ABOUT SYMANTEC

Press Release

LinkedIn Facebook Twitter RSS

Symantec Introduces Enterprise Security Manager for FISMA

Symantec ESM Best Practices Module Automates Government Agencies' Audits for Compliance with the Federal Information Security Management Act of 2002

CUPERTINO, Calif. - Jan. 28, 2004 - Symantec Corp. (Nasdaq: SYMC), the world leader in Internet security, today announced the release of Symantec Enterprise Security Manager (ESM) for the Federal Information Security Management Act of 2002 (FISMA). Symantec ESM for FISMA is a best practices policy module that seamlessly integrates into Symantec ESM, an industry-leading policy compliance solution, offering federal government IT administrators the ability to proactively reduce agency risk by automating and centralizing their security policy compliance management and ongoing security assessments.

Based on system security requirements of FISMA, Symantec ESM for FISMA provides specific, pre-configured security policies, which allow government agencies to audit their environments for compliance. The FISMA policies are designed to protect government information systems from being compromised by network attacks that exploit improperly configured systems and insufficient security management.

"The aim of FISMA is to help federal agencies define security baselines, embed security within IT initiatives and establish uniform criteria for security planning, testing and evaluation," said Tom Mazich, vice president, public sector, Symantec. "By providing centralized, real-time FISMA-based policy checks and creating supporting report documentation, Symantec ESM for FISMA helps our federal customers to proactively manage secure IT systems."

The Symantec ESM for FISMA policy module supports multiple operating systems including Microsoft Windows 2000 and Windows NT, Sun Solaris versions 2.6 through 2.9, IBM AIX, HP-UX and Red Hat Linux. The module is available free of charge for Symantec ESM users.

Primary objectives of the Federal Information Security Management Act of 2002 include providing a comprehensive framework ensuring the effectiveness of security controls over information resources supporting federal government operations and assets, providing for the development and maintenance of minimum controls required to protect federal information systems and providing a mechanism for improved oversight of federal agency information security programs.

About Symantec ESM
Symantec ESM is an industry-leading policy compliance solution that performs more than 2,000 different security and vulnerability checks to measure whether systems and applications are configured properly, and discover un-patched vulnerabilities so that they can be contained or remediated.

In addition, Symantec ESM is a key component of the Symantec Security Management System, which is comprised of multiple components that can be purchased and deployed separately, but also integrate with one another to provide the right set of security management applications unique to individual business objectives. Other key components of the Symantec Security Management System include Symantec Incident Manager and Symantec Event Managers.

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.

NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.

@Symantec