Press Release

LinkedIn Facebook Twitter RSS

Symantec Enterprise Security Manager Application Modules Extend Policy Enforcement and Security Assessment

CUPERTINO, Calif. - Aug. 6, 2002 - Symantec Corp. (NASDAQ: SYMC), the world leader in Internet security, today announced two Symantec Enterprise Security Manager (ESM) application modules, Symantec ESM for Databases 3.0 and Symantec ESM for Firewalls 2.0. Symantec ESM application modules seamlessly integrate into Symantec ESM 5.5, a feature-rich vulnerability management solution that offers IT security administrators the ability to proactively reduce corporate risk by automating and centralizing their security policy compliance management and security assessments.

The complexity of today’s heterogeneous, multi-tiered enterprise makes it a major challenge to create, measure and comply with security policies that meet regulatory guidelines while ensuring the confidentiality, integrity and availability of corporate assets. With the constantly shifting combinations of operating platforms and new applications, plus the emergence of multifaceted, blended threats like CodeRed and Nimda, the challenge has become more daunting.

"Today’s blended threats combine multiple attack methods and require smart, strategic security policies to protect network infrastructures from vulnerability exploits," said Ronald Van Geijn, director of product management at Symantec. "The combination of Symantec Enterprise Security Manager with the new application modules provides greater security to swiftly assess and address policy weaknesses in specific applications."

Comprehensive Policy and Compliance Management
Symantec ESM 5.5 automates the discovery of security vulnerabilities and deviations from security policies from a single location. IT security administrators can quickly and cost effectively create baselines and measure performance against those baselines to identify systems that are not in compliance and correct faulty settings to bring systems back into compliance. By automating repetitive operations, ESM allows administrators to off-load redundant tasks, thereby saving resources, providing the user with a centralized console view to instantly evaluate the current state of network security and compliance. It provides intelligent tools that allow security professionals to create pre-defined security baselines for all network systems and measures performance against those protocols. Symantec ESM 5.5 is a comprehensive solution performing more than 1,500 security checks and supports large installations of thousands of systems running multiple operating systems such as Windows NT, Novell NetWare, OpenVMS and most varieties of UNIX with minimal network impact.

Protection Extended with Application Modules
Strong security is paramount as mission-critical business processes have become increasingly dependent on applications. Databases contain millions of dollars worth of information, firewalls protect company assets and customer confidentiality from hackers and Web servers mirror a company’s image on the Internet. ESM application modules are plug-and-protect preventative solutions developed to extend policy management and security assessments beyond the operating system in order to ensure compliance and protect mission-critical e-business systems.

The application modules introduce new, sophisticated tools to secure applications, including checks for password strengths, patches and unneeded services, easing the administrative burden of measuring effectiveness of policies and enforcing compliance. Based on ISO 17799, and other industry best practices, standards and research, the ESM application modules include pre-configured policies for protecting specific application and operating system combinations from unique vulnerabilities.

The new Symantec ESM for Databases 3.0 includes policies for protecting Oracle databases; the new Symantec ESM for Firewalls 2.0 includes policies for protecting Symantec Enterprise Firewall and Checkpoint Firewall. Additional Symantec ESM application modules previously available include ESM for AntiVirus 1.0 (Symantec AntiVirus Corporate Edition) and ESM for Web Servers 2.0 (IIS, iPlanet, and Apache).

Policy Updates Ensure Protection Against Latest Threats
ESM and the application modules are integrated with Symantec’s unique LiveUpdate™ automated functionality, providing secure, remote updating and deployment of the latest security checks from a central location via the Web or corporate intranets. The solutions are is backed by Symantec Security Response, which delivers knowledgeable, proactive security protection through product security policies and best practice guidelines that can be updated and distributed through automated processes. Additionally, Symantec Security Response provides rapid reactive security protection through its incident response program, including emergency signatures, definitions and policies, and outbound communications, such as alerting services.

Symantec ESM 5.5, Symantec ESM for AntiVirus 1.0, Symantec ESM for Web Servers 2.0 and the new Symantec ESM for Databases 3.0 are currently available through Symantec's worldwide network of value-added authorized resellers, distributors and systems integrators. Symantec ESM for Firewalls 2.0 is scheduled to be available in late August. Organizations can be connected with Symantec resellers or distributors in their areas by visiting the Symantec Solution Provider locator at

Symantec Enterprise Security
Symantec ESM 5.5 and Symantec ESM application modules are important components of Symantec Enterprise Security, which provides any size organization with the technology, global response and services necessary to manage its information security. Symantec's comprehensive solution offers best-of-breed products to protect gateways, servers, and clients with firewall security, virus protection, intrusion detection, vulnerability management and virtual private networking (VPN). Customers benefit from Symantec's global network of researchers that provide customers with around-the-clock, immediate response to any new security-related attacks. Symantec Enterprise Security customers are also supported by one of the largest professional security organizations in the world, offering security consulting, security education and managed security services. For more information, please visit Symantec's enterprise Web site at

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at

NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.

FORWARD LOOKING STATEMENT: This press release contains forward-looking statements, including forecasts of future revenue and earnings per share, expected industry patterns, and other financial and business results that involve known and unknown risks, uncertainties and other factors that may cause our actual results, levels of activity, performance or achievements to differ materially from results expressed or implied by this press release. Such risk factors include, among others: the sustainability of recent growth rates, particularly in consumer products; whether certain market segments, particularly enterprise security, grow as anticipated; the positioning of Symantec's products in those segments; the competitive environment in the software industry; ability to integrate acquired companies and technology; ability to retain key employees; ability to successfully combine product offerings and customer acceptance of combined products; general market conditions, fluctuations in currency exchange rates, changes to operating systems and product strategy by vendors of operating systems; and whether Symantec can successfully develop new products and the degree to which these gain market acceptance. Actual results may differ materially from those contained in the forward-looking statements in this press release. Additional information concerning these and other risk factors is contained in the Risk Factors sections of Symantec’s previously filed Form 10-K and Form 10-Q.