cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
douglasf01
Engaged Sweeper
Hi,

I work for a company called account control technology, and we are interested in Lansweeper, but we are not too sure how safe or secure this product really is.
We compare this to a product called Dell KACE and it did everything Dell's product would do. The only major difference was the price, and thats what flagged us really.

Can anyone here give me some insight on how well this works?
How much network usage this takes up?
How this actually scans for new hardware and software?
If there isnt a client install, then how does this work?
It fully integrates with Active Directory, how so?
How does it pull back information about a computer, the OS it runs, and the software it has?
And is this product secure?

Thanks,

Douglas Futrell
7 REPLIES 7
bob_11
Engaged Sweeper III
You can map switch ports in 4.2 as well with custom actions.... Just saying 😉
akcsie
Engaged Sweeper
My company owns both Lansweeper and Kace too. Lansweeper is awesome and worth every penny.
We have more than 3000 network devices on the network, whenever we want to look up a device we only need to type in user name/ computer name / ip, then we get all information in seconds. In version 5.0, you can even know what switch/port a devices is connecting to, it's pretty useful.

Lansweeper has a modern and intuitive web GUI, and it is easy to use from the start. For Kace, not so much, the GUI sucks and be ready to read a 400-pages manual before you start. Lansweeper and Kace may have some overlaps in functionalities, but overall they are different products with different coverage.

Lansweeper use WMI or SNMP to retrive information from devices, while Kace installs agent on each computer. We use Kace only to push software and patches, and that's pretty much it. If your company can afford Kace, then you must be able to buy Lansweeper, but if yor companny cannot afford Kace, I would still strongly recommend you consider Lansweeper.
chads
Lansweeper Alumni
Our company is 1.5 Years into LANsweeper and coming from SCCM at another company it is by far the best bang for the buck. Support on email and Skype is like talking to a super hero. try getting that from another vendor
Padymcc
Engaged Sweeper
While our IT vendor uses KACE, we audit all the information they provide to us with LANsweeper. LANsweeper is fantastic.
joegasper
Engaged Sweeper
I'm 3+ years in, other products have come along (SCCM, Kace), we still use Lansweeper for getting real work done.

Look at the membership, a number of users (paid, too) all across the world - should tell it must do something well... 🙂

Network: This number continues to drop it seems with each update. The devs are doing a good job on finding ways to keep this low enough to work across some slow lines. On a LAN, it's not something I've needed to look at. If you have slow remote sites, you can look at the Enterprise license to allow local scanning. You can tell the scan system to only look for specific internal hardware (say you don't have floppy drives, you can have that scan ignored). Or you can tell the scan server to only check for a floppy drive once a month, not every time the computer is scanned.

Software on a Windows system is discovered with remote WMI calls. Windows system's hardware is also inventoried by remote WMI calls. Other hardware, printers, Macs, NAS, phones, switches, all can be inventoried with SSH or SNMP (you can configure different authentication for each type of scan, down to the individual network or device.)

No client/agent is required. If you wish, you can have a small exe run a user logon to "ping" the scanning server to come give that person's PC a scan. In the beta 4.2, there is a new exe that can run on the PCs that does the scanning locally, and forwards the results to the scanning server (great for systems behind a firewall, or non-domain connected systems).

If you use AD credentials to operate the scan server, it can pull user information into the the Lansweeper database (you can use this info for reporting/searching). With AD credentials in use, the scan server can operate under a service account that has remote admin access to your computers to perform the WMI scans. Or you can choose to use different credentials per network - even scan a different domain's computers. I'm not sure it's best for large shops, but you give the scan server credentials to your Domain Controller's and their logs can be scanned looking for computers as the come online, the adding them to the scan queue.

With basic, standard, configuration of your systems, Lansweeper will operate securely. Without a required agent installed on all your systems (or .NET 1.1 like the Kace does...), the threat profile is reduced.

We have a good community and good support in the forums. Go for it.
Hemoco
Lansweeper Alumni
joegasper wrote:
I'm 3+ years in, other products have come along (SCCM, Kace), we still use Lansweeper for getting real work done.

Think I'll use this in our testimonials 😉
rgross
Engaged Sweeper III
Been using the product for about 7 months now and it has been working perfectly, the desktop guys like using this instead of SCCM for reporting!

The standard scans do not use much bandwidth over the network, the only time I noticed hits was when we were scanning IP ranges for printers,phones or linux devices.

Lansweeper uses WMI to collect all the information from the client and then stores it in an SQL database.

I might be wrong on this one, but it almost seems to run an LDAP query against AD to get a list of newly added computers, once it discover's a new computer name it will add it to the "to be scanned" list.

The SQL database is secure on a server and is password protected, the web interface can be locked down to allow only certain AD groups access.