Symantec Hong Kong
 global sites
products
purchase
service and support
security updates
downloads
about symantec
search
feedback


© 1995-2006 Symantec Corporation.
All rights reserved.
Legal Notices
Updated Privacy Policy
press centre

Symantec unveils new intrusion detection and prevention solutions strengthening enterprise security measures

Hong Kong -- December 17 2002 - Symantec, the world leader in Internet security, today unveiled its comprehensive intrusion detection and prevention product line, showcasing the planned integration of the recently-acquired Recourse Technologies' multi-gigabit ManHunt and highly scalable Symantec Host Intrusion Detection 4.0.

David Sykes, Director of North Asia at Symantec, said customers have outlined two key elements they need; intrusion prevention in addition to protection, and the ability to detect network intrusions at multi-gigabit speed. "The recent acquisition of Recourse Technologies and the inclusion of the award-winning ManHunt network IDS (Intrusion Detection Systems) clearly positions Symantec to deliver on both, and establishes clear leadership in the intrusion detection and prevention segment of the enterprise security market," he said.

According to a Gartner Dataquest report* , Symantec achieved the largest growth rate in the intrusion detection market, the fastest growing segment of the security software industry worldwide, at 167 percent.

Intrusion detection and intrusion prevention technologies deliver unique strengths and advantages, and are complementary in providing robust protection for enterprise networks. Depending on the sensitivity of protected information, required level of security and other factors, enterprises may decide to deploy either intrusion detection, intrusion prevention, or a combination of both.

Symantec ManHunt is an advanced network-based IDS solution that provides protocol anomaly detection for known and unknown or "zero day" attacks, signature detection with custom signature support, and behavioral anomaly analysis or statistical flow analysis intrusion detection for denial of service attacks, at speeds of up to 2 gigabits per second, dependent upon system configuration.

Symantec Host IDS provides real-time monitoring and detection of and response to security breaches. As a complement to firewalls and other access controls, it enables administrators to develop rules and actions to stop hackers or authorized users with malicious intent from misusing systems.

Symantec is planning to enhance the existing intrusion prevention capabilities of its Symantec Gateway Security and Symantec Client Security products by integrating ManHunt to provide advanced high-speed protocol anomaly intrusion detection.

The integration of ManHunt and Symantec Host IDS to be completed later will provide better recognition and response to attacks by correlating IDS data from both the host and the network.

Key Symantec Intrusion Detection Product Features
Symantec ManHunt

  • Multi-gigabit support and ultra high-speed detection at speeds of up to 2.0 Gbps, dependent upon system configuration
  • "Zero-day" attack support through advanced Protocol Anomaly Detection
  • Layered security through built-in hybrid detection sensors including Protocol Anomaly Detection, Evasion sensing, Misuse detection and Traffic Rate monitoring
  • Support for custom signature creation using Snort formatted rules
  • Ability to track attack migration from compromised systems by analysing flow statistics from sensors, switches and layer 2 routing devices
  • Enterprise-wide event correlation and analysis
  • Enhanced drill-down analysis with full packet capture
  • Enhanced reporting capabilities including pre-packaged and customisable charts and graphs

Symantec Host Intrusion Detection System 4.0

  • Real-time monitoring to detect and respond to security breaches and other unauthorised activities
  • Enables the creation of customisable intrusion detection policies and responses
  • Provides powerful centralised management tools that simplify the monitoring and enforcement of network-wide intrusion detection security policies
  • Provides audit data for incident and forensic analyses and generates graphical reports of intrusion detection activity
  • Offers superior protection of information assets with a complete library of intrusion detection signatures and timely updates delivered from Symantec Security Response via LiveUpdate™ integration

Symantec ManTrap Technology

  • Symantec ManTrap is a "honeypot"-based intrusion detection technology that complements the layered approach to enterprise security by providing an early warning for unauthorized access and misuse detection. It provides an effective detection and deterrent solution for the most critical servers.
  • It provides real-time detection of known and novel attacks on both host and network-based services. Because it's a deception-based intrusion detection system, all activity directed toward Symantec ManTrap is immediately suspicious.
  • This instant detection eliminates many of the problems that plague other systems. It detects intrusions from internal and external sources in real time while eliminating the confusion and time penalties generated by too many false positives.

Availability
Symantec ManHunt, Symantec ManTrap and Symantec Host IDS 4.0 are currently available.

Symantec Enterprise Security
Symantec ManHunt, Symantec ManTrap and Symantec Host IDS are important components of Symantec Enterprise Security, which provides any size organisation with the technology, global response and services necessary to manage its information security. Symantec's comprehensive solution offers best-of-breed products to protect gateways, servers, and clients with firewall security, intrusion detection, vulnerability management, virtual private networking (VPN) and virus protection. Customers benefit from Symantec's global network of researchers that provide customers with around-the-clock, immediate response to any new security-related attacks. Symantec Enterprise Security customers are also supported by one of the largest professional security organisations in the world, offering security consulting, security education and managed security services. For more information, please visit Symantec's enterprise Web site at http://enterprisesecurity.symantec.com.

About Symantec
Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, virus protection, remote management technologies and security services to enterprises and service providers around the world. Symantec's Norton brand of consumer security products is a leader in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 38 countries. For more information, please visit www.symantec.com.

* Gartner Dataquest Inc: "2001 Security Software Market Share", C. Graham, October 29, 2002