NFR Security Achieves OSEC Verification with Perfect Score in Evasion Techniques; Company Continues to Demonstrate Technology Leadership Among Industry's Major IDS Vendors.Business Editors/High-Tech Writers ROCKVILLE, Md.--(BUSINESS WIRE)--May 14, 2003 NFR (Near Field Recording) See near field optics and Terastor. Security, Inc., a leading developer of Intrusion Management Solutions, today announced that it has passed all tests in the evasion techniques category of the prestigious Open Security Evaluation Criteria (OSEC OSEC Office of Sustainable Ecosystems and Communities (EPA) OSEC Ocean Systems Engineering Corporation OSEC On-Site-Electrolytic-Chlorination (Wallace & Tiernan) ) tests from Neohapsis. NFR's NID-310 and NID-320 were among a small group of industry-leading products that received perfect scores for this area. "In our extensive testing process, NFR Security successfully detected 100 percent of our attacks under the specified performance requirements," stated Greg Shipley, Chief Technology Officer of Neohapsis. "Time and again, accuracy and detection are listed as key customer requirements for enterprises looking at IDS solutions. Our tests show that NFR accurately detected critical attacks under varying traffic conditions per the OSEC NIDS See IDS. v1.0 criteria." OSEC is a framework for evaluating the security functionality of networked products. It is founded on the notion that product security evaluation criteria should be openly examinable, subject to critique and amendment, vendor and end-user input, and ultimately, become the product of community peer review. "NFR Security continues to demonstrate its leadership among the top IDS players, including Cisco, ISS ISS See Institutional Shareholder Services (ISS). and Symantec. We were very confident going into the Neohapsis test, knowing that our technology would successfully pass the rigorous procedures," stated Andre Yee, Chief Technology Officer and Vice President of NFR Security. "While many IDS vendors still haven't stepped up to the plate to participate in the Neohapsis tests, our results confirm that we are able to protect customers from the growing threat of sophisticated network attacks. The OSEC results demonstrate that NFR delivers the highest level of network protection among the industry's leading intrusion detection systems." NFR Security's NID-310 and NID-320 successfully passed the 33 tests included in the evasion portion of OSEC. Highlights from these test results include: -- Complex IP Fragmentation - NFR supports the five common variations of IP reassembly reassembly - segmentation . -- Delayed Injection - In the high-connection rate environment both the NID-310 and NID-320 successfully maintained state and detected subsequent attacks. -- HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. Obfuscation ob·fus·cate tr.v. ob·fus·cat·ed, ob·fus·cat·ing, ob·fus·cates 1. To make so confused or opaque as to be difficult to perceive or understand: "A great effort was made . . . - NFR successfully identified all URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. encoded attacks, the most popular attack detection evasions used against web servers. NFR NID NID Next ID NID Network Interface Device NID No I Don't NID Namespace Identifier NID National Intelligence Director NID New Iraqi Dinar NID No I Didn't NID Network Identification NID National Inventory of Dams NID NCVA is a network intrusion detection system A network intrusion detection system (NIDS) is an intrusion detection system that tries to detect malicious activity such as denial of service attacks, port scans or even attempts to crack into computers by monitoring network traffic. that unobtrusively monitors traffic in real time for suspicious activity misuse, abuse, attacks, anomalous behavior and previously undiscovered attacks. Powerful sensors capable of monitoring loaded GigE and 100Mbps circuits without packet loss perform highly accurate attack detection using advanced signature and stateful protocol anomaly analysis techniques. Unlike traditional pattern matching approaches for detecting hacker activity (aka "packet grepping"), NFR NID has an extensive knowledge base of the various ways vulnerabilities can be exploited and how protocols should behave. NFR NID examines activity against these rather than a simple fingerprint of a known exploit. This capability enables NFR to detect previously unknown attacks such as Code Red and Nimda. NFR NID also includes several response mechanisms that can be automatically activated depending on the alert and at the discretion of the administrator. These include resetting the TCP (1) (Transmission Control Protocol) The reliable transport protocol within the TCP/IP protocol suite. TCP ensures that all data arrive accurately and 100% intact at the other end. session, changing the firewall rules, alerting open management platforms such as IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) Tivoli and HP OpenView and sending SNMP (Simple Network Management Protocol) A widely used network monitoring and control protocol. Data are passed from SNMP agents, which are hardware and/or software processes reporting activity in each network device (hub, router, bridge, etc. traps. An advanced management console provides easy administration of distributed sensors, comprehensive alert management facilities and data forensics. About Neohapsis Founded in 1997, Neohapsis offers unparalleled expertise and insight in next generation security development and testing services. The company strives to elevate security from short-term, stopgap measures to ongoing strategic, business assurance initiatives. By maintaining this focus, Neohapsis offers a depth of knowledge and value beyond what is available in traditional lab or consulting service offerings. Neohapsis believes that better business assurance today means less disaster recovery tomorrow. Visit Neohapsis at www.neohapsis.com. About NFR Security Inc. NFR Security develops and markets a range of information security products that protect IT assets from external and internal attacks. NFR Security's solution monitors distributed resources and responds when suspicious activity is detected. It also provides powerful forensic investigation facilities for analysis and earlier detection of new threats. NFR Security operates worldwide via an extensive network of channel partners and direct sales. Customers include Fortune 1000, MSPs, ISPs, government, financial, healthcare and telecommunications organizations. The company is headquartered in Rockville, Maryland. Additional information about NFR Security can be found at www.nfr.com or by calling 1-800-234-4079. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion