Risk
7/27/2006
10:15 AM
Connect Directly
RSS
E-Mail
50%
50%

Take Network Computing's NAC Survey

Share your opinions on Network Admission Control solutions. It takes just minutes!

6:15 --

Dear Dark Reader,

Network Computing needs your help. The publication is examining the issues surrounding the role of Network Admission Control solutions in enterprise security strategies. For the purposes of this survey the term "Network Admission Control" or its abbreviation "NAC" refers to a broad set of solutions that address the security issues related to devices connecting to a corporate network. Specifically, NAC solutions generally solve one or more of the following problems:

    1) Pre-connect host posture assessment
    2) Violating host quarantine
    3) Violating host remediation
    4) Post-connect posture monitoring
    5) Post-connect policy enforcement (with optional real-time network threat analysis).

Please take time to share your opinions on Network Admission Control solutions in general and within your organization. Your opinion is valuable to us.

The survey can be found here.

We sincerely appreciate your participation.

— The Staff, Dark Reading

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7392
Published: 2014-07-22
Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.

CVE-2014-2385
Published: 2014-07-22
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter t...

CVE-2014-4326
Published: 2014-07-22
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.

CVE-2014-4511
Published: 2014-07-22
Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name in the URI of a request for a (1) blame, (2) file, or (3) stats page, as demonstrated by requests to blame/master/, master/, and stats/master/.

CVE-2014-4911
Published: 2014-07-22
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.