MOUNTAIN VIEW, Calif., July 15, 2002 - Securify, Inc., a pioneer and leader in network security policy solutions, today introduced Securify SecurVantage™, the first automated network security management system for ensuring that complex, dynamic enterprise networks are achieving the desired level of security, while meeting business requirements. With SecurVantage™, security architects are assured their security policies are in effect across the network, network administrators can easily confirm their security implementations are correct, and business managers have confidence their business practices are being effectively executed and they are getting a return on their security investments.

The SecurVantage™ product line offers businesses a new, automated approach to security management that makes it affordable and practical to continually verify the security of their networks as they communicate and share critical business information with employees, partners, suppliers and customers. Security professionals first use SecurVantage to establish a policy that proscribes what constitutes "correct" or appropriate network behavior from a business requirements perspective. SecurVantage then monitors, in real time, the interaction of network and application security components by continuously processing all network traffic against the policy to ensure enterprise network security. "Incorrect" and inappropriate traffic from the Internet and within the corporate network, as well as expected but untrustworthy traffic, is then quickly and clearly identified for the security professional so that he/she may take proactive steps to act or remediate security problems.

"Proper border device configuration and verification at regular intervals is the best way to ensure that network traffic is acceptable to security requirements and meets business requirements," said John Pescatore, vice president and research director, Gartner, Inc. "Automating the network monitoring and analysis process takes network security management to the next level, making it practical to perform on an ongoing basis, and transforming it from a reactive to a proactive activity."

"Despite greater spending on security, the rate of security breaches continues to increase as networks become more complex and the boundaries between 'inside' and 'outside' the enterprise network vanish, rendering traditional approaches inadequate," said Mark Hangen, president and CEO of Securify. "Securify is taking a new approach, one based on business requirements coupled with continuous, direct observation and analysis, and made practical through automation. This results in the most effective security management solution for today's complex, dynamic network environments."

The SecurVantage solution provides detailed information on all aspects of network security, including network topology, applications and services for logical network groups and asset vulnerabilities. Additionally, trend reports based upon policy violations can assess specific areas of network operation. These reports include violation trends by host group; total traffic and violations by type of service; device configuration status; access procedure compliance; service status by host group; and quality of service for encryption and password strength.

The heart of Securify SecurVantage™ is the patent-pending Securify policy specification, which offers an unparalleled combination of granularity and control that sets SecurVantage apart from other currently available products. Unique in the industry, this policy specification enables customers to create a formal set of requirements - a "policy" describing the allowable behavior of the network - based on corporate security policy and business practices. Using these requirements, SecurVantage continuously evaluates, in real time, the packets moving across the network at all levels of the protocol stack, and makes decisions as to whether or not the traffic is consistent with the customer-defined policy. This information is then clearly presented in a Web-based analysis environment in a format specific to the business.

Requirements can be general and applied throughout the OSI protocol stack, authored for multiple IP addresses or applied to one specific network address. A high-level requirement can specify things such as network topology and allowed IP level traffic, while a detailed requirement can specify the exact http requests allowed into a Web server or the behavior that a management protocol should exhibit on a network.

SecurVantage Components

Securify SecurVantage consists of Securify SecurVantage Studio, the policy development and analysis environment; Securify SecurVantage Monitor, the monitoring and evaluation system; and Securify SecurVantage Enterprise, the aggregation system that allows customers to analyze data across the enterprise.

With SecurVantage Studio, security architects can quickly specify security- relevant aspects of their network topology, generate the formal policy specification, analyze the results through an intuitive interface, and associate actions and owners with policy violations. The graphical environment makes it easy to define network objects such as routers and firewalls, and even describe quickly entire subnets.

The SecurVantage Monitor resides within the customer network where it collects network traffic in real-time, extracts security relevant information, and evaluates that information against the policy specification. The system generates alerts based upon criticality, and provides highly relevant data for real-time analysis. SecurVantage Monitor integrates easily with any IP-based network at any point where it has visibility to protocols and traffic at multiple tiers within the network.

SecurVantage Enterprise enables customers to broadly scale network security management. The system provides a common operational picture across all monitoring points and policy domains. Multiple monitoring points in disparate physical locations may be aggregated to present a unified view of network activity. The system also produces standard reports on a daily, weekly and monthly basis with information specifically tailored for security analysts, network managers and business staff.

Availability and Pricing

SecurVantage is available now with prices starting at $50,000, depending upon network size and configuration. Please contact Securify for detailed pricing information.

About Securify, Inc.
Securify is a pioneer and leader in network security policy solutions. The company's flagship product line, Securify SecurVantage™, is an automated security system that enables customers to rapidly generate and deploy business-driven security policies, monitor networks for compliance in real time and respond proactively. This results in greater protection of network assets and significantly reduced costs. Securify is headquartered in Mountain View, California. For more information, please call (650) 812-9400 or visit the Securify web site at www.securify.com.

Securify SecurVantage™ and associated marks are registered trademarks of Securify, Inc. All other trademarks, service marks and company names are the property of their respective owners.