CUPERTINO, Calif. - Feb. 12, 2003 - Symantec Corp. (Nasdaq: SYMC), the world leader in Internet security, today unveiled the industry's premier global early warning system with the release of Symantec DeepSight Threat Management System 4.0. This unique early warning system provides enterprises a comprehensive birds-eye view of global Internet attacks in a timely manner, delivering quick analyses and countermeasures to protect against or even avoid malicious threats. The DeepSight Threat Management System tracks security threats as they occur on a global basis by gathering data from firewalls and intrusion detection systems (IDS) of more than 19,000 partners in over 180 countries - the most extensive data network in the world.
"The rapid proliferation of threats such as the Slammer worm illustrates the importance of an early warning system to help enterprises prepare for and defend against attacks," said Arthur Wong, vice president of Symantec Security Response. "By giving administrators detailed attack information and mitigation procedures for threats as they occur, Symantec DeepSight Threat Management System enables enterprises to significantly improve their security postures and mitigate or eliminate damages."
For example, the DeepSight Threat Management System discovered the Slammer worm hours before it began rapidly propagating. Symantec's DeepSight Threat Management System then delivered timely alerts and procedures, enabling administrators to protect against the attack before their environment was compromised. This combination of comprehensive up-to-the-minute attack data combined with effective solutions, patches, and countermeasures enable corporations to protect information infrastructure while avoiding downtime and lost productivity.
Data Collection and Notification
With the addition of firewall data integration in version 4.0, Symantec DeepSight Threat Management System now detects new widespread attacks that were previously not recognized. This extends early warnings to impending threats by recognizing suspicious, unidentifiable activity targeting specific ports and devices on virtually any technology platforms around the world.
Once security data is collected, Symantec analysts utilize sophisticated techniques and data mining to determine patterns that indicate a launched attack. Based on their detailed and thorough understanding of vulnerabilities and attacks, analysts generate comprehensive and timely notifications enabling customers to focus their resources on attack prevention.
With powerful customization features, customers can specify that they only receive notifications of a certain urgency and impact level, specific to their enterprise technologies. Additionally, it allows the customer to personalize the information so that they only receive relevant information - down to the software version level. Customers have the ability to receive these notifications via e-mail, fax, SMS, or telephone. These capabilities provide flexibility while helping to streamline operations, ease information flow, and speed the delivery of timely early warning data.
Reporting and Analyses
New analysis reports provide users with detailed information on activities related to user-specified IP addresses, events, and ports. In addition, a new report wizard guides the user through the report configuration process. These enhanced reporting capabilities enable security professionals as well as management to easily understand the origin, spread, destination, target, and other characteristics of global attacks. These factors allow managers to accurately allocate resources and strengthen their own security posture.
Version 4.0 of Symantec DeepSight Threat Management System also offers an expanded statistics component that highlights the most active IDS and firewall events and also introduces a new Analyst Watch page. The Analyst Watch page provides customers with a window into the world of Symantec analysts, quickly highlighting the potential hot spots that Symantec analysts identify as most critical.
Symantec DeepSight Threat Management System is complemented by Symantec DeepSight Alert Services, which provides detailed notification of potential threats as they're identified. Symantec DeepSight Alert Services provides customers with the intelligence needed to mitigate vulnerabilities before they can be exploited and helps protect systems from malicious code before it strikes.
Symantec Security Response
For additional security intelligence and protection, Symantec DeepSight Threat Management System and Symantec DeepSight Alert Services are supported by Symantec Security Response, the world's leading Internet security research and support organization. Symantec Security Response leverages sophisticated threat and early warning systems to help provide customers with comprehensive, global, 24x7 Internet security expertise to proactively guard against today's complex threats.
Pricing and Availability
Symantec DeepSight Threat Management System 4.0 is currently available to Symantec certified partners. For more information, visit www.symantec.com/partners.
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.
NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.
Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.