Overview
This article provides information regarding the available out of the box LanGuard Scanning Profiles to help you to select the correct profile for your scan targets, which contains (only) all the checks relevant to your environment and purposes.
Information
Scanning Profiles are collections of tests and vulnerability checks used to retrieve (only) the desired information from the scan targets. LanGuard contains a set of default Scanning Profiles, which can be customized with the Scanning Profile Editor.
In environments where agents cannot be used, and the connections are either slow, or the network is very large, it is important to select the correct Scanning Profile.
You can view all the available default and customized profiles from the LanGuard console by navigating to the Configuration > Scanning Profiles.
A profile name may have the (Active) tag as a suffix. This means that it was recently used in an Interactive Scan via the Scan tab.
Use the information provided in the following sections to understand what each scanning profile detects on your scan targets:
Complete/Combination Scans
Scanning profiles that enable both vulnerability assessments along with network and software audits.
Scan Profile |
Description |
Full Vulnerability Assessment |
Use this Scanning Profile to enumerate particular network vulnerabilities, e.g., open TCP/UDP ports commonly exploited by Trojans, missing patches and service packs, etc. The list of vulnerabilities identified by this profile can be customized through the Vulnerabilities tab. This profile will scan all vulnerabilities, including vulnerabilities that have an associated Microsoft patch, which are considered missing patches. This profile does not enumerate installed USB devices and applications. |
Full Scan |
Use this Scanning Profile to retrieve system information and scan your network for all supported vulnerabilities, including open TCP/UDP ports, missing patches, and service packs, USB devices connected, and more. The vulnerability check timeouts in this profile are specially preconfigured to suit the network traffic and transmission delays usually associated with LAN environments. |
Full Scan (Slow Networks) |
Use this Scanning Profile to retrieve system information and scan your network for all supported vulnerabilities, including open TCP/UDP ports, missing patches, and service packs, USB devices connected, and more. The vulnerability check timeouts in this profile are specifically preconfigured to suit the network traffic and transmission delays usually associated with WAN environments. |
Vulnerability Assessment
Scanning profiles that enable vulnerability assessments.
Scan Profile |
Description |
Top SANS 20 Vulnerabilities |
Use this Scanning Profile to enumerate all vulnerabilities reported in the SANS Top 20 lists. |
High-Security Vulnerabilities |
Use this Scanning Profile to enumerate open TCP/UDP ports and high-security vulnerabilities. The list of TCP/UDP ports and high-security vulnerabilities enumerated by this profile can be customized through the TCP/UDP Ports tabs and the Vulnerabilities tab, respectively. |
Last Year's Vulnerabilities |
Use this Scanning Profile to enumerate network vulnerabilities that emerged during the last 12 months. |
Only Web |
Use this Scanning Profile to identify web–server specific vulnerabilities. This includes scanning and enumerating open TCP ports that are most commonly used by web–servers, such as port 80. This profile scans only TCP ports commonly used by web-servers. Network auditing operations and enumeration of vulnerabilities and missing patches are not performed using this profile. |
Missing Patches |
Use this Scanning Profile to enumerate missing patches. The list of missing patches enumerated by this profile can be customized through the Patches tab. |
Critical Patches |
Use this Scanning Profile to enumerate only missing patches that are tagged as essential. The list of critical patches enumerated by this profile can be customized through the Patches tab. |
Last Month's Patches |
Use this Scanning Profile to enumerate only missing patches that were released last month. The list of missing patches enumerated by this profile can be customized through the Patches tab. |
Only Service Packs |
Use this Scanning Profile to enumerate missing service packs. The list of service packs that will be enumerated by this profile can be customized through the Patches tab. |
Non-Microsoft Patches |
Use this Scanning Profile to enumerate missing third-party patches, e.g., Adobe products. |
Security Patches |
Use this Scanning Profile to enumerate missing Microsoft and non-Microsoft security patches on your scan targets. |
Network & Software Audit
Scanning profiles that enable network and software audits.
Scan Profile |
Description |
Trojan Ports |
Use this Scanning Profile to enumerate open TCP/UDP ports that are commonly exploited by known Trojans. The list of TCP/UDP ports to be scanned can be customized through the TCP Ports and UDP Ports tabs, respectively. This profile scans only the TCP/UDP ports commonly exploited by known Trojans. Network auditing operations and enumeration of other open TCP/UDP ports and missing patches are not performed. |
Port Scanner |
Use this Scanning Profile to enumerate open TCP/UDP ports, including those most commonly exploited by Trojans. The list of ports that will be enumerated by this profile can be customized through the TCP/UDP ports tab. |
Software Audit |
Use this Scanning Profile to enumerate all software applications installed on scan targets. This includes security software such as antivirus and antispyware. |
Full TCP & UDP Scan |
Use this Scanning Profile for auditing your network and enumerating all open TCP and UDP ports. |
Only SNMP |
Use this Scanning Profile to perform network discovery and retrieve information regarding hardware devices (routers, switches, printers, etc.) with SNMP enabled. This enables you to monitor network-attached devices for conditions that require administrative attention. |
Ping Them All |
Use this Scanning Profile for auditing your network and enumerating all computers that are currently connected and running. |
Share Finder |
Use this Scanning Profile for auditing your network and enumerating all open shares, either hidden or visible. This profile performs no vulnerability checks. |
Uptimes |
Use this Scanning Profile to audit your network and identify how long each computer has been running since the last reboot. |
Disks Space Usage |
Use this Scanning Profile for auditing your network and retrieving system information on available storage space. |
System Information |
Use this Scanning Profile to retrieve system information such as operating system details, wireless/virtual/physical network devices connected, USB devices connected, installed applications, and more. |
Hardware Audit |
Use this Scanning Profile to audit your network and enumerate all hardware devices currently connected to your network computers. |
Network Discover |
Use this Scanning Profile to enumerate any IP enabled device connected to your network. |