Product manual
GFI LanGuard 8 Remediate Vulnerabilities | 116
8 Remediate Vulnerabilities
GFI LanGuard enables you to manually or automatically fix vulnerabilities on network computers. Use
the information in this chapter to learn how to configure and manage remediation operations to
maintain a high level of security amongst your scan targets.
Topics in this chapter:
8.1 Automatic Remediation 116
8.2 Manual Remediation 138
8.1 Automatic Remediation
Automatic-Remediation enables you to automatically download and deploy missing patches as well as
uninstall unauthorized applications during scheduled operations, automatically.
IMPORTANT
Auto–remediation and un–installation of un–authorized applications only work with
scanning profiles that detect missing patches and/or installed applications.
Automatic Remediation tasks:
Review Auto-Remediation Considerations
Configure Missing Updates Auto-Deployment
Configure Unauthorized Applications Auto-Uninstall
Configure Auto-Remediation options
Configure Wake-on-LAN on client machines
Configure End-User reboot and shut down options
Define Auto-Remediation Messages
Configure Agents Auto-remediation
8.1.1 Auto-remediation notes
Before enabling and configuring auto-remediation options, review the following notes about:
Installing software
Uninstalling software
Installing software
Always test patches in a test environment before deployment.
By default, Microsoft
®
updates are not enabled for automatic deployment. Manually approve each
patch (as it is tested) or set all Microsoft
®
updates as approved.
Uninstalling software
To uninstall software, a 3–stage process is required in order to identify whether the selected
application supports silent uninstall: