Captus Announces Advanced Intrusion Detection Technology for Stopping Denial-of-Service Attacks While Sparing Legitimate High-Volume Network Traffic

LAS VEGAS–(BUSINESS WIRE)–May 7, 2001–

Traffic Limiting Intrusion Detection System Enables Service

Providers and Data Centers to Remain Operational During DoS Attacks

Captus Networks, the world leader in protecting against Denial of Service attacks, today announced a major software enhancement to its CaptIO(TM) family of network security solutions that greatly simplifies the task of systems administrators for ensuring the security and availability of their Internet networks.

With Captus’ new Traffic Limiting Intrusion Detection System (TLIDS(TM)), CaptIO devices now have a “fine grain” capability for distinguishing between legitimate high-volume network traffic and malicious DoS attacks that attempt to overwhelm network servers and other points of exposure with a flood of bogus network packets.

Integral to TLIDS is an advanced network traffic profiling capability that marks an important breakthrough in the network security marketplace. It makes the CaptIO family the only network security solution that effectively integrates a policy-based Intrusion Detection System (IDS) with adaptive firewall technology to enable service providers and data centers to keep servers and networks operational during malicious DoS attacks. Some companies attempt to integrate an IDS and a firewall to stop these attacks, but experience too many “false positives” making it impossible to automatically stop true attacks. As a result, a network administrator must investigate each alarm to ensure that it is not a false alarm, but an actual DoS attack.

False positives are costly for companies. The CaptIO device eliminates the false positives caused when high levels of legitimate traffic are mistaken as a DoS attack through flexible TLIDS policies.

“Our new Traffic Limiting Intrusion Detection System enables network administrators to get the most out of their CaptIO investment by giving them the industry’s leading implementation of integrated IDS and firewall technology for protecting their networks against DoS attacks,” said Richard Helgeson, CEO and president of Captus Networks. “The addition of TLIDS further helps service providers ensure continuous availability of services to meet service level agreements and protect the brand image of their customers.”

Network Traffic Profiling Enables Sophisticated Policies Defining

Allowable Traffic

At the heart of the TLIDS feature is an advanced network traffic profiling capability for use in identifying DoS attacks. This enables network administrators using the CaptIO to establish individual policies using parameters such as data traffic thresholds and transfer protocols, as well as source and destination Internet Protocol (IP) addresses and ports. Network administrators using a CaptIO device can now also create sophisticated policies with multiple parameters for defining allowable traffic. These policies can describe both aggregate traffic as well as specific application traffic such as File Transfer Protocol (FTP) for file transfers, Hypertext Transfer Protocol (HTTP) for accessing Web pages, and streaming media formats. The CaptIO device dynamically applies and removes policies to ensure that services remain operating throughout an active attack.

Captus’ profiling technology, called TRaP Technology(TM) for Traffic Restriction and Profiling, can be used by network administrators not only to eliminate false positive notifications for a DoS attack, but also to create policies that optimize network services for users. For example, a policy can limit the bandwidth available on a network for Napster-type traffic from a particular source or to a particular destination. Flexible policies can also be established for allocating more or less bandwidth on the fly to a particular type of traffic as those traffic volumes increase or decrease.

“There are many possibilities for managing network traffic using our Traffic Restriction and Profiling technology, Helgeson said. “Network administrators now have a powerful set of controls for defining acceptable levels of network usage — for example, ensuring that mission-critical traffic between specific sources and destinations is never delayed due to heavy traffic involving lower-priority users, addresses, and traffic types.”

Availability

The Traffic Limiting Intrusion Detection System is now available as a standard feature on all CaptIO devices, and as an upgrade at no cost for current Captus customers.

About the CaptIO family

Unique in the network security device marketplace, the family of CaptIO network security devices can identify and immediately stop Denial of Service (DoS) and Distributed DoS (DDoS) attacks that originate from outside or inside a network, without disrupting legitimate traffic.

The DoS attacks that Captus products defend against are becoming increasingly common — and devastating. They can shut down a service provider or e-business Web site by making it impossible to respond to legitimate users. DoS attacks have been much in the news — since the beginning of 2000, they have disrupted several of the largest sites on the Internet, including Yahoo!, eBay, E*Trade, Amazon.com, Microsoft, and CNN.com.

The CaptIO devices use proprietary and patent-pending technology to identify and stop DoS attacks within seconds of detection, without disrupting legitimate network traffic. As a result, Captus customers have a world-class security solution for creating a secure, highly available network that can mean the difference between their success and failure as e-business companies.

Captus Networks

Captus Networks Corp. is an innovative, privately held company that designs, manufactures and markets integrated hardware and software security devices. As the leader in Denial of Service prevention, Captus Networks’ vision is to be the preeminent supplier of high performance, network security devices and services for the e-business marketplace. The company’s executive offices are located in Woodland, Calif., near Sacramento. Captus Networks is funded by leading venture capital firms such as GMS Capital Partners, L.P. and St. Paul Venture Capital. Captus Networks can be contacted on the World Wide Web at www.captusnetworks.com or by calling (877) 9-CAPTUS.

CaptIO, TLIDS and TRaP Technology are trademarks of Captus Networks. All other company and product names may be trademarks of the company with which they are associated.