GFI LanGuard

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Feature: Share reports via e-mail or other services

    It's great to create consolidated/centralized reports through the WebUI. But it would be much greater that the on demand generated reports can be directly shared via E-Mail.

    At the moment you need to do the following:

    - Create a report
    - Click on Export and save it to disk
    - Because the browser will display the pdf directly, you need to click on save to disk again
    - Take the saved/downloaded report and put it in an email

    For such a simple process 4 - 5 steps are very much. In the classical console, you can directly click on email…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  2. Configurable interval between instance and central management

    It's not fully transparent when the instance will push the information/results/settings to the central management server. It seems only if new scan results are available -> settings, last sync date, results will be pushed to the management server.

    A configurable interval or something like a heartbeat would be great, because if customer look at their instance (especially on evaluation) and see that 20 - 30 minutes nothing was sync, while they have done some changes e.g. on the location/GPS coordinates, it looks as the connection between the instance and the central management server is not working.

    A heartbeat, would give…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  3. Display which particular signature has flagged a vulnerability

    It’s too difficult to identify which particular signature of a vulnerability has triggered a detection – i.e. which file or registry key has been found.
    So when verifying what looks like a false positive it is very painful to work out why GFI thought there was an issue.

    It should be made clear exactly what files\reg keys\values e.t.c have flagged a vulnerability - and acknowledge these if necessary.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  4. No more NTLM authentication

    Some environments need the ability to shut off NTLM authentication. Kerberose or other authentication capabilities need to be available. Per GFI support: "Unfortunately there is no way or method to make languard not use NTLM. Languard was designed to use this and this can not be changed"

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Display current Acknowledge / Ignore status for vulnerabilities.

    i.e. on the "Details " panel of each Vulnerability, above "Type" add "Ignored for Entire Network Forever" or "Acknowledged for this device until May 13, 2012" or blank if it is something which hasn't been dealt wit already. It is silly to have to look it up in the Rules Manager to make sure that I've handled it. Even better than this would be to color code each one in the Vulnerability List panel - uncolored for not dealt with; gray for Ignored, blue for Acknowledged. Give me an at-a-glance status for all vulnerabilities for each device.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Relay Agent/Server to Install Local Agents

    To reduce Traffic/Bandwidth Consumption on slow networks. Instead of LanGuard Agents being installed from the main LanGuard Server consuming WAN Bandwidth.Allow installed Relay Agents to locally install\push normal LanGuard Agents to computers using it as a relay server since they are typically on the same LAN anyways.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Agentless Scanning using Relay Agents

    Since Relay Agents are basically Console-less Languard Servers, and since a lot of people dislike dealing with and managing Agents regardless the Software Vendor not to mention they are probably Tech Supports #1 headache. I would like to see Relay Agents be able to Agentlessly scan their associated LAN, when done, report it back to the Main Languard Server. Possibly removing the need for so many Agents and Tech Supports Time Consumer.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. No Desktop Shortcuts with patches

    By default set the command line parameters to not install any desktop shortcut icons when deploying a patch. For example, Quicktime, PDFCreator, etc. installs desktop icons for all users when a patch is deployed and standard users can't delete these shortcuts and it's quite frustrating for them.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Vulnerability Ignore / Acknowledge Description Selection

    Can you please add feature to group or CTRL+select, or highlight multiple in Vulnerability Ignore / Acknowledge? I would like to beable to select multiple choices at once to Ignore / Acknowledge .

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Missing Patches Report - List All Computers

    I would like a way to be able to have a report that shows all of the PCs in a domain or grouping and have them listed on a Missing Patches Report, regardless of whether they are missing them or not. This way we could report on a group as a whole and forward that to department heads.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Disable updating of specific product

    Some of our servers use a program called PDFcreator 1.2.3
    The systems that interact with PDFcreator do not support the newer versions of this program.
    It would be nice to be able to ignore any patches/updates for specific programs (perhaps per client).
    Right now, we can ignore a specific update, but when a new patch is released we have to ignore the new update. Please make it possible to simply ignore a given product.
    Thank you.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to deploy software that languard provides patches for.

    LanGuard currently supports patching of a number of software products by default (flash player, adobe reader etc..), however it does not currently give any option to install the underlying package.

    This means that I have to find and download the installation media and create a new custom package to push out, almost every time I do this LanGuard then pops up messages showing patches needed for that version, ie have Java V6, install V7 and then LanGuard prompts for the patches on V7.

    I think it would be quite useful to have the installers for the items LanGuard can patch…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. More Support for Linux

    - More support for Linux - agent mode
    - Remote ssh login or VNC

    - Certificate Scanning capability

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Multiple Scans from Agent

    I would like the ability to set up multiple scans, at different intervals, with different remediation options from the Agent Status. With Windows updates being cumulative sometimes, a single scan during our outage window does not accomplish what we need.

    I would like to set the following schedule ALL from the agent (not by having to create staggered scheduled scans from Configuration -> Scheduled Scans)
    - A scan at 12:00PM on Saturday, with auto remediation, set to not reboot until 9:00PM on Saturday
    - A supplementary scan that kicks off at 9:30PM on Saturday, with auto remediation, which reboots immediately…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Apply Patches at when user logs off

    Most of the workstations that I manage can be setup to reboot after patches are applied. However, my Jail and other Emergency Service departments are active 24/7. I really need the option to apply patches when the user logs off at the end of a shift.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Display FQDN or IP on LanGuard managed system list and reports

    I would like for LanGuard to offer the option to display either the FQDN or IP address of managed systems on all screens and in reports. We manage multiple client email systems that are all named mail.clientname.edu. Since only the first part of the name is displayed in the managed systems list all we see are multiple listings for "mail"
    It also appears that some reports lump all results together by system name, so everything appears in one list for system "mail" instead of separating into distinct systems by IP or FQDN. I support the request to have reports list…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Separate LanGuard Console from LanGuard Server

    it would be nice to have LanGuard console installed on a computer without the need to have the server components on that same computer, also to have the hability to have access permissions and groups for different users concurrently accessing the console.

    Currently possible in Central Management Server, but no scan or remediation can be started with it.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →

    Hi

    Thanks for your feedback.

    We suggest to have the LanGuard console installed on multiple devices based on your requirements to achieve this use-case you mentioned.

    The Central server is only used for reporting.

    Regards

  18. Load Balance Relay Servers Assigned by Location

    Rather than forcing a sysadmin to manually assign relay agents to machines - which is the only way to meet the <=100 machine per server requirement - build a Relay Server load balancer into the main server.

    Example:

    Allow each machine to know that its location (NYC, for example) has more than one relay assigned to that location (NYCRELAY1 and NYCRELAY2 and NYCRELAY3, for example). Have each machine check in the list alphabetically from top to bottom, and each relay should only allow 100 connections. When they hit the max, have the workstation check the next server in the list,…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  19. Agent "Pull" model with less dependency on active connection to Server

    The current Server-Agent model is largely a "Push" architecture rather than a "Pull" architecture - i.e. the scan/remediation jobs are entirely triggered/handled by the LanGuard server or relay agent.

    Unfortunately, this almost defeats the point of an agent-based approach, since there are a lot of real-time operations required between agent and server.

    I would like to see a future version of LanGuard evolve to a point where the agent is much more autonomous and that operates more on a "Pull" model:
    1) Policy is defined on the server
    a) Server pushes policy update out to any reachable Agent
    b) On…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Better scheduling based on Patch Tuesday

    It would be great if there were better options for scheduling scans/remediation, specifically based around Patch Tuesday. For example, we have a test group of workstations and servers. They get the first wave of patches and test them for a few days. Then we roll out patches to the rest of our enterprise. Unfortunately we can't schedule this to happen on the X day of every month because it varies slightly in certain months. This creates a lot of work and rescheduling. Possibly a solution would be the ability to use Patch Tuesday as an anchor point, then schedule subsequent…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Reviewed  ·  1 comment  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base