Configuring the applications scanning options

Use the Applications tab to specify which installed applications will be investigated by this scanning profile during a target computer scan.

Screenshot 86 - The applications configuration page

Through this tab, you can also configure GFI LANguard N.S.S. to detect and report 'unauthorized' or 'hot' software installed on scanned targets and to generate high security vulnerability alerts whenever such software is discovered.

Screenshot 87 - List of supported anti-virus and anti-spyware applications

By default, GFI LANguard N.S.S. also supports integration with particular security applications. These include various anti-virus and anti-spyware software. During security scanning, GFI LANguard N.S.S. will check if the supported virus scanner(s) or anti-spyware software is correctly configured and that the respective definition files are up to date.

Application scanning is configurable on a scan profile by scan profile basis and all the configuration options are accessible through the two sub-tabs contained in the applications configuration page. These are the Installed Applications sub-tab and the Security Applications sub-tab.

Enabling/disabling checks for installed applications

To enable scans for installed applications in a particular scanning profile:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Applications tab.

3. Select the check box next to the `Enable Scanning for installed applications on target computers' option.

NOTE: Installed applications scanning is configurable on a scan profile by scan profile basis. If in a particular profile this option is not selected, no checks for installed applications will be performed in the security audits carried out by this scanning profile.

Scanning for installed applications

Screenshot 88 - The Applications tab: Installed Applications tab options

Compiling a list of unauthorized applications

To compile a list of dangerous applications:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Applications tab.

3. Click on the Installed Applications sub-tab.

4. Select the `All applications except the ones whose name contains:' option.

Screenshot 89 - List of unauthorized applications

5. In the list underneath the previously selected option, specify the names of the installed applications which you want to classify as high security vulnerabilities.

For example, if you enter the word "Kazaa" you will be notified through a high security vulnerability alert when an application whose name contains the word "Kazaa" is detected.

Compiling a list of safe applications

To compile a list of safe applications:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Applications tab.

3. Click on the Installed Applications sub-tab.

4. In the list under `Ignore (Do not list/save to db) applications whose name contains:' specify the names of the applications (for example, Excel) that you wish to exclude from the scan results.

NOTE: Include only one application name per line.

Scanning for security applications

Screenshot 90 - The Applications configuration page: Security Applications tab options

GFI LANguard N.S.S. ships with a default list of anti-virus and anti-spyware applications which can be checked during security scanning.

Enabling/disabling checks for security applications

To enable checks for installed security applications in a particular scanning profile:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Applications tab.

3. Select the check box next to the `Detect and process installed anti-virus/anti-spyware software on target computers' option.

NOTE: Installed security applications scanning is configurable on a scan profile by scan profile basis. If in a particular profile this option is not selected, no checks for installed security applications will be performed in the security audits carried out by this scanning profile.

Customizing the list of security application for scanning

To specify which security applications will be scanned during an audit:

1. Expand the Configuration } Scanning Profiles node and select the scanning profile that you wish to customize.

2. From the right pane, click on the Applications tab.

3. Click on the Security Applications tab.

Screenshot 91 - Selecting the security applications to be investigated

4. Select the check boxes of the security applications that you wish investigate when performing security audits with this scanning profile.

Configuring security applications - advanced options

Screenshot 92 - Advanced configuration options dialog

Use the Advanced button included in the Security Applications configuration page to configure extended security product checks which generate high security vulnerability alerts when:

The anti-virus or anti-spyware product definitions files are out of date.
The `Realtime Protection' feature of a particular anti-virus or anti-spyware application is found disabled.
None of the selected anti-virus or anti-spyware software is currently installed on the scanned target computer.