GFI LanGuard

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Authenticate to SQL database with Active Directory credentials

    When utilizing an off-server SQL database, currently Languard 12 only allows the use of local SQL credentials or the currently logged in Windows account credentials.

    This is terrible practice. Any enterprise worth its salt utilizes Active Directory authentication for MSSQL databases, allowing the use of a Service Account for tasks like this. Utilizing individual SQL accounts like SA is effectively impossible to manage when you have dozens of SQL servers in a decent sized environment and a reasonable security policy.

    When installing GFI and choosing the back end, I should be able to select "SQL Server", then specify the server,…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Custom Jobs Order of Install

    Please change the custom jobs deployment to install custom software in the order that each package is listed. For instance, when installing some software, I need to run multiple .msi or .exe files, then at the end run a custom .cmd or .bat file to make registry key changes. Languard often decides to run the installs in a random order, and when the .cmd/.bat file runs before the install, it screws up the install. After all, how can it delete a registry key that hasn't been created yet? Languard claims the install was successful because all 4 parts of the…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add Windows Server 2016 and Windows 10 to supported Operating Systems

    Add Windows Server 2016 and Windows 10 to supported Operating Systems. Currently there are massive issues with both OS. Mostly because of the RPC Service during Agent installation.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  4. LanGuard should check that the node which has been connected to is as expected

    On many occasions we see LanGuard connect to a host name which resolves to a DHCP address that has since been assigned to another machine.

    In this case, LanGuard installs patches and updates for the original machine onto the wrong box!! It should check the identify of the node using a GUID or at least validate the local hostname before installing.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add Federal Gov't (USGCB/FDCC) compliance checks to LanGuard

    Every federal government agency (and many contractors) must scan devices and check for compliance with the U.S. Government Configuration Baseline (USGCB), previously Federal Desktop Core Configuration (FDCC) & FISMA 800-53 compliance. The feature could be implemented as a report, similar to the checks for PCI compliance.

    More information: http://usgcb.nist.gov/

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Languard - Licensing change needed!

    Current licensing solution makes the otherwise good software LanGuard not suitable for use in especially larger companies.
    Because LanGuard automatically gives a licence to computers from active directory.
    Almost every company has old, not anymore used machines in Active Directory and won't put any effort and money in cleaning this up.
    So it happens that a company has for example 70 PCs in use and buy 100 LanGuard licences. Languard finds 170 PC in AD and gives licences to machines not in use anymore. So important machines like servers don't have a licence free for use, even the company bought…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Advanced Scheduling in Languard for Patch Management

    I would like to see more advanced scheduling options for rolling out patching to test groups in stages / delayed timings, for example - rollout updates to a test group just after patch tuesday - then 2 weeks later the second group will get automatically approved

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. LANguard should detect if Silverlight is installed

    LANguard should have logic to determine if Silverlight is installed on a machine before reporting that it is missing a Silverlight update after a "missing patches" scan. I scanned several machines that do not have Silverlight installed. GFI LANguard reported that these machines were missing Silverlight updates. This is a false positive. The security personnel running the scan operation should not have to validate which machines have Silverlight and which ones do not. Then the security personnel must manually check the box in LANguard to "ignore" this finding. GFI Tech Support said this is currently the only workaround. However, if…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Change the hardcoded retention policy for incomplete and stopped scans.

    Please change the hardcoded retention policy that is deleting all incomplete and stopped scans after two days.

    It would be nice to be able to decide for my self if incomplete or stopped scan results are trash or not.

    I am experiencing often that I am losing alot of important data because of this policy.

    Please fix this so we are able to chose for our self :)

    Thanks
    Kent

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  10. Computer Exclusion Option

    We experienced a pretty big issue this morning that I am guessing is due to the newest update for LANguard. We have LANguard setup to not auto discover computers on the domain to avoid domain controllers and other servers from being added. We have auto remediation set up and today our company's main SQL databse went down when LANguard triggered an update on our domain controller. After it came back up I checked and auto discovery was turned back on and our servers had been added and were being remediated. As I am sure you know, it is not a…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Computer deletion

    We have a lot of old Computers after an import from the AD, so there is an idea to simplify the deletion of older Computer/Devices that only existing in AD.

    An addintional filter: Agent - Deploymenterror, in this result with computers, you can choose to delete them

    or

    After 3 to 6 months or 200..2000 tries of installation of the Agent the System will automatically deleted (the next sync with the AD it will bring back the Device, if this was not deleted in the AD, so it is not "lost")

    or

    In the dashboard at the choise of the…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Software deloyment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to split the copy and installation of patches

    It would be great if there was a way to split the deployment of patches between the copy stage and the install stage.

    So for example I could copy the patches to my servers and then actually install them later. This would help stick to change control windows especially when some servers are remote.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Support for Symantec Endpoint Protection 14

    When will Symantec Endpoint Protection 14 be added as Antivirus? It was released recently and LANguard doesn't recognize it as valite AV.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Vulnerability Assesment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Ability to audit changes made to the Languard Configuration

    This gives the ability to generate a report detailing the changes made for auditors to verify scan rules are not switched off.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  15. LanGuard support for patching Amazon Linux

    Please would you add the capability for LanGuard to able to scan and patch the Amazon Linux OS.

    This feature would be useful for companies moving their workloads to the AWS platform.

    https://aws.amazon.com/amazon-linux-ami/

    https://forums.aws.amazon.com/thread.jspa?threadID=146805

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  16. Auto Remediation Options

    In the new version of LanGuard there are 2 ways to perform scans then auto remediation;
    *) Properties tab of a machine/group -> Agent Status tab,
    *) Configuration -> Scheduled scans

    With the properties scan this allows a defined time for s scan to occur with the option of Auto-Remediation after. The problem with this is that any machines that fail contact (turned off) will run this the next time the machine is turned on. With a client machine this is likely to be first thing in the morning when they come into the office. With Auto remediation set the…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  17. Possility to change resolve method between DNS and IP

    When scanning computers from Dashboard, LanGuard uses computer names by default. This causes problems when computer is not in same DNS with LanGuard machine. If there would be option to change manual scan to use IP instead of computername, that would help us greatly. Currently scans performed from Dashboard are useless without extra effort.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Software Audit Whitelist

    Within both the Software Audit and Full Scan reports, there is an option to whitelist applications so that a report doesn't include every Windows or Office update, hotfix, or service pack. However, these two lists are completely separate. As a result, an admin has to either input the values separately under each scanning profile or manually edit the operationsprofiles.mdb file to include both profiles. It would be useful to have an option to not only copy and paste the whitelist directly, but also to have the list apply to multiple scanning profiles simultaneously.

    0 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Approved Software

    In an effort to better track software that is installed, we would like to see the ability to be able to mark software as "Approved" or "Authorized" in addition to being able to mark "Unauthorized" software. It is amazing the amount of freeware that 250+ users can find between our monthly software audits, and having the ability to report on applications that have not been flagged previously would make researching and then determining if the software should be authorized or unauthorized much easier.

    0 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Scan of a group partly reported

    When LNSS starts a scan of a group, and one or more members are not responding, this scantask never finishes, until the last one finished it's work. It would be nice to set a start and end-time. When end-time is there the reporting of this taks would be (for example):
    8 out of 10 targets have finished, 1 is pending and 1 is not responding.
    The reports should also involve nodes not reporting in x days, so admins can start a search for this lost colleague >strike< asset... :)

    0 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base