Press Release

LinkedIn Facebook Twitter RSS

Symantec Unveils New Intrusion Detection and Prevention Solutions

Integration of Multi-Gigabit Network IDS And Highly Scalable Symantec Host IDS Catapults Symantec to Leadership Position

CUPERTINO, Calif. – Sept. 23, 2002 - Symantec Corp. (NASDAQ: SYMC), the world leader in Internet security, today unveiled its comprehensive intrusion detection and prevention product line showcasing the planned integration of recently-acquired Recourse Technologies’ multi-gigabit ManHunt and highly scalable Symantec Host Intrusion Detection 4.0.

"Our customers have told us that the two key elements they need are the ability to detect intrusions at multi-gigabit speed networks and deliver intrusion prevention," said Gail Hamilton, executive vice president, Symantec Corp. "The recent acquisition of Recourse Technologies and the inclusion of the award-winning ManHunt network IDS clearly positions Symantec to deliver on both, and establish clear leadership in the intrusion detection and prevention segment of the enterprise security market."

Intrusion detection and intrusion prevention technologies deliver unique strengths and advantages, and are complementary in providing robust protection for enterprise networks. Depending on the sensitivity of protected information, required level of security and other factors, enterprises may decide to deploy either intrusion detection, intrusion prevention, or a combination of both.

Symantec delivers comprehensive intrusion detection and prevention across the Gateway, Server and Client to help organizations protect key information assets, improve IT staff productivity by efficient use of resources, and lower costs by significantly reducing the number of false positives and security outbreaks.

Symantec is planning to enhance the existing intrusion prevention capabilities of its Symantec Gateway Security and Symantec Client Security products by integrating ManHunt to provide advanced high-speed protocol anomaly intrusion detection.

The integration of ManHunt and Symantec Host IDS, slated to be available in the December quarter, will provide better recognition and response to attacks by correlating IDS data from both the host and the network.

About Symantec ManHunt
Symantec’s new ManHunt product is an advanced network-based IDS solution that provides protocol anomaly detection for known and unknown or "zero day" attacks, signature detection with custom signature support, and behavioral anomaly analysis or statistical flow analysis intrusion detection for denial of service attacks, at speeds of up to 2 gigabits per second, dependent upon system configuration.

In addition, ManHunt goes beyond passive incident identification and alerting to actively defend the network. ManHunt can contain the attack in real time and initiate other automated actions required for incident response. Customized policies provide immediate response to intrusions or denial of service attacks based on the type of incident and the location of the event within the network. Session termination, FlowChaser technology (which traces attacks back to their ingress point), quality of service filters, traffic recording and handoff responses may be combined to protect the most critical enterprise assets. ManHunt allows customers to quickly and accurately identify and respond to attacks, defending against intrusions and protecting against damage associated with such attacks.

About Symantec Host IDS
Symantec Host IDS, which is expected to be available in October, provides real-time monitoring and detection of and response to security breaches. As a complement to firewalls and other access controls, it enables administrators to develop rules and actions to stop hackers or authorized users with malicious intent from misusing systems.

Through its centralized management console, administrators can create and deploy monitoring and response policies, collect and archive audit logs for incident analysis and reporting, and automatically receive the latest intrusion signatures via LiveUpdate integration. If systems are threatened, Symantec Host IDS will notify administrators with an alarm and take countermeasures according to pre-established security policies to prevent the loss or theft of information.

Further, Symantec Host IDS is highly scalable and easily managed from a single administrative console. Administrative wizards perform many routine tasks and silent installation and remote tune-up capabilities, making it easy to deploy and maintain across the network. It includes specialized software agents to support server platforms running Windows 2000 and can be configured to monitor Web or database applications running on Windows 2000 servers.

About Symantec ManTrap Technology
Symantec’s new ManTrap is a "honeypot"-based intrusion detection technology that complements the layered approach to enterprise security by providing an early warning for unauthorized access and misuse detection.

Key Symantec Intrusion Detection Product Features
Symantec ManHunt

  • Multi-gigabit support and ultra high-speed detection at speeds of up to 2.0 Gbps, dependent upon system configuration
  • "Zero-day" attack support through advanced Protocol Anomaly Detection
  • Layered security through built-in hybrid detection sensors including Protocol Anomaly Detection, Evasion sensing, Misuse detection and Traffic Rate monitoring
  • Support for custom signature creation using Snort formatted rules
  • Ability to track attack migration from compromised systems by analyzing flow statistics from sensors, switches and layer 2 routing devices
  • Enterprise-wide event correlation and analysis
  • Enhanced drill-down analysis with full packet capture
  • Enhanced reporting capabilities including pre-packaged and customizable charts and graphs

Symantec Host Intrusion Detection System 4.0

  • Real-time monitoring to detect and respond to security breaches and other unauthorized activities
  • Enables the creation of customizable intrusion detection policies and responses
  • Provides powerful centralized management tools that simplify the monitoring and enforcement of network-wide intrusion detection security policies
  • Provides audit data for incident and forensic analyses and generates graphical reports of intrusion detection activity
  • Offers superior protection of information assets with a complete library of intrusion detection signatures and timely updates delivered from Symantec Security Response via LiveUpdate™ integration

Symantec ManHunt and Symantec ManTrap are currently available. Symantec Host IDS 4.0 is scheduled to be available by mid-October. Organizations can be connected with Symantec resellers or distributors in their areas by visiting the Symantec Solution Provider locator at http://www.symantec.com/partners/partners_frames.html.

Symantec Enterprise Security
Symantec ManHunt, Symantec ManTrap and Symantec Host IDS are important components of Symantec Enterprise Security, which provides any size organization with the technology, global response and services necessary to manage its information security. Symantec's comprehensive solution offers best-of-breed products to protect gateways, servers, and clients with firewall security, intrusion detection, vulnerability management, virtual private networking (VPN) and virus protection. Customers benefit from Symantec's global network of researchers that provide customers with around-the-clock, immediate response to any new security-related attacks. Symantec Enterprise Security customers are also supported by one of the largest professional security organizations in the world, offering security consulting, security education and managed security services. For more information, please visit Symantec's enterprise Web site at http://enterprisesecurity.symantec.com.

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.

NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.

FORWARD LOOKING STATEMENT: This press release contains forward-looking statements, including forecasts of future revenue and earnings per share, expected industry patterns, and other financial and business results that involve known and unknown risks, uncertainties and other factors that may cause our actual results, levels of activity, performance or achievements to differ materially from results expressed or implied by this press release. Such risk factors include, among others: the sustainability of recent growth rates, particularly in consumer products; whether certain market segments, particularly enterprise security, grow as anticipated; the positioning of Symantec's products in those segments; the competitive environment in the software industry; ability to integrate acquired companies and technology; ability to retain key employees; ability to successfully combine product offerings and customer acceptance of combined products; general market conditions, fluctuations in currency exchange rates, changes to operating systems and product strategy by vendors of operating systems; and whether Symantec can successfully develop new products and the degree to which these gain market acceptance. Actual results may differ materially from those contained in the forward-looking statements in this press release. Additional information concerning these and other risk factors is contained in the Risk Factors sections of Symantec’s previously filed Form 10-K and Form 10-Q.