GFI LanGuard

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Scheduled Reports Excel Output In One Sheet

    In scheduled reports when I set the output type to excel I have no custom settings for it and the output file includes tons of sheets for every page. I want them to be in one excel sheet. This can be set when I generate the report manually right now. Please add this setting also to the scheduled reports section.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  2. Antivirus detection for Linux

    I recently was told by support that LanGuard does not support antivirus detection for Linux servers. We see a green sensor for malware even on systems that we know does not have malware and AV software installed. We use Symantec Endpoint protection.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  3. Enable TLS 1.2 support in LanGuard and Central Management Server

    Central Management Server requires TLS 1.0 to connect to the SQL server hosting its database. This is a massive security hole.

    This is the error in Windows on a server which has TLS 1.0 disabled.

    "An unknown connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed."

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  4. Load Balance Relay Servers Assigned by Location

    Rather than forcing a sysadmin to manually assign relay agents to machines - which is the only way to meet the <=100 machine per server requirement - build a Relay Server load balancer into the main server.

    Example:

    Allow each machine to know that its location (NYC, for example) has more than one relay assigned to that location (NYCRELAY1 and NYCRELAY2 and NYCRELAY3, for example). Have each machine check in the list alphabetically from top to bottom, and each relay should only allow 100 connections. When they hit the max, have the workstation check the next server in the list,…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add support for Kaspersky Security for Virtualization 4.0 Light Agent

    Kaspersky Security for Virtualization 4.0 Light Agent is currently not recognised as an anti-malware product.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add a notes tab for the approved/denied patches

    I think it would be nice to have a notes tab for the approved/denied patches. For example, I'm not the only person who does patching. It would could be beneficial to have a notes section where you indicate why a patch was denied or if it broke something.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow Languard management console to be installed on workstation.

    Allow management console for Languard to be installed on client or workstation so that Languard can be managed from any computer and not just one machine.

    The best way to do this would be to setup via a web interface or just allow the management console to install on workstation and point to central server for database and central config.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow exclusion of OUs from scanning

    Alternately, allow Active Directory syncing to only sync from a specific base OU.

    DOMAIN
    DOMAIN\Servers
    DOMAIN\Workstations

    I want one GFI server for workstations that my desktop support team can manage, and one for servers. To prevent "accidental" update deployment, I would like to be able to block the respective OUs from each server so they're not only not scanned or remediated, but not even present in the System Tree.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  9. Agent "Pull" model with less dependency on active connection to Server

    The current Server-Agent model is largely a "Push" architecture rather than a "Pull" architecture - i.e. the scan/remediation jobs are entirely triggered/handled by the LanGuard server or relay agent.

    Unfortunately, this almost defeats the point of an agent-based approach, since there are a lot of real-time operations required between agent and server.

    I would like to see a future version of LanGuard evolve to a point where the agent is much more autonomous and that operates more on a "Pull" model:
    1) Policy is defined on the server
    a) Server pushes policy update out to any reachable Agent
    b) On…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow Grouping by Active Directory Group Members

    Languard 12 can see location in AD - meaning which OU the computer resides in - but doesn't have a function for reading group memberships. Many large enterprises use Active Directory groups to manage workstation patching. Allowing Languard 12 to read these groups - and then to manage patching by group - would be a huge improvement in functionality and manageability.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  11. Better scheduling based on Patch Tuesday

    It would be great if there were better options for scheduling scans/remediation, specifically based around Patch Tuesday. For example, we have a test group of workstations and servers. They get the first wave of patches and test them for a few days. Then we roll out patches to the rest of our enterprise. Unfortunately we can't schedule this to happen on the X day of every month because it varies slightly in certain months. This creates a lot of work and rescheduling. Possibly a solution would be the ability to use Patch Tuesday as an anchor point, then schedule subsequent…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Reviewed  ·  1 comment  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  12. Authenticate to SQL database with Active Directory credentials

    When utilizing an off-server SQL database, currently Languard 12 only allows the use of local SQL credentials or the currently logged in Windows account credentials.

    This is terrible practice. Any enterprise worth its salt utilizes Active Directory authentication for MSSQL databases, allowing the use of a Service Account for tasks like this. Utilizing individual SQL accounts like SA is effectively impossible to manage when you have dozens of SQL servers in a decent sized environment and a reasonable security policy.

    When installing GFI and choosing the back end, I should be able to select "SQL Server", then specify the server,…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Save for uninstall string

    Is it possible to edit Uninstall string in remediation center and save it permanently? We need to uninstall some apps (e.g. PDFCreator) and there is bad uninstall string in languard. So we have to edit it and run remediate (uninstall). But next time we need to do that again.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add Some Roles in LanGuard

    Feature requirement: Add Some Roles in LanGuard
    Our customers have submitted some suggestion about adding some roles in LanGuard:
    Some multi-national enterprises have more than one system or network administrators.
    Some of them are in charge of vulnerability scanning and some are in chage of patch management.
    They have different roles for IT, eg: IT security Auditor, Client Service (Windows Workstations), Network Engineer (Network equipemnt), OS&DB Engineer (Windows Server and DB server) etc.
    But now the GFI LanGuard only has one role --global administrator. And it has full permissions.
    I think it will not meet the needs of large-scale companies…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →

    This is already possible.

    Different roles are available in the Central Management Server.

    Each Administrator needs to have his own LanGuard instance that he manages, applies and approves patches, reporting is pushed to the central server for a unified view.

  15. LAN Guard not requiring port 1070-1080 for systems to return information to the server

    Taking a page from Tenable Nessus, the Nessus scanner can initiate a request on any port to the endpoint and the data is returned to the server. No ports are required to be open back to the server. Creating a locked-down security VLAN works very well until you start punching holes in it for functionality. If LAN Guard could operate similarly to Nessus or have the LAN Guard agents collect all the information and have the server reach out and grab the data from the agent. Let the agent on the endpoint do all the work and the server just…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Software deloyment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Update known vulnerabilities and notify customers once discovered and again when patched

    Because LAN Guard uses Apache, their are occasional vulnerabilities that do not get patched for months. While I understand software in dev/UAT, etc., some of GFI's customers have regulatory reporting requirements. If GFI could notify its customers that there is a vulnerability and that it has been brough to the developers attention and a fix is underway, that may be sufficient for reporting purposes. Also, a notification when it is patched would be helpful as well.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Generic  ·  Flag idea as inappropriate…  ·  Admin →
  17. Include Vulnerability check for Fortinet and Watchguard devices

    You could include Vulnerability assessment for Fortigate ad Watchguard network devices. This is a reason forour company to renew and upgrade the GFI languard current license.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Vulnerability Assesment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Need to have feature to create reports using sql queries

    OperatingSystem | Hostname IP | Status | BulletinID | DatePosted | Title | Severity | EndDateTime | logged on user

    Need to have report in above format which is currently unavailable.

    So our recommendation is to provide sql like GUI where user can select the choice of columns he wants to have in reports and generate reports of his choice, you can refer to the Landesk product where they provide queries for users to create different reports based on options they have in their database, and it is included in the GUI hence a person who does not know SQL…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  19. No real time deployment for patches as well as Software

    When patches are deployed or scanning is initiated, if the selected system goes out of network or not turned on the process fails, and administrator has to restart the task manually, it is a hectic and overload the administrator day to day activity, we wanted to have the intelligence on agent or server side, which automatically detect or agent automatically pull the task or policy created for it from server as an when the system is available for which the policy or task is deployed.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  20. Custom software’s deployment scheduling issue

    We deploy lots of custom software using GFI languard, but we are unable to find the option where we can deploy the custom software in real time like GFI does it for Patching, we would like to have this feature included in the product

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 14 15
  • Don't see your idea?

Feedback and Knowledge Base