GFI Network Security and PCI Compliance Power Tools

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

Today all companies, U.S. federal agencies, and non-profit organizations have valuable data on their servers that needs to be secured. One of the challenges for IT experts is learning how to use new products in a time-efficient manner, so that new implementations can go quickly and smoothly. Learning how to set up sophisticated products is time-consuming, and can be confusing. GFI's LANguard Network Security Scanner reports vulnerabilities so that they can be mitigated before unauthorized intruders can wreck havoc on your network. To take advantage of the best things that GFI's LANguard Network Security Scanner has to offer, you'll want to configure it on your network so that it captures key events and alerts you to potential vulnerabilities before they are exploited.In this book Brien Posey has pinpointed the most important concepts with examples and screenshots so that systems administrators and security engineers can understand how to get the GFI security tools working quickly and effectively. His straightforward, no nonsense writing style is devoid of difficult to understand technical jargon. His descriptive examples explain how GFI's security tools enhance the security controls that are already built into your server's operating system.* Secure Your Network Master the various components that make up the management console and prepare to use it for most tasks.* Analyze Scan Results View detected vulnerabilities, save and print results, query open ports, and filter your results.* Install and Use the ReportPack Learn how to build custom reports and schedule reports. See how filters allow you to control the information that is processed when a reports is run.* Perform a Hardware Inventory and Compile a Software Inventory Use GFI to do your inventories and perform audits. See how to blacklist and whitelist applications to make your reports more meaningful.* Manage Patches Effectively See how to deploy a specific patch, perform a scan comparison, uninstall a patch, and deploy custom software.* Use GFI EndPointSecurity to Lock Down Hardware Be prepared for users trying to install unauthorized software, copy sensitive data onto removable media, or perform other actions to try and circumvent your network's security.* Create Protection Policies Control the level of device access allowed on a system and create separate protection policies; one for servers, one for workstations, and one for laptops. Learn how to deploy agents.* Regulate Specific Devices Master some of the advanced features of GFI: locking device categories, blacklisting and whitelisting devices, and using file type restrictions.* Monitor Device Usage Keep tabs on your network by setting logging options, setting alerting options, and generating end point security reports. * Use GFI EndPointSecurity to Lock Down Hardware* Create Protection Policies to Control the Level of Device Access* Master Advanced Features of GFI: Locking Device Categories, Blacklisting and Whitelisting Devices, Using File Type Restrictions and More

Author(s): Brien Posey
Edition: 1st
Publisher: Syngress
Year: 2008

Language: English
Pages: 463

Cover Page......Page 1
Copyright......Page 2
Technical Editor......Page 3
Lead Author......Page 4
Foreword Contributor......Page 5
Foreword......Page 7
Acknowledgements......Page 8
Installing GFI LANguard Network Security Scanner......Page 9
Installing GFI LANguard Network Security Scanner......Page 10
Installing SQL Server......Page 14
Continuing the GFI LANguard Network Security Scanner Setup Process......Page 19
Configuring a Standalone SMTP Server......Page 21
Configuring GFI LANguard for Use With Microsoft Exchange Server......Page 27
Continuing the Server Configuration Process......Page 31
Installing GFI LANguard Network Security Scanner......Page 33
Frequently Asked Questions......Page 34
An Introduction to the GFI LANguard Network Security Scanner Management Console......Page 35
The Main Console Screen......Page 36
The Configuration Screen......Page 38
Scanning Profiles......Page 39
The Settings Section......Page 41
Computer Profiles......Page 42
The Tools Screen......Page 43
The Tools Screen......Page 47
Frequently Asked Questions......Page 48
Performing a Security Scan......Page 49
Performing Your First Security Scan......Page 50
A Shortcut to Scanning......Page 56
Performing a Full Network Security Scan......Page 58
Aborting a Scan......Page 61
Performing a Full Network Security Scan......Page 62
Frequently Asked Questions......Page 63
Analyzing the Scan Results......Page 64
Viewing the Scan Results......Page 65
Viewing the Vulnerabilities that Were Detected......Page 67
Potential Vulnerabilities......Page 70
Getting More Information......Page 71
Querying Open Ports......Page 75
Filtering the Scan Results......Page 78
Getting More Information......Page 84
Filtering the Scan Results......Page 85
Frequently Asked Questions......Page 86
Using the ReportPack......Page 87
Installing the ReportPack......Page 88
Creating a Report......Page 92
Favorite Reports......Page 96
Custom Reports......Page 98
Creating Data Filters......Page 99
Creating a Custom Report......Page 103
Scheduled Reports......Page 105
Other Options......Page 109
Scheduled Reports......Page 111
Frequently Asked Questions......Page 112
Inventories and Auditing......Page 113
Performing a Hardware Inventory......Page 114
Dealing With Information Overload......Page 143
Compiling a Software Inventory......Page 146
Analyzing the Results......Page 147
Blacklisting and Whitelisting Applications......Page 151
Network Documentation......Page 153
Network Diagrams......Page 154
Network Mapping for Windows XP......Page 157
Network Mapping for Windows Server 2003......Page 158
What Else is Missing?......Page 160
Analyzing the Results......Page 161
Network Documentation......Page 162
Frequently Asked Questions......Page 163
Patch Management......Page 164
Downloading Microsoft Patches......Page 165
Scanning for Missing Updates......Page 168
Viewing the Report......Page 170
Viewing Missing Patch Information Through the Management Console......Page 176
Applying Microsoft Service Packs......Page 178
Double Check the Patch Management Status......Page 185
Deploying a Specific Patch......Page 186
Performing a Scan Comparison......Page 187
Uninstalling a Patch......Page 190
Deploying Custom Software......Page 191
Deploying a Specific Patch......Page 194
Deploying Custom Software......Page 195
Frequently Asked Questions......Page 196
Installing GFI EndPointSecurity......Page 197
The GFI EndPointSecurityAgent’s Requirements......Page 198
Installing GFI EndPointSecurity......Page 199
Configure User Groups......Page 201
Configure the Backend Database......Page 203
Configuring a Standalone SMTP Server......Page 205
Configuring GFI EndPointSecurity for Use With Microsoft Exchange Server......Page 211
Network Alerts......Page 214
SMS Alerts......Page 216
Who Gets Alerted?......Page 217
Installing the ReportPack......Page 220
Hardware and Software Requirements......Page 224
Installing the ReportPack......Page 225
Frequently Asked Questions......Page 226
Defining Protection Policies......Page 227
Creating Protection Policies......Page 228
Defining the Computers That You Want to Protect......Page 230
Setting Log-on Credentials......Page 233
Deploying Agents......Page 235
Active Directory Based Deployment......Page 237
Setting Device Permissions......Page 240
Adding Permissions......Page 243
Modifying Protection Policy Membership......Page 250
Setting Device Permissions......Page 251
Frequently Asked Questions......Page 252
Advanced Security Configurations......Page 253
Locating a Device’s Hardware ID......Page 254
Making GFI EndPointSecurity Aware of a Device......Page 256
Setting Permissions for a Specific Device......Page 261
Blacklisting and Whitelisting Devices......Page 263
Blacklisting a Specific Device......Page 264
Whitelisting Devices......Page 266
Making Exceptions for Power Users......Page 267
Clearing Existing Permissions......Page 270
File Type Restrictions......Page 271
File Type Restrictions......Page 276
Frequently Asked Questions......Page 277
End Point Management......Page 278
The End User Experience......Page 279
Removing the Agent Component......Page 280
Making Temporary Exceptions......Page 284
Making Temporary Exceptions......Page 292
Frequently Asked Questions......Page 293
Monitoring Device Usage......Page 294
Setting Logging Options......Page 295
Setting Alerting Options......Page 297
Configuring Alert Recipients......Page 300
Generating End Point Security Reports......Page 302
Creating a Report......Page 304
Keeping Tabs on Your Network......Page 309
Updating Agents......Page 310
Device Statistics......Page 313
Keeping Tabs on Your Network......Page 315
Frequently Asked Questions......Page 316
Installing GFI EventsManager......Page 317
Hardware and Software Requirements......Page 318
Installing GFI EventsManager......Page 319
Performing the Initial Configuration......Page 321
Configuring the Backend Database......Page 322
Configuring an Administrative Account......Page 323
Configuring a Stand-Alone SMTP Server......Page 327
Configuring GFI EventsManager for Use with Microsoft Exchange Server......Page 334
Network Alerts......Page 338
SMS Alerts......Page 339
Configuring Events Sources......Page 340
Installing the ReportPack......Page 342
Summary......Page 346
Installing the ReportPack......Page 347
Frequently Asked Questions......Page 348
Browsing the Event Logs......Page 349
Browsing the Logs......Page 350
Other Types of Events......Page 352
Customizing the Events Browser View......Page 354
Creating Custom Queries......Page 357
Exporting Events......Page 361
Exporting Events......Page 363
Frequently Asked Questions......Page 364
Event Processing Rules......Page 365
Default Classification Actions......Page 366
Event Processing Rules......Page 368
The Anatomy of a Rule......Page 370
The General Tab......Page 372
The Conditions Tab......Page 373
The Actions Tab......Page 375
Action Profiles......Page 376
The Threshold Tab......Page 377
Making Your Own Rules......Page 378
Making Your Own Rules......Page 380
Frequently Asked Questions......Page 381
Getting the Big Picture......Page 382
Status Reports......Page 383
Job Activity......Page 384
Statistics......Page 385
Accessing the ReportCenter......Page 386
Reporting......Page 391
Frequently Asked Questions......Page 392
Installing and Configuring GFI Network Server Monitor......Page 393
Software Requirements
for the GFI Network Monitor Server......Page 394
Installing GFI Network Server Monitor......Page 395
Performing the Initial Configuration......Page 399
Creating Separate Folders......Page 404
The General Tab......Page 405
The Logon Credentials Tab......Page 406
Alerts......Page 407
The Run External File Section......Page 409
Reboot Computer/Restart Services......Page 410
The Dependencies Tab......Page 411
The Maintenance Tab......Page 412
Folder Behavior......Page 413
Creating Separate Folders......Page 416
Frequently Asked Questions......Page 417
Working with GFI Network Server Monitor’s Configuration Console......Page 418
Customizing Monitoring Checks......Page 419
Adding a Monitoring Check......Page 420
Modifying a Monitoring Check......Page 423
Deleting a Monitoring Check......Page 424
Moving Servers and Monitoring Checks......Page 425
Monitoring Checks Status......Page 426
Remote Monitoring......Page 429
Built-in Tools......Page 430
Enumerate Computers......Page 431
Enumerate Processes......Page 433
DNS Lookup......Page 435
Who Is......Page 436
Trace Route......Page 437
SNMP Tools......Page 438
Built-in Tools......Page 439
Frequently Asked Questions......Page 440
GFI Network Monitor’s Additional Components......Page 441
The Activity Monitor......Page 442
Viewing Monitoring Check Status Remotely......Page 443
The Reporter......Page 445
The Troubleshooter......Page 450
The Troubleshooter......Page 454
Frequently Asked Questions......Page 455
C......Page 456
G......Page 457
I......Page 460
R......Page 461
U......Page 462
W......Page 463