GFI LanGuard

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Apply Patches at when user logs off

    Most of the workstations that I manage can be setup to reboot after patches are applied. However, my Jail and other Emergency Service departments are active 24/7. I really need the option to apply patches when the user logs off at the end of a shift.

    4 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Load Balance Relay Servers Assigned by Location

    Rather than forcing a sysadmin to manually assign relay agents to machines - which is the only way to meet the <=100 machine per server requirement - build a Relay Server load balancer into the main server.

    Example:

    Allow each machine to know that its location (NYC, for example) has more than one relay assigned to that location (NYCRELAY1 and NYCRELAY2 and NYCRELAY3, for example). Have each machine check in the list alphabetically from top to bottom, and each relay should only allow 100 connections. When they hit the max, have the workstation check the next server in the list,…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  3. Better scheduling based on Patch Tuesday

    It would be great if there were better options for scheduling scans/remediation, specifically based around Patch Tuesday. For example, we have a test group of workstations and servers. They get the first wave of patches and test them for a few days. Then we roll out patches to the rest of our enterprise. Unfortunately we can't schedule this to happen on the X day of every month because it varies slightly in certain months. This creates a lot of work and rescheduling. Possibly a solution would be the ability to use Patch Tuesday as an anchor point, then schedule subsequent…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Reviewed  ·  1 comment  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add Some Roles in LanGuard

    Feature requirement: Add Some Roles in LanGuard
    Our customers have submitted some suggestion about adding some roles in LanGuard:
    Some multi-national enterprises have more than one system or network administrators.
    Some of them are in charge of vulnerability scanning and some are in chage of patch management.
    They have different roles for IT, eg: IT security Auditor, Client Service (Windows Workstations), Network Engineer (Network equipemnt), OS&DB Engineer (Windows Server and DB server) etc.
    But now the GFI LanGuard only has one role --global administrator. And it has full permissions.
    I think it will not meet the needs of large-scale companies…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →

    This is already possible.

    Different roles are available in the Central Management Server.

    Each Administrator needs to have his own LanGuard instance that he manages, applies and approves patches, reporting is pushed to the central server for a unified view.

  5. reboot

    Pre-remediation Reboot Option

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  6. Feature: Adding site information and add grouping possibilities

    If we use multiple sites I want to see the sites in the reports and would know in which site the device appears. Especially in larger organization, to reach out to the responsible teams, it's an essential information where the device/node or specific vulnerability appears.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  7. Feature: Dedicated Site network security overview

    The network security overview if generated for multiple sites, is good, but with a little bit more site based statistics and information on which site it would be a great enhancement e.g. Items I would like to see:

    - World map
    - Most vulnerable computer with site information beside the IP
    - Which site is more vulnerable (Computer vulnerability distribution based on sites)
    - Show split and consolidated diagrams for
    -- Security sensors with the sites where something was found (e.g. Software updates: 8/18 computers on 1 site)
    -- Network roles
    -- Computers by operating systems

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  8. Feature: Share reports via e-mail or other services

    It's great to create consolidated/centralized reports through the WebUI. But it would be much greater that the on demand generated reports can be directly shared via E-Mail.

    At the moment you need to do the following:

    - Create a report
    - Click on Export and save it to disk
    - Because the browser will display the pdf directly, you need to click on save to disk again
    - Take the saved/downloaded report and put it in an email

    For such a simple process 4 - 5 steps are very much. In the classical console, you can directly click on email…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  9. Display which particular signature has flagged a vulnerability

    It’s too difficult to identify which particular signature of a vulnerability has triggered a detection – i.e. which file or registry key has been found.
    So when verifying what looks like a false positive it is very painful to work out why GFI thought there was an issue.

    It should be made clear exactly what files\reg keys\values e.t.c have flagged a vulnerability - and acknowledge these if necessary.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  10. No more NTLM authentication

    Some environments need the ability to shut off NTLM authentication. Kerberose or other authentication capabilities need to be available. Per GFI support: "Unfortunately there is no way or method to make languard not use NTLM. Languard was designed to use this and this can not be changed"

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Display current Acknowledge / Ignore status for vulnerabilities.

    i.e. on the "Details " panel of each Vulnerability, above "Type" add "Ignored for Entire Network Forever" or "Acknowledged for this device until May 13, 2012" or blank if it is something which hasn't been dealt wit already. It is silly to have to look it up in the Rules Manager to make sure that I've handled it. Even better than this would be to color code each one in the Vulnerability List panel - uncolored for not dealt with; gray for Ignored, blue for Acknowledged. Give me an at-a-glance status for all vulnerabilities for each device.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Create RedHat Linux Languard Agent

    Create a Linux LanGuard Agent. It would provide the same functionality that the Windows agent provides but run on Red Hat 5.x +

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Agentless Scanning using Relay Agents

    Since Relay Agents are basically Console-less Languard Servers, and since a lot of people dislike dealing with and managing Agents regardless the Software Vendor not to mention they are probably Tech Supports #1 headache. I would like to see Relay Agents be able to Agentlessly scan their associated LAN, when done, report it back to the Main Languard Server. Possibly removing the need for so many Agents and Tech Supports Time Consumer.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. No Desktop Shortcuts with patches

    By default set the command line parameters to not install any desktop shortcut icons when deploying a patch. For example, Quicktime, PDFCreator, etc. installs desktop icons for all users when a patch is deployed and standard users can't delete these shortcuts and it's quite frustrating for them.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Missing Patches Report - List All Computers

    I would like a way to be able to have a report that shows all of the PCs in a domain or grouping and have them listed on a Missing Patches Report, regardless of whether they are missing them or not. This way we could report on a group as a whole and forward that to department heads.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Ability to deploy software that languard provides patches for.

    LanGuard currently supports patching of a number of software products by default (flash player, adobe reader etc..), however it does not currently give any option to install the underlying package.

    This means that I have to find and download the installation media and create a new custom package to push out, almost every time I do this LanGuard then pops up messages showing patches needed for that version, ie have Java V6, install V7 and then LanGuard prompts for the patches on V7.

    I think it would be quite useful to have the installers for the items LanGuard can patch…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. More Support for Linux

    - More support for Linux - agent mode
    - Remote ssh login or VNC

    - Certificate Scanning capability

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Multiple Scans from Agent

    I would like the ability to set up multiple scans, at different intervals, with different remediation options from the Agent Status. With Windows updates being cumulative sometimes, a single scan during our outage window does not accomplish what we need.

    I would like to set the following schedule ALL from the agent (not by having to create staggered scheduled scans from Configuration -> Scheduled Scans)
    - A scan at 12:00PM on Saturday, with auto remediation, set to not reboot until 9:00PM on Saturday
    - A supplementary scan that kicks off at 9:30PM on Saturday, with auto remediation, which reboots immediately…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Display FQDN or IP on LanGuard managed system list and reports

    I would like for LanGuard to offer the option to display either the FQDN or IP address of managed systems on all screens and in reports. We manage multiple client email systems that are all named mail.clientname.edu. Since only the first part of the name is displayed in the managed systems list all we see are multiple listings for "mail"
    It also appears that some reports lump all results together by system name, so everything appears in one list for system "mail" instead of separating into distinct systems by IP or FQDN. I support the request to have reports list…

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Mark Servers that Failed Last Scan

    In Dashboard view of servers, it would be very helpful to see some sort of icon/badge identifying which servers failed the last scan. Instead of just leaving the old list of patches from the last scan.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  LanGuard 12  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base