Key features • Finds rogue services and open TCP and UDP ports. • Detects known CGI, DNS, FTP, Mail, RPC and other vulnerabilities. • Detects rogue or backdoor users. • Detects open shares and enumerates who has access to these shares including their respective permissions. • Scans for all known vulnerabilities reported in the OVAL, CVE and SANS Top 20 databases. • Enumerates: o Groups (group members during target computer scanning). o USB devices attached to target computers. o Network devices (wired, wireless, or virtual). o Services and their respective state. o Remote running processes. o Installed applications. • Checks that the signature files of supported installed security applications (anti-virus and anti-spyware) are updated. Where applicable the security scanner will also examine the running configuration settings of particular security software (for example, BitDefender anti-virus) to verify that key features such as real-time scanning are enabled. • Scheduling of network security scans and email reporting on completion. • Security scanning and OS data collection for Windows operating systems. • Security scanning and OS data collection for Linux operating systems through SSH. • Logon to remote Linux targets through conventional logon credentials strings as well as through Public Key authentication (i.e. using SSH Public/Private Key files). • Self-updating – Automatically downloads definition files for the latest vulnerability checks, missing patches information on program startup. • Patch management support for Windows 2000/XP/2003/Vista operating systems, Microsoft Office XP or later, Microsoft Exchange 2000/2003 and Microsoft SQL Server 2000 or later. • Patch management support for multilingual operating systems that are Unicode compliant. • Patch rollback support. • Allows you to save security scan results in Microsoft Access or Microsoft SQL Server database backend and XML files. • Reports to administrator on completion of a scheduled scan with detailed full scan results and/or detected changes identified between successive scans. • Live host detection, operating system identification, SNMP Auditing and Microsoft SQL Auditing. • Script debugger that you can use to create and debug custom vulnerability checks. Checks are created using a VBscript compatible scripting language. • Improved multithreading capabilities that allows more that three computers to be scanned at a time. • Includes command line tools that allow you to scan and deploy software updates/patches and third party applications without bringing up the GFI LANguard N.S.S. user interface. These command line tools can be used directly from the command line prompt, through third party applications, as well as through custom scripts and batch files.
