GFI LanGuard SDK is ideal for extending applications such as:
- Managed service provider (MSP) platforms
- Antivirus/anti-spyware solutions
- Network management tools
- Intrusion detection systems (IDS)
- Intrusion preventions systems (IPS)
- Firewalls
- Patch management solutions
- Network access control (NAC) solutions
- Ticketing systems
- Penetration testing solutions
- Risk management solutions
- Security information and event management (SIEM) solutions
Top features
Patch management
Research consistently demonstrates that many of the vulnerabilities cybercriminals exploit can be prevented with updated software patches, and addressing of misconfigured network gear and unauthorized devices on the network.
However, many businesses and most consumers fail to maintain adequate software patching and vulnerability management practices. This creates significant market opportunity for original equipment manufacturers (OEMs), independent software vendors (ISVs), MSPs and PC utility companies.
GFI LanGuard SDK enables solutions to deliver automated patch management through the detection, download and deployment of product updates, including missing patches, critical patches, service packs and new versions such as:
- Microsoft solutions such as Microsoft Windows®, Microsoft Office, Microsoft Internet Explorer® and Windows HCP, in all languages supported by the vendor
- Major third-party applications often targeted by malware writers, including Java™ JRE, Adobe® Reader®, Adobe Acrobat®, Adobe Flash®, Apple® Quicktime®, Mozilla® FireFox® and Google® Chrome™
Click here for the full list of supported applications.
Vulnerability protection
A vulnerability scan by GFI LanGuard performs more than 50,000 vulnerability assessments against every endpoint. This includes, but is not limited to: checks for open ports; local users and groups; applications installed; connected USB devices; and wireless nodes and links.
Custom vulnerability checks
Easily build complex, custom vulnerability checks through the GFI LanGuard SDK wizard-assisted tool. The scripting engine is compatible with Python and VBScript.
Industrial-strength vulnerability database
The GFI LanGuard vulnerability assessment database includes OVAL (5,000-plus checks) and SANS Top 20. The database is auto-updated with newly released Microsoft security updates, new vulnerability checks from GFI Software™, and new information from BugTraq, SANS Corporation, OVAL, CVE and others.
Scan and vulnerability test creation
Through GFI LanGuard, you can easily configure different scans for different customers/machine profiles. You can also create scans for different types of vulnerabilities or analysis aspects based on your use cases.
Network auditing
Our in-depth machine auditing abilities provide you with detailed information about the hardware configurations of the machines under management. All Windows operating system devices are retrieved, including motherboard details, processors and memory. You can use data returned from GFI LanGuard SDK to determine when new hardware was added or removed since the last audit.
Additional features
- Automatically checks the password policy for all machines on the network
- Identifies programs that run automatically (potential Trojans)
- Determines if the operating system is advertising too much information
- Performs simultaneous scans through the multi-thread scan engine
- Provides NetBIOS hostname, currently logged username and MAC address
- Provides a list of shares, users, services, sessions, remote time of day and registry information from remote computers (Windows)
- Identifies all installed Windows services
- Supports modern platforms, including Microsoft Windows 8 and Microsoft Windows Server 2012
Integration features
Easy to integrate
Once the GFI LanGuard agent is deployed on a machine under management, it is easy to communicate instructions through a well-defined, easy-to-follow application programming interface (API).
The SDK includes functionality to trigger definition updates, scans and patch deployment, as well as configure and query agents.
Flexible integration options
GFI LanGuard integrates with systems via COM interfaces or command line. Results are reported through detailed XML results and event logs.
Both COM interfacing and command line trigger output results in XML data formats to simplify security status reporting.
Agent-based deployment
GFI LanGuard SDK communicates with the GFI LanGuard agent to provide:
- High-speed scanning: Scan hundreds of thousands of machines in minutes.
- Scalability: Distribute the scanning load to scan more machines in one go, even in WAN environments.
- Accuracy: Continue to scan if the network computers lose their connection to the network.
Support for virtual environments
GFI LanGuard supports and runs on the most common virtualization technologies in use, namely VMware®, Microsoft Virtual Server, Microsoft Hyper-V®, Citrix® and Parallel.
Silent installation support
The GFI LanGuard agent supports silent unattended installation. This feature allows ISVs and others to deploy GFI LanGuard on an available infrastructure without the intrusion of the installation user interface, completely transparent to end users.
Automatic remediation of unauthorized applications
Apart from reporting on all installed applications, GFI LanGuard allows the ISV to define a profile containing a list of applications that are authorized or not authorized for installation on the network.
During a scan, any unauthorized applications are automatically identified and optionally uninstalled. These remediation operations can be triggered automatically at the end of scheduled scans or on-demand.
Requests for more information about the GFI OEM Partner program can be sent to oem@gfi.com. A GFI OEM group representative will quickly respond.