Press Release

LinkedIn Facebook Twitter RSS

Symantec ManHunt Receives NSS Approved Award During Gigabit Intrusion Detection Test

The NSS Group Rates Symantec ManHunt as a True Gigabit IDS Solution

CUPERTINO, Calif. - August 11, 2003 - Symantec Corp. (NASDAQ: SYMC), the world leader in Internet security, today announced that Symantec ManHunt network intrusion detection system achieved the recognized NSS Approved award in an independent test of Gigabit Intrusion Detection Systems (IDS) by The NSS Group, Europe's leading network and security testing organization.

The NSS Group's test evaluated the attack detection accuracy, performance, attack evasion, stateful operation and management of all participating products in real-world conditions.

Symantec ManHunt's results in stateful operation were flawless; it was the only product to track 1 million real connections easily using the default settings out of the box, with no tuning required.

In the Gigabit performance tests, Symantec ManHunt demonstrated excellent levels of performance across the board. The product achieved 100 percent detection rates at all load levels in all "real world" traffic tests, and was capable of monitoring fully utilized Gigabit networks.

"ManHunt manages to combine very high levels of performance with an excellent correlation engine and good reporting and analysis capabilities across multiple sensors," said Bob Walder, Director The NSS Group Ltd. "The ability to correlate data from third-party IDS and firewall products makes it particularly attractive in large enterprise deployments, whilst the reduction in false positives and enhanced protection against zero-day exploits offered by the protocol anomaly detection architecture makes it attractive in any environment."

Symantec ManHunt's unique hybrid detection capabilities excelled during the test, with the report noting this as a trend for future Network IDS products. The strength of combining multiple detection techniques within the product was highlighted in the detection tests with Symantec ManHunt achieving an excellent custom Attack Recognition Rating (ARR) of 96 percent. In addition, Symantec ManHunt's protocol anomaly detection, which detects zero-day attacks without the need for signatures updates, showed complete resistance to false positives generated during the test, achieving a perfect score.

The test also underlined Symantec ManHunt's strength in its incident management capabilities. For most organizations, IDS products generate mass volumes of data, which requires both security expertise and time to sort through to find the relevant information, assess the problem, take action and merge data for reporting. The NSS Group commends Symantec ManHunt's correlation engine for its ability to combine multiple events from multiple sensors into single incidents, alleviating the burden of distinguishing the genuine alerts from the irrelevant.

"Symantec ManHunt solves the inherent problems seen in traditional IDS products - false positives, data overload, ineffective countermeasures and poor management," said Sandeep Kumar, director of product management at Symantec. "We are very pleased with the results of The NSS Group's IDS test, and remain committed to providing our customers with a best-of-breed, true Gigabit IDS solution."

Overall, The NSS Group endorsed Symantec ManHunt as having accomplished perfect or near-perfect detection capabilities at all levels and all types of traffic in the tests. It also recommended Symantec ManHunt for customers with a genuine need to monitor Gigabit levels of traffic with a single sensor and zero risk of dropped packets.

The NSS Group's Gigabit IDS test report is available for review at

About Symantec ManHunt
Symantec ManHunt is a network-based intrusion detection system that monitors network traffic at speeds of up to two gigabits per second on up to six-gigabit interfaces, dependent upon system configuration. Its multi-layered detection architecture combines protocol anomaly detection, signature detection, denial-of-service and scan detection, and IDS evasion detection to accurately and effectively identify attacks. It also offers a state-of-the-art analysis and correlation engine that filters out redundant data and analyzes only relevant information, providing attack awareness without the data overload.

About NSS
The NSS Group is Europe's foremost independent network and security testing facility. Based in the UK with separate security and network infrastructure testing facilities in the South of France, The NSS Group offers a range of specialist IT, networking and security-related services to vendors and end-user organisations world-wide. The Group consists of two wholly-owned subsidiaries: NSS Network Testing Laboratories and Network Security Services. Output from the labs, including detailed research reports, articles and white papers on the latest network and security technologies, are made available on the NSS web site at

Further information on The NSS Group is available at

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at

NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.