This article describes the GFI LanGuard vulnerability levels, their significance, and the method of calculation and classification.
The GFI LanGuard vulnerability Level is a rating assigned to each scanned computer. The rating can be viewed from:
- Dashboard - The Dashboard section provides information for specific computers or selected groups of computers, from the computer tree.
- Select the computer/group and view the vulnerability meter from the right pane.
- Select Entire Network to view the vulnerability level for all the scan targets.
- Scan Results Details – This section in the Scan tab provides a vulnerability level meter assigned to the computers/groups that have been scanned.
Vulnerability level Calculation
The vulnerability level is calculated using a weighting system. After a scan, GFI LanGuard groups the discovered vulnerabilities in categories by severity rating:
For each rating, a weighted score is given. This is based on the total number of vulnerabilities per category.
|Category||Number of Detected Vulnerabilities||Scores|
After classifying the detected vulnerabilities and generating a score for each classification, the overall vulnerability level is determined. The vulnerability level is based on the severity rating with the highest score. The vulnerability level scores are:
- A score of >= 8, results in High vulnerability rating
- A score of <= 7 and >= 5, results in Medium vulnerability rating
- A score of <= 4 and >=1, results in a Low vulnerability rating
During a scan of Computer A, the following vulnerabilities were discovered:
- 3 high vulnerabilities
- 8 medium vulnerabilities
- 5 low vulnerabilities
The score for each category was calculated by GFI LanGuard and returned the following results:
- 3 high vulnerabilities = 9
- 8 medium vulnerabilities = 7
- 5 low vulnerabilities = 3
The vulnerability level for Computer A is therefore HIGH.
The vulnerability level is indicated using a color-coded graphical bar:
- Red bar = high vulnerability level
- Green bar = low vulnerability level
NOTE: When the vulnerability level cannot be assessed and/or vulnerability scanning was not performed, GFI LanGuard gives a rating of N/A.