Overview
This article describes the GFI LanGuard vulnerability levels, their significance, and the method of calculation and classification.
Introduction
The GFI LanGuard vulnerability Level is a rating assigned to each scanned computer. The rating can be viewed from:
- Dashboard - The Dashboard section provides information for specific computers or selected groups of computers, from the computer tree.
- Select the computer/group and view the vulnerability meter from the right pane.
- Select Entire Network to view the vulnerability level for all the scan targets.
- Scan Results Details – This section in the Scan tab provides a vulnerability level meter assigned to the computers/groups that have been scanned.
Description
Vulnerability level Calculation
The vulnerability level is calculated using a weighting system. After a scan, GFI LanGuard groups the discovered vulnerabilities in categories by severity rating:
- High
- Medium
- Low
For each rating, a weighted score is given. This is based on the total number of vulnerabilities per category.
Weight Scores
Category | Number of Detected Vulnerabilities | Scores |
---|---|---|
High Vulnerabilities | 1-2 3-5 > 5 |
8 9 10 |
Medium Vulnerabilities | 1-2 3-5 > 5 |
5 6 7 |
Low Vulnerabilities | 1-2 3-5 > 5 |
2 3 4 |
Score Classification
After classifying the detected vulnerabilities and generating a score for each classification, the overall vulnerability level is determined. The vulnerability level is based on the severity rating with the highest score. The vulnerability level scores are:
- A score of >= 8, results in High vulnerability rating
- A score of <= 7 and >= 5, results in Medium vulnerability rating
- A score of <= 4 and >=1, results in a Low vulnerability rating
Example
During a scan of Computer A, the following vulnerabilities were discovered:
- 3 high vulnerabilities
- 8 medium vulnerabilities
- 5 low vulnerabilities
The score for each category was calculated by GFI LanGuard and returned the following results:
- 3 high vulnerabilities = 9
- 8 medium vulnerabilities = 7
- 5 low vulnerabilities = 3
The vulnerability level for Computer A is therefore HIGH.
The vulnerability level is indicated using a color-coded graphical bar:
- Red bar = high vulnerability level
- Green bar = low vulnerability level
NOTE: When the vulnerability level cannot be assessed and/or vulnerability scanning was not performed, GFI LanGuard gives a rating of N/A.