Launched in November, version 9.0 of GFI's LANguard network scanner includes a wide range of enhancements designed to make the lives of network administrators easier, including the ability to detect whether a desktop system is real or running as a virtual machine (VM).

Other new features accessible via the refreshed interface include better hardware auditing capabilities and a facility for firing up a remote desktop connection in the event that a system’s security issues cannot be fixed automatically.

Also new is the ability for LANguard to check if there are any unauthorised applications on the network, and automatically remove them. IT administrators need to define what applications to classify as unauthorised.

LANguard’s dashboard can now summarise all scan results, give an overview of the most highly vulnerable systems, and trend the security status of the network. GFI has also implemented custom vulnerability checks defined in the Python language.

We downloaded the package and installed it on a variety of desktop and server systems. The install took a little under 10 minutes, with most of that time taken up by the Microsoft Access database installation used to store scan and asset management data, although for larger networks IT managers can choose to point scan data at SQL Server installations.

Setting up a complete network scan was pretty straightforward, although we did have to log on to several systems to enable the NetBIOS protocol.

There are a large number of predefined scans provided by GFI, including ones for specifically auditing installed software or for a network vulnerability assessment. Network vulnerability assessments can be run against a database containing threat signatures from a number of respected security organisations, such as the SANS Institute.

When we scanned our test network LANguard picked up a Windows XP system with 11 missing patches. Fixing the system was a simple matter of downloading the patches and remote installing them. LANguard’s vulnerability reporting gives useful web links relating to any problems it finds.

Running the software and hardware audits quickly pulled out useful information about the configuration of our scanned systems. We could then “baseline” these systems as a way of detecting any subsequent changes to the state of their hardware and software. As well as being able to use LANguard to manually classify packages as being unauthorised, admins can set up the system so that it automatically removes unauthorised applications.

New to this version is the ability to pick up VMs running on systems connected to the network. LANguard detected and scanned a laptop on our test network with VMware’s Workstation version 6.5 running XP Professional and Vista Enterprise VMs.

The only minor niggle was that when we analysed the scan results, any errors in the scanner activity window were flagged with information as to what went wrong but not how to put the problem right.

On the whole though, LANguard 9.0 performs impressively as a proactive risk management package, as well as an asset manager and network vulnerability scanner.