2.2 Network Scanning options

GFI LANguard includes default configuration settings that allow you to run immediate scans soon after the installation is complete.

Screenshot 2 – Scan Options

GFI LANguard ships with preconfigured scanning options. These options are located in the Network Audit tab, which opens by default every time that the GFI LANguard management console is launched.

Parameters preconfigured in these default-scanning options include the scan profile. Scan profiles are a collection of vulnerability checks that determine what vulnerabilities will be identified and which information will be retrieved from scanned targets.

The default scanning options provide quick access to the following scanning modes:

•	Quick scan: Scanning mode set to audit target computers for system information and high security vulnerabilities only (including missing Microsoft updates). The scanning profile used in this scanning option is by default set to ‘High Security Vulnerabilities’.

•	Full scan: Scanning mode set to audit target computers for system information and all possible security vulnerabilities. The scanning profile used in this scanning option is by default set to ‘High Security Vulnerabilities’.

•

Launch a custom scan: Scanning mode, which allows you to configure (on the fly) the parameters to be used during a scan. Configuration is wizard assisted and configurable parameters include scanning profile. For more information on how to execute a custom scan, refer to the Custom scans section in this manual.

•	Set up a scheduled scan: Scanning mode, which allows you to audit target computers at configurable time intervals. For more information on how to set scheduled scans, refer to Scheduled scans section in this manual.

Important notes

1. If Intrusion Detection Software (IDS) is running during scans, GFI LANguard will set off a multitude of IDS warnings and intrusion alerts in these applications. If you are not responsible for the IDS system, make sure to inform the person in charge about any planned security scans.

2. In most cases, vulnerability scans will generate different event log entries across diverse systems e.g. UNIX logs and web servers logs will all detect GFI LANguard scans as intrusion attempts triggered from the computer running GFI LANguard.

3. To successfully execute a scan, GFI LANguard must remotely logon to target computers with administrator privileges.

4. For large network environments, a Microsoft SQL Server/MSDE database backend is recommended instead of the Microsoft Access database.

5. When submitting a list of target computers from file, ensure that file contains only one target computer name per line.