An executive summary report showing:

• Network vulnerability level
• Most vulnerable computers
• Agent status
• Audit status
• Vulnerability trends over time
• Information on operating systems
• Servers and workstations.

An executive summary report showing:

• Computer vulnerability level
• Agent status
• Audit status
• Vulnerability trends over time
• Computer summary and details.

Shows statistical information related to the vulnerabilities detected on target computers. Vulnerabilities can be grouped by:

• Computer name
• Vulnerability severity
• Timestamp
• Category.

Shows statistical information related to missing and installed updates detected on your scan targets. Updates can be grouped by name, severity, timestamp, vendor and category. Use this report to get:

• Missing vs. Installed updates comparison
• Charts and tables displaying missing updates distribution for each item from the first and second grouping criteria
• Charts and tables displaying installed updates distribution for each item from the first and second grouping criteria
• Patching details for missing and installed patches.

A technical report showing information retrieved during an audit. Amongst others, the report contains information on:

• Vulnerabilities
• Open ports
• Hardware and software.

Shows all unauthorized applications installed on target machines found during an audit. Amongst others, the report includes information on:

• AntivirusA software countermeasure that detects malware installed on a computer without the user's knowledge.
• Antispyware
• Applications inventory.

An overview of the network security audits performed over time. Amongst others, the report includes information on:

• Most scanned computers
• Least scanned computers
• Auditing status
• History listing.

Shows information related to remediation actions performed on target computers. Amongst others, the report includes information on:

• Remediation actions per day
• Remediation distribution by category
• Remediation list grouped by computers.

Shows the changes done on scan targets between audits. Amongst others, the report includes changes related to:

• The vulnerability level
• User accounts
• Groups
• Ports
• Shares
• Registry entries.

Enables you to compare the results of all scan targets to a base computer. From the drop down list select the base computers and click Generate. The results are grouped by computer name and amongst others includes information on:

• Registry

• Installed Service Packs and Update Rollups

• Missing Security/Non-Security Updates

• Vulnerability level.

Shows information related to detected mobile devices found during an audit. Amongst others, the report includes information on:

• Vulnerability distribution by severity
• Vulnerability distribution by computer
• Vulnerability listing by computer.

Shows statistical information related to missing Microsoft^® security updates, detected on your scan targets. Select items to include in your report:

• General missing updates distribution chart
• Distribution table
• Vulnerability list.

Shows statistical information related to missing non-Microsoft^® security updates, detected on your scan targets. Select items to include in your report:

• General missing updates distribution chart
• Distribution table
• Vulnerability list.

A summary of scan target information, including:

• Operating system information
• Agent status
• Vulnerabilities severity.

Provides a detailed list of computer properties, including:

• MAC Address
• Time to Live
• Network Role
• Domain
• Lan Manager
• Is relay agent
• Uses relay agent
• Attributes
• Operating system
• IP address.

Lists all unauthorized applications installed scan targets, including:

• Top Computers with Unauthorized Applications
• Top Unauthorized Applications
• Applications Inventory
• Computers without Antivirus Installed

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards. GFI LanGuard provides you with a number of reports that cater for PCI DSS compliance, including:

• PCI DSS Requirement 1.4 - Installed Firewall Applications
• PCI DSS Requirement 2.2.3 - Disk Encryption Applications
• PCI DSS Requirement 5.2 - Antivirus Applications
• PCI DSS Requirement 6.1 - Remediation History by Date
• PCI DSS Requirement 12.12 - Open Trojan Ports by Host.

The Health Insurance Portability and Accountability Act (HIPAA) is a requirement of all healthcare providers that regulates the exchange of private patient data. This helps prevent unlawful disclosure or release of medical information. To help you follow HIPAA regulations, GFI LanGuard provides you with a suite of HIPAA compliance reports, including:

• HIPAA 164.308(a)(1)(ii)(A) - Missing Security Updates by Host
• HIPAA 164.308(a)(1)(ii)(A) - Vulnerability Distribution by Host
• HIPAA 164.308(a)(4)(ii)(A) - Open Ports
• HIPAA 164.308(a)(5)(ii)(D) - Audit Policy
• HIPAA 164.308(a)(8) - Baseline Changes Comparison.

The Sarbanes-Oxley Act (SOX) is regulation created in response to high-profile financial scandals as well as to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise. GFI LanGuard provides a list of SOX compliance reports, including:

• SOX 302.a - Network Vulnerability Summary
• SOX 302.a - Remediation History by Host
• SOX 302.a - Security Scans History
• SOX 404 - Vulnerability Listing by Category
• SOX 404 - Missing Security Updates by Host.

The Gramm–Leach–Bliley Act (GLBA) is an act that allows consolidation between Banks and Insurance companies. Part of the act focuses on IT network compliance for such companies. GFI LanGuard offers a list of GLBA Compliance reports, including:

• GLBA 501.b - Baseline Changes Comparison
• GLBA 501.b - Network Patching Status
• GLBA 501.b - Open Trojan Ports by Host
• GLBA 501.b - Vulnerable Hosts Based on Open Ports
• GLBA 501.b - Vulnerable Hosts by Vulnerability Level.

The Public Service Network - Code of Connection (PSN CoCo) is simply a list of conditions that should be met before connecting an accredited network to another accredited network. GFI LanGuard helps you monitor the status of such connections through the list of PSN CoCo Compliance reports, which include:

• PSNCoCo RIS. 1 - Baseline Changes Comparison
• PSNCoCo MAL. 1 - Disk Encryption Applications
• PSNCoCo MAL. 1 - Installed Firewall Applications
• PSNCoCo PAT. 1 - Installed Security Updates by Host
• PSNCoCo PAT. 1 - Installed Security Updates by Severity.

The Children's Internet Protection Act (CIPA) addresses concerns about children's access to obscene or harmful content over the Internet. CIPA imposes certain requirements on schools or libraries that receive discounts for Internet access or internal connections through the E-rate program – a program that makes certain communications services and products more affordable for eligible schools and libraries. GFI LanGuard Central Management Server provides a list of CIA Compliance reports including:

• Req. 47 USC § 254(l)(1)(A)(iv) - Network Vulnerability Summary
• Req. 47 USC § 254(l)(1)(A)(iv) - Vulnerability Distribution by Host
• Req. 47 USC § 254(l)(1)(A)(iv) - Vulnerability Listing by Category
• Req. 47 USC § 254(l)(1)(A)(iv) - Vulnerability Listing by Host
• Req. 47 USC § 254(l)(1)(A)(iv) - Vulnerability Listing by Severity
• Req. 47 USC § 254(l)(1)(A)(iv) - Open Trojan Ports by Host
• Req. 47 USC § 254(l)(1)(A)(iv) - Network Patching Status
• Req. 47 USC § 254(l)(1)(A)(iv) - Missing Security Updates by Host
• Req. 47 USC § 254(l)(1)(A)(iv) - Vulnerable Hosts by Vulnerability Level
• Req. 47 USC § 254(l)(1)(A)(iv) - Vulnerable Hosts Based on Open Ports
• Req. 47 USC § 254(l)(1)(A)(iv) - Remediation History by Host
• Req. 47 USC § 254(l)(1)(A)(iv) - Remediation History by Date
• Req. 47 USC § 254(l)(1)(A)(iv) - Network Security Log by Host
• Req. 47 USC § 254(l)(1)(A)(iv) - Network Security Log by Date
• Req. 47 USC § 254(l)(1)(A)(iv) - Baseline Changes Comparison

The Family Educational Rights and Privacy Act (FERPA) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education. GFI LanGuard provides a list of FERPA Compliance reports, including:

• FERPA 20 USC 1232g (b) - Network Patching Status
• FERPA 20 USC 1232g (b) - Network Security Log by Host
• FERPA 20 USC 1232g (b) - Remediation History by Date
• FERPA 20 USC 1232g (b) - Vulnerability Distribution by Host
• FERPA 20 USC 1232g (b) - Vulnerable Hosts Based on Open Ports.

The Information technology – Security techniques – Information security management systems (ISO/IEC) standard formally specifies a management system that is intended to bring information security under explicit management control. GFI LanGuard offers an extensive list of ISO/IEC Compliance reports, including:

• ISO/IEC 27001 A. 10.4 - Antivirus Applications
• ISO/IEC 27001 A. 10.7.2 - Disk Encryption Applications
• ISO/IEC 27001 A. 10.6.2 - Open Shares
• ISO/IEC 27001 A. 10.6.2 - Services
• ISO/IEC 27001 A. 10.6.2 - System Information.

The Federal Information Security Management Act (FISMA) assigns specific responsibilities to federal agencies, the National Institute of Standards and Technology (NIST) and the Office of Management and Budget (OMB) in order to strengthen information system security. In particular, FISMA requires the head of each agency to implement policies and procedures to cost-effectively reduce information technology security risks to an acceptable level. GFI LanGuard helps you be compliant to FISMA standards through the provided reports, which include:

• FISMA NIST SP 800-53 AC-2 - Groups and Users
• FISMA NIST SP 800-53 PM-5 - Computer Details
• FISMA NIST SP 800-53 PM-5 - Computer Summary
• FISMA NIST SP 800-53 SI-5 - Missing Security Updates by Host
• FISMA NIST SP 800-53 SI-7 - Antivirus Applications.

The Consensus Audit Guidelines (CAG) is a publication of best practice guidelines for computer security. The project was initiated as a response to extreme data losses experienced by organizations in the US defense industrial base. GFI LanGuard offers a list of CAG Compliance reports, including:

• CAG CC1 - Hardware Audit
• CAG CC1 - Scan History
• CAG CC3 - Audit Policy
• CAG CC3 - Low Security Vulnerabilities
• CAG CC11 - Open Ports.