ISS Protects E-Business with Advanced Intrusion Detection Solution, Ships New Version of RealSecure.
Industry-First Integrated Policy Management Capabilities Provide
Tunable Threat Management System Empowering Customers to Control
E-Commerce Security Risks
Internet Security Systems (ISS)(Nasdaq: ISSX) today extended its leading role in e-business risk management with the availability of a new version of RealSecure(TM) for enterprise-wide information protection. As a critical element of the company's focused e-security solutions, RealSecure provides customers with the industry's most powerful and effective system for identifying and stopping "hackers" from obtaining unauthorized access to e-commerce applications and internal networks.
"ISS' intrusion detection system is a vital component of e-business, ensuring the data integrity and availability critical to organizations' e-commerce and computing infrastructures," said Tom Noonan, president and chief executive officer, ISS. "As security threats continue to mount daily, ISS' established best-of-breed technology and expertise ensures that our customers' online assets are safeguarded with the leading suite of solutions for around-the-clock information protection."
Mark Wood, director of ISS' RealSecure product line, added, "E-business requires organizations to open up their networks and with RealSecure this can be done with confidence. A state-of-the-art system, RealSecure provides immediate and ongoing security performance feedback, protecting customers e-business investments. With RealSecure, ISS is offering customers a superior solution - the Total Surveillance Architecture - with different types of integrated intrusion detection components, and advanced policy management and monitoring capabilities."
As a pioneer in information risk management, ISS is the first company to provide an integrated network and host-based intrusion detection system for complete enterprise security surveillance. An ISS SAFEsuite(R) solution, RealSecure combines with ISS' leading network, system and database security scanning technology and decision support functionality to formulate a critical information risk management platform for measuring and controlling e-security risks.
Like a 24-hour security camera, RealSecure automatically detects and responds to unauthorized network and computer systems activity. RealSecure identifies intrusions and responds in real-time by recording the activity, sending instantaneous e-mail or pager alarms, reconfiguring network devices such as firewalls, and terminating the unauthorized connection. RealSecure goes beyond traditional "perimeter" security with pervasive monitoring of an entire global enterprise, providing critical protection from both external and internal security breaches.
The release of RealSecure 3.1 is the first deliverable of the Total Surveillance Architecture announced on June 14. ISS' Total Surveillance Architecture pioneers the use of Micro Agents, Fusion Technology and Global Threat Controller technology components to meet customer's diverse and evolving information protection needs. Total Surveillance provides a comprehensive e-business system that meets the challenges of switched, high speed and encrypted networks with an integrated mix of attack recognition and policy management technologies.
RealSecure 3.1 includes enhancements to each of the product's components: RealSecure Detectors and RealSecure Managers. RealSecure Detectors, intelligent "sensors" designed to operate at strategic locations throughout an enterprise, include RealSecure Network Engines (network-based intrusion detection) and RealSecure System Agents (host-based intrusion detection) for total enterprise security surveillance. RealSecure Network Engines monitor network traffic in real-time for signs of suspicious activity and attacks. RealSecure System Agents go beyond traditional host-based detection to monitor key system files and silent communication ports in addition to operating system log files for malicious behavior and attack confirmation. RealSecure Managers enable customers to centrally manage RealSecure Network Engines and System Agents, providing automatic collection of security data from detection points throughout the enterprise.
Industry's First Integrated Policy Management System
ISS enables organizations to customize RealSecure based on their unique computing environments to more accurately automate security policy compliance and receive immediate and ongoing feedback on their security posture. RealSecure 3.1 includes:
-- User-Defined Attack Signatures
RealSecure 3.1 brings added security intelligence to intrusion
detection, giving customers the ability to develop and add their
own specific detection methods or "attack signatures" to monitor
for specific activity patterns such as, access to confidential
-- Advanced Security Policy Editing
RealSecure 3.1 includes innovative security policy editing
capabilities, allowing customers to easily designate and manage
risk components made up of specific groups of attack signatures.
Using attack signatures developed for the protection of their
unique network makeup, customers can more effectively protect
online information. Customers can continually evolve their
security policies with RealSecure's new, advanced options for
viewing threat data including both a hierarchical tree structure
and spread sheet-like layout for fast and easy policy
configuration. Easy to access online help information enables
customers to automatically leverage ISS expertise and attack
signature definitions when editing their policies.
-- Asset Management and Organization
The RealSecure Management console now maintains a database of
customers' unique network assets and uses this knowledge to
define all machines on an enterprise network and organize them
into groups. RealSecure then utilizes this information to more
easily and effectively edit security policies.
-- Expert Response Tuning and Global Management
Customers can now easily customize RealSecure responses based on
several parameters, including source and destination IP address,
port and flooding thresholds. These advanced options extend the
use of intrusion detection in an enterprise environment by
allowing customers to designate notification and response options
for specific security events. In addition, customers can utilize
new global and local detector response options for added security
control and flexibility across distributed threat management
-- Self Monitoring Integrity Assurance
RealSecure's new Detector Health Alerts automatically inform
customers of status or performance changes to RealSecure Network
Engines across the enterprise. For example, an administrator is
alerted if an engine detects a potential problem. Detector Alerts
also enable customers to track overall intrusion detection
configurations such as, if a detector is stopped, started, or if
a new security policy is applied.
-- Increased Platform Support
RealSecure 3.1 Network Engines now support Solaris 7 in addition
to support for Windows NT, Solaris SPARC and Solaris X86.
Protection from Latest E-Security Threats
-- New Attack Signatures
RealSecure 3.1 includes significant new attack signatures
providing protection from the latest security threats. These
include countermeasures for the latest backdoor or trojan horses
programs such as NetBus 2.0. HTTP-related threats as well as
specific detection methods to guard against password changes and
unauthorized system monitoring. RealSecure 3.1 also adds
detection of Cisco Catalyst switch denial of service attacks and
Nmap stealth port scans. ISS' X-Force, a leading security
research team, uncovers and analyzes the latest security threats
and vulnerabilities, ensuring that ISS customers are protected
from these risks with the latest countermeasures.
Expanded Integration with CheckPoint FireWall-1
-- Increased Firewall Response Options
RealSecure 3.1 includes new advanced firewall responses to
RealSecure detected intrusions. This extends ISS' ability to
reconfigure CheckPoint FireWall-1 by providing for more granular
control as well as global reconfiguration options.
Pricing and Availability
RealSecure 3.1 is available now. RealSecure pricing is based on a number of scalable, integrated components and the size of a customer's protected network. The suggested list price for RealSecure Network Engines is US$8995 for a single perpetual license and US$750 for RealSecure System Agents for a single perpetual license.
ISS leads the market as the source for e-business risk management solutions, serving as a trusted security provider to 21of the 25 largest U.S. commercial banks and more than 35 government agencies. With its Adaptive Security Management approach, ISS enables information protection and continuous security improvement within Intranet, extranet and electronic commerce environments. Its award-winning SAFEsuite(R) product line is vital for protection in today's world of global connectivity, enabling organizations to proactively monitor, detect and respond to vulnerabilities and threats to enterprise information. Founded in 1994, ISS is headquartered in Atlanta, GA with additional offices throughout the U.S. and international operations in Belgium, France, Germany, Japan, Latin America and the UK. For more information, visit the ISS Web site at www.iss.net or call 800-776-2362.
NOTE TO EDITORS: This release, other than historical information, includes forward-looking statements made pursuant to the "safe harbor" provisions of the Private Securities Litigation Reform Act of 1995. The risks and uncertainties which could cause actual results to differ materially from those in the forward-looking statements include, but are not limited to, the following: the level of demand for the Company's products; the volume and timing of orders; product and price competition; the Company's ability to expand its domestic and international sales and marketing organizations; the Company's ability to develop new and enhanced products; the Company's ability to attract and retain key personnel; the mix of distribution channels through which the Company's products are sold; the growth in the acceptance and use of the Internet and of private Internet-protocol networks or "intranets"; the extent to which unauthorized access and use of online information is perceived as a threat to network security; customer budgets; the assertion of infringement claims with respect to the Company's intellectual property; seasonal trends in customer purchasing; foreign currency exchange rates; general economic factors; and risks concerning the rapid change of technology. These risks and others are discussed in the Company's periodic filings with the Securities and Exchange Commission. These filings can be obtained either by contacting ISS Investor Relations or through the Securities and Exchange Commission's Web site at "http://www.sec.gov".
Internet Security Systems, RealSecure and SAFEsuite are trademarks of Internet Security Systems, Inc. All other companies and products mentioned are trademarks and property of their respective owners.