Symantec - asia pacific
 global sites
products
purchase
service and support
security updates
downloads
about symantec
search
feedback


© 1995-2006 Symantec Corporation.
All rights reserved.
Legal Notices
Privacy Policy
press centre

Symantec Unveils New Intrusion Detection and Prevention Solutions to Strengthen Enterprise Security Measures

Integration of Multi-Gigabit Network IDS and Highly Scalable Symantec Host IDS Catapults Symantec to Leadership Position

KUALA LUMPUR -- 19 November, 2002 - Symantec, the world leader in Internet security, today announced its comprehensive intrusion detection and prevention product line, and outlined the planned integration of the recently-acquired Recourse Technologies' multi-gigabit ManHunt and Symantec Host Intrusion Detection 4.0.

Intrusion detection and intrusion prevention technologies deliver unique strengths and advantages, and are complementary in providing robust protection for enterprise networks. Depending on the sensitivity of protected information, required level of security and other factors, enterprises may decide to deploy either intrusion detection, intrusion prevention, or a combination of both.

"Our customers have pointed out Intrusion prevention and the ability to detect intrusions at multi-gigabit speed networks as the two must have elements for the smooth running of their enterprises," said Ross Wilson, Senior Regional Director, SEA, Symantec. "The recent acquisition of Recourse Technologies and the inclusion of the award-winning ManHunt network IDS (Intrusion Detection System) clearly positions Symantec to deliver on both, and establishes clear leadership in the intrusion detection and prevention segment of the enterprise security market."

Symantec ManHunt is an advanced network-based IDS solution that provides protocol anomaly detection for known and unknown or "zero day" attacks, signature detection with custom signature support, and behavioural anomaly analysis or statistical flow analysis intrusion detection for denial of service attacks, at speeds of up to 2 gigabits per second, dependent upon system configuration.

Symantec Host IDS provides real-time monitoring and detection of and response to security breaches. As a complement to firewalls and other access controls, it enables administrators to develop rules and actions to stop hackers or authorized users with malicious intent from misusing systems.

Symantec delivers comprehensive intrusion detection and prevention across the Gateway, Server and Client to help organisations protect key information assets, improve IT staff productivity by efficient use of resources, and lower costs by significantly reducing the number of false positives and security outbreaks.

Symantec is planning to enhance the existing intrusion prevention capabilities of its Symantec Gateway Security and Symantec Client Security products by integrating ManHunt to provide advanced high-speed protocol anomaly intrusion detection.

The integration of ManHunt and Symantec Host IDS later this year will provide better recognition and response to attacks by correlating IDS data from both the host and the network.

Key Symantec Intrusion Detection Product Features

    Symantec ManHunt

  • Multi-gigabit support and ultra high-speed detection at speeds of up to 2.0 Gbps, dependent upon system configuration
  • "Zero-day" attack support through advanced Protocol Anomaly Detection
  • Layered security through built-in hybrid detection sensors including Protocol Anomaly Detection, Evasion sensing, Misuse detection and Traffic Rate monitoring
  • Support for custom signature creation using Snort formatted rules
  • Ability to track attack migration from compromised systems by analysing flow statistics from sensors, switches and layer 2 routing devices
  • Enterprise-wide event correlation and analysis
  • Enhanced drill-down analysis with full packet capture
  • Enhanced reporting capabilities including pre-packaged and customisable charts and graphs

    Symantec Host Intrusion Detection System 4.0

  • Real-time monitoring to detect and respond to security breaches and other unauthorised activities
  • Enables the creation of customisable intrusion detection policies and responses
  • Highly scalable and provides powerful centralised management tools that simplify the monitoring and enforcement of network-wide intrusion detection security policies
  • Provides audit data for incident and forensic analyses and generates graphical reports of intrusion detection activity
  • Offers superior protection of information assets with a complete library of intrusion detection signatures and timely updates delivered from Symantec Security Response via LiveUpdate™ integration

    Symantec ManTrap Technology

  • Symantec ManTrap is a "honeypot"-based intrusion detection technology that complements the layered approach to enterprise security by providing an early warning for unauthorized access and misuse detection. It provides an effective detection and deterrent solution for the most critical servers.
  • It provides real-time detection of known and novel attacks on both host and network-based services. Because it's a deception-based intrusion detection system, all activity directed toward Symantec ManTrap is immediately suspicious.
  • This instant detection eliminates many of the problems that plague other systems. It detects intrusions from internal and external sources in real time while eliminating the confusion and time penalties generated by too many false positives.

Availability
Symantec ManHunt and Symantec ManTrap is available now. Symantec Host IDS 4.0 will be available by the end of November. Organisations can be connected with Symantec resellers or distributors in their areas by visiting the Symantec Solution Provider locator at http://www.symantec.com/region/reg_ap/partners/

Symantec Enterprise Security
Symantec ManHunt, Symantec ManTrap and Symantec Host IDS are important components of Symantec Enterprise Security, which provides any size organisation with the technology, global response and services necessary to manage its information security. Symantec's comprehensive solution offers best-of-breed products to protect gateways, servers, and clients with firewall security, intrusion detection, vulnerability management, virtual private networking (VPN) and virus protection. Customers benefit from Symantec's global network of researchers that provide customers with around-the-clock, immediate response to any new security-related attacks. Symantec Enterprise Security customers are also supported by one of the largest professional security organisations in the world, offering security consulting, security education and managed security services. For more information, please visit Symantec's enterprise Web site at http://enterprisesecurity.symantec.com.

About Symantec
Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, virus protection, remote management technologies and security services to enterprises and service providers around the world. Symantec's Norton brand of consumer security products is a leader in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 38 countries. For more information, please visit www.symantec.com.