Press Release

LinkedIn Facebook Twitter RSS

Symantec ManHunt Delivers Enhanced Protection Against Network Intrusionsv

A Component of Symantec Intrusion Protection, Symantec ManHunt 3.0 Accurately and Effectively Identifies Attacks at Multi-gigabit Speeds While Reducing False Positives

CUPERTINO, Calif. - June 23, 2003 - Symantec Corp. (NASDAQ: SYMC), the world leader in Internet security, today announced the release of Symantec ManHunt 3.0, which provides multi-gigabit network intrusion detection, real-time threat analysis, and proactive prevention and response capabilities to protect organizations against emerging threats and denial-of-service attacks.

"The ever-increasing number of high visibility, complex attacks on corporate networks has advanced the need for a sophisticated solution that can outpace new and emerging security threats, protect networks, and ensure the safety of critical business assets," said Sandeep Kumar, director of product management at Symantec. "Symantec ManHunt offers one of the fastest and most comprehensive network intrusion detection solutions available with flexible deployment options that help reduce total cost ownership for an enterprise."

Symantec ManHunt monitors network traffic at speeds of up to two gigabits per second on up to six-gigabit interfaces, dependent upon system configuration. Its multi-layered detection architecture combines protocol anomaly detection, signature detection, denial-of-service and scan detection, and IDS evasion detection to accurately and effectively identify attacks.

Protocol anomaly detection allows administrators to identify and respond to emerging threats, such as new, variant and polymorphic exploits. It focuses on the structure and content of the communications, detecting previously unknown and new attacks as they happen. Many of today's attacks target application protocols such as HTTP, FTP, RPC, SMTP and DNS. Symantec ManHunt sensors model protocol rules to identify traffic that violates protocols, such as unexpected data, extra and invalid characters, and possible buffer overflow conditions. While similar attacks are bypassing intrusion detection solutions that are solely signature-based, Symantec ManHunt recognizes such attacks as protocol anomalies and reports them to the system administrators, giving them an upper hand to respond to the new threat.

In addition, Symantec ManHunt offers extensive signature detection to enhance its multi-layered detection architecture. It also couples protocol anomaly detection with event refinement to accurately identify known attacks and exploits using well recognized industry-assigned names, which enables accurate responses to further protect networks.

Symantec ManHunt prevents attacks from damaging an organization's critical assets through proactive response capabilities. It can be customized to terminate TCP sessions, trace the attack back to the source, enforce flow policy compliance, initiate a custom response, and send email and SNMP notifications to allow administrators to contain and control intrusions and denial-of-service attacks in real time.

To alleviate the burden of event management, Symantec ManHunt provides a state-of-the-art analysis and correlation engine. For most organizations, IDS products generate mass volumes of data, which requires both security expertise and time to sort through to find the relevant information, assess the problem, take action and merge data for reporting. Symantec ManHunt filters out redundant data and analyzes only relevant information, providing attack awareness without the data overload.

Symantec ManHunt also offers comprehensive security coverage from Symantec Security Response, the world's leading Internet security research and support organization. Regular Symantec Security Updates provide the latest security context and vulnerability information, signatures and event refinement rules to protect against ever-increasing threats.

Further, Symantec ManHunt now offers additional OS support for Red Hat Linux, providing a cost-effective, easy-to-deploy and manageable enterprise security solution.

Symantec ManHunt is a key component of Symantec Intrusion Protection, which offers the flexibility to implement the appropriate technology to anticipate, detect, prevent, and mitigate attacks from internal and external intruders. Symantec Intrusion Protection consists of products and services that evolve with an organization to meet its changing security needs as the business grows. Elements of Symantec Intrusion Protection may include network- and host-based intrusion detection and prevention, integrated appliances, early warning services, and analysis and mitigation services. Unlike point-product security vendors that provide only a single element of this strategy, Symantec offers all of these elements for comprehensive intrusion protection.

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at

NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.