Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

6/26/2006
01:47 AM
50%
50%

Lockdown Joins Microsoft Program

Lockdown announced the launch of its open iNAC architecture

SEATTLE -- Lockdown Networks®, the leading provider of Network Access Control (NAC) solutions that ensure all users and devices on the network comply with security and IT policies, today announced the launch of its open iNAC® (intelligent NAC) architecture for collaboration and integration with a full spectrum of security, endpoint and network infrastructure technologies. The iNAC architecture creates an extensible NAC policy environment that enables third-party security and network infrastructure products to collaborate in network access policy decisions, and to share information critical to network and endpoint security with the Lockdown Enforcer™. Through collaborative product development, iNAC-enabled applications enhance overall network security, while simultaneously improving the end-user experience and maximizing the value of IT and security investments. Lockdown’s iNAC architecture is used to integrate Lockdown Enforcer with Enterasys Networks intrusion detection technology, PatchLink patch management software, Microsoft NAP and IBM Tivoli, and will be used for integration with Intel vPro Technology.

Lockdown iNAC delivers a universe of interoperability that increases the security of the network, while improving the end-user experience and productivity. iNAC realizes these benefits by sharing data and integrating policies with diverse solutions such as VPN, application access, firewall, patch management, security frameworks, and intrusion protection and detection solutions.

"We selected Lockdown NAC because it would integrate with our existing infrastructure and allows us to control user access to varying security levels," said George Owoc of EADS Astrium North America. "With iNAC, Lockdown's solution looks even better as we will be able to integrate future infrastructure investments. For example, Lockdown's approach could enable us to fully automate remediation processes for non-compliant endpoints, eliminating the time consuming end-user driven remediation process."

Lockdown Networks Inc.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19033
PUBLISHED: 2019-11-21
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.
CVE-2019-19191
PUBLISHED: 2019-11-21
Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.
CVE-2019-15511
PUBLISHED: 2019-11-21
An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed....
CVE-2019-16405
PUBLISHED: 2019-11-21
Centreon Web 19.04.4 allows Remote Code Execution by an administrator who can modify Macro Expression location settings.
CVE-2019-16406
PUBLISHED: 2019-11-21
Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.