GFI LanGuard

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add patching support for Horizon View Client

    Automatic patching to update this software from vmware.

    0 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Be able to deploy Windows updates to Windows Embedded Devices

    We have several HP Thin Clients with Windows 7/10 embedded. It would be great to be able to deploy Windows updates to these with LANGuard. Currently you can deploy them but only if the write filter is off, what I would love to see if the ability in the batch job to have it disable/enable the write filter or be able to commit the changes in the write filter after the updates are deployed. Examples of the TCs we use are the HP t620 and HP t630.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Group scan target can not be assigned

    Could you please add a scan target option in the properties->scan profile of a group (grouped by attribute). I have 200+ sites with multiple networks associated with each. Each site is a "group". Now I need to scan each group based off of their assigned subnet. This is not possible currently.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Support for encrypted private key as authentication method for scans

    Feature request to give the possibility to provide an encrypted private key file to scan *nix hosts; the product should request and store safely the corresponding password in order not to expose, as now happens, an unprotected version of the private key file. In fact, anyone who could obtain this unprotected private key file, could gain the access to every server on which the matching public key was stored, usually in ~/.ssh/authorized_keys of the root user!

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  5. Custom Scheduled Scan for 2nd and 3rd Wednesday every month

    Regarding GFI Languard, I am looking to kick off a scan to remediate patches on the 2nd and 3rd Wednesday every month. The scheduler does not appear to accommodate the 2nd or 3rd Wednesday. Is there a command line option to pass remediation to the Task Scheduler in Windows?

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Software audit - Microsoft SQL server licensed version or Express version

    Distinguishing SQL server licensed version or Express free version on Software Audit would be great so counting the number of license use is easier in a company.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Microsoft  ·  Flag idea as inappropriate…  ·  Admin →
  7. Scheduled Reports Excel Output In One Sheet

    In scheduled reports when I set the output type to excel I have no custom settings for it and the output file includes tons of sheets for every page. I want them to be in one excel sheet. This can be set when I generate the report manually right now. Please add this setting also to the scheduled reports section.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  8. Antivirus detection for Linux

    I recently was told by support that LanGuard does not support antivirus detection for Linux servers. We see a green sensor for malware even on systems that we know does not have malware and AV software installed. We use Symantec Endpoint protection.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add support for Kaspersky Security for Virtualization 4.0 Light Agent

    Kaspersky Security for Virtualization 4.0 Light Agent is currently not recognised as an anti-malware product.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add a notes tab for the approved/denied patches

    I think it would be nice to have a notes tab for the approved/denied patches. For example, I'm not the only person who does patching. It would could be beneficial to have a notes section where you indicate why a patch was denied or if it broke something.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow exclusion of OUs from scanning

    Alternately, allow Active Directory syncing to only sync from a specific base OU.

    DOMAIN
    DOMAIN\Servers
    DOMAIN\Workstations

    I want one GFI server for workstations that my desktop support team can manage, and one for servers. To prevent "accidental" update deployment, I would like to be able to block the respective OUs from each server so they're not only not scanned or remediated, but not even present in the System Tree.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enable TLS 1.2 support in LanGuard and Central Management Server

    Central Management Server requires TLS 1.0 to connect to the SQL server hosting its database. This is a massive security hole.

    This is the error in Windows on a server which has TLS 1.0 disabled.

    "An unknown connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed."

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  13. Load Balance Relay Servers Assigned by Location

    Rather than forcing a sysadmin to manually assign relay agents to machines - which is the only way to meet the <=100 machine per server requirement - build a Relay Server load balancer into the main server.

    Example:

    Allow each machine to know that its location (NYC, for example) has more than one relay assigned to that location (NYCRELAY1 and NYCRELAY2 and NYCRELAY3, for example). Have each machine check in the list alphabetically from top to bottom, and each relay should only allow 100 connections. When they hit the max, have the workstation check the next server in the list,…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow Grouping by Active Directory Group Members

    Languard 12 can see location in AD - meaning which OU the computer resides in - but doesn't have a function for reading group memberships. Many large enterprises use Active Directory groups to manage workstation patching. Allowing Languard 12 to read these groups - and then to manage patching by group - would be a huge improvement in functionality and manageability.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  15. Authenticate to SQL database with Active Directory credentials

    When utilizing an off-server SQL database, currently Languard 12 only allows the use of local SQL credentials or the currently logged in Windows account credentials.

    This is terrible practice. Any enterprise worth its salt utilizes Active Directory authentication for MSSQL databases, allowing the use of a Service Account for tasks like this. Utilizing individual SQL accounts like SA is effectively impossible to manage when you have dozens of SQL servers in a decent sized environment and a reasonable security policy.

    When installing GFI and choosing the back end, I should be able to select "SQL Server", then specify the server,…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Save for uninstall string

    Is it possible to edit Uninstall string in remediation center and save it permanently? We need to uninstall some apps (e.g. PDFCreator) and there is bad uninstall string in languard. So we have to edit it and run remediate (uninstall). But next time we need to do that again.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Languard management console to be installed on workstation.

    Allow management console for Languard to be installed on client or workstation so that Languard can be managed from any computer and not just one machine.

    The best way to do this would be to setup via a web interface or just allow the management console to install on workstation and point to central server for database and central config.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Agent "Pull" model with less dependency on active connection to Server

    The current Server-Agent model is largely a "Push" architecture rather than a "Pull" architecture - i.e. the scan/remediation jobs are entirely triggered/handled by the LanGuard server or relay agent.

    Unfortunately, this almost defeats the point of an agent-based approach, since there are a lot of real-time operations required between agent and server.

    I would like to see a future version of LanGuard evolve to a point where the agent is much more autonomous and that operates more on a "Pull" model:
    1) Policy is defined on the server
    a) Server pushes policy update out to any reachable Agent
    b) On…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Update known vulnerabilities and notify customers once discovered and again when patched

    Because LAN Guard uses Apache, their are occasional vulnerabilities that do not get patched for months. While I understand software in dev/UAT, etc., some of GFI's customers have regulatory reporting requirements. If GFI could notify its customers that there is a vulnerability and that it has been brough to the developers attention and a fix is underway, that may be sufficient for reporting purposes. Also, a notification when it is patched would be helpful as well.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Generic  ·  Flag idea as inappropriate…  ·  Admin →
  20. LAN Guard not requiring port 1070-1080 for systems to return information to the server

    Taking a page from Tenable Nessus, the Nessus scanner can initiate a request on any port to the endpoint and the data is returned to the server. No ports are required to be open back to the server. Creating a locked-down security VLAN works very well until you start punching holes in it for functionality. If LAN Guard could operate similarly to Nessus or have the LAN Guard agents collect all the information and have the server reach out and grab the data from the agent. Let the agent on the endpoint do all the work and the server just…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Software deloyment  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 14 15
  • Don't see your idea?

Feedback and Knowledge Base