of top sites in an interactive
infographic with 4 main nodes. The bottom part of the home page contains three widgets with
additional information, such as a list of events describing actions carried out or problems that have been
identified by GFI LanGuard Central Management Server - for example, when a service is not running.

The Security Sensors widget provides information related to security issues such as missing updates or
malware protection issues. You can drill down on any item in the list for further details. The third widget
provides information about Missing Updates, Operating Systems and Software running within your
network.
Next, we take a look at the dashboards tab. The dashboards in GFI LanGuard Central Management
Server Console provide information related to issues, missing patches or updates, vulnerabilities and
other important information that provide insight into the security status of your entire network. After
you click Dashboard in the top navigation menu, you are presented with a tile for each

available dashboard. The first of these is the Overview page. It provides instant access to important
information obtained from various GFI LanGuard installations, such as the vulnerability level of
computers, domains or entire networks, missing update alerts, vulnerability trends and top issues that
need to be addressed.

Click the Computers tile to access the second dashboard. This contains information related to computers
audited by GFI LanGuard such as discovered machine names, IP addresses, Domain names, installed
Operating Systems and other relevant data. The third tile displays the History dashboard. Here you can
see a list of changes done to target computers between audits, including

changes related to vulnerability level, user accounts, groups, ports, shares and registry entries. Audit
results can be filtered by date, grouped by computer, information category or date and exported in
several formats. The fourth dashboard is called Vulnerabilities and provides a list of missing updates and
types of vulnerabilities affecting your network.

Select items from the list to display additional details. The Patches dashboard displays a list of missing or
installed patches and service packs found during a network audit. When a patch or service pack is
selected from the list, the Details section provides more information on the selected item.

Click the sixth tile to view the Ports dashboard with details on open TCP or UDP ports found during a
network audit. The Software dashboard lists installed applications found during a network audit. Select
any application from the list to view additional information on the selected item. Similar to the software
dashboard, the Hardware tab displays information on the hardware found

during a network audit. The final dashboard is called System Information and here you have access to
information associated with the operating system of scanned targets, such as users and groups, ongoing
processes and currently running services. For each of the dashboards, you can use advanced filtering
and grouping options that enable

you to quickly find a site, computer or domain and immediately display results. These options can be
managed from the Computer Tree on the left side of the screen. When a computer or group is selected
from the computer tree, results in the dashboard are automatically updated. Press CRTL and select
multiple computers to display results for specific computers.

You can also save filters and then use them to generate targeted reports. By default, the GFI LanGuard
Central Management Server console offers a number of pre-defined reports. New ones can be added by
customizing existing reports and saving them with a new name. To use one of the reports, simply hover
over one of the report names and click Generate to run the report.

To schedule a report, hover over a report and click Schedule, then define options in the General tab such
as a schedule for the selected report, the Recurrence pattern if you want the report to be generated a
number of times. Use the Customize tab to apply filters to the target for more targeted reports.

For example, you can generate reports for high vulnerability issues only. You can also define export
options such as the export format and email settings. Existing reports can be modified and saved as new
reports. Simply hover over one of the report names, click Customize and modify the available options
such as Report name, Report Items, Filters and Grouping & Sorting.

So, to recap this training module, GFI LanGuard Central Management Server Console is a convenient tool
that connects multiple GFI LanGuard instances into one centralized dashboard. The data collected from
the remote LanGuard instances is presented in a set of dashboards and leveraged by pre-defined reports
that help you stay on top of network related problems such as security issues and vulnerabilities.

Adjust Font Size

Back

GFI LanGuard 12 - Training Level 200

Handout Send Feedback

In this training module we shall be talking about the GFI LanGuard Central Management

0:14 / 04:14

Auto-play

Subtitles

Subtitles Language

Player Hotkeys

Transcript

User Priviledges and sites

The GFI LanGuard Central Management Server user privileges and sites.

In this training module we shall be talking about the GFI LanGuard Central Management server users,
their access permissions and to which sites these users have access to. To begin with, it is important to
emphasise the fact that GFI LanGuard uses Active Directory to authenticate users. This effectively means
that all the users that will use the web console should exist
in the Active Directory domain. Active Directory should be reachable from the machine where the web
console is installed. GFI LanGuard enables Administrators to allocate Active Directory users who are
granted access to the web console to one of three roles. The role with the least permissions is the
“Auditor” role.

Users in this role are able to access the web console and use all the reporting tools that are available in
the web service. The second type of role is the “Site Admin” role. Here, users will be able to login the
web console to configure and manage the sites that their users are given access to.

The third role is the IT Manager role. This role is a combination of the both the “Auditor” and the “Sites
Admin” roles. Users that have this permission level are granted full access to the web console. Apart
from access privileges, web console users can also be granted access to sites. So you could, for example,
have a user which is granted access to a particular set of GFI

LanGuard instances that have already been bundled together as a site, while other users are granted
access to a completely different site. This enables administrators to completely segregate access to
particular sites to a specific user or set of users. So, to recap this training module, within the GFI
LanGuard Central Management Server

Console, users can be allocated privileges and assigned access to specific sites. For further details on the
features mentioned in this training module, refer to the GFI LanGuard Administration guide.

Adjust Font Size

Transcript Autoscroll

Transcript Autoscroll Transcript Autoscroll