Sygate Announces Sygate Security Portal

Extends Enterprise Endpoint Security Across The Internet To Customers, Partners And Suppliers Enterprise Endpoint Security Leader Ensures the Integrity of Non-corporate Owned Equipment and Speeds Safe Deployment of Web-based Resources

FREMONT, Calif.-September 23, 2003-Sygate Technologies, the market leader of enterprise endpoint security solutions, announced today the release of Sygate Security Portal, a new product that extends policy enforcement and endpoint security measures to non-corporate owned devices across the value chain such as consultant or contractor equipment, employee home computers, and devices controlled by customers or business partners. Sygate Security Portal (SSP) allows companies with little control over non-corporate endpoints to ensure compliance with corporate security policy before allowing access to enterprise resources, enabling them to aggressively utilize web-based applications without compromising network integrity.

Sygate is the first to offer an integrated endpoint security solution for both corporate and non-corporate owned devices to prevent intrusions, enforce security policies, and protect confidential data. The company’s award-winning flagship product, Sygate Secure Enterprise (SSE), protects the integrity of enterprise networks by protecting all endpoints from compromise, preventing unsafe end-user behavior and eliminating unauthorized devices from enterprise networks. Now with SSP, companies can extend Sygate’s world-class protection to non-corporate owned equipment by verifying the security integrity of a device, creating an encrypted virtual desktop environment, and then erasing the data from the system upon termination of the session.

“Web-based applications offer many business advantages, but must be deployed responsibly and in a highly secure manner, otherwise the risks associated with sharing private and sensitive corporate information over the Internet outweigh the benefits,” said Kenneth Tyminski, CISO, Prudential Financial. “Ensuring the integrity of endpoints that are outside the control of the organization is one way to eliminate some of that risk, and to successfully implement those controls is an important step in creating the environment required to extend application access.”

“Extending access of web-based applications outside the organization introduces the potential for exposure from non-corporate owned devices, which can lead to numerous security breaches including financial fraud, password theft, and leakage of confidential information, as well as exposure to regulatory penalties,” said Zeus Kerravala, vice president of Enterprise Infrastructure for The Yankee Group. “Organizations that can effectively protect non-corporate equipment will be able to minimize network exposure and take full advantage of the productivity and economic benefits that web-based applications afford.”

“When customers use the award-winning Aventail EX-1500 SSL VPN appliance in conjunction with the new Sygate Security Portal, the combination is a manageable solution that ensures devices are compliant with corporate policy,” said Sarah Daniels, vice president of product management and marketing for Aventail Corporation. “This helps organizations increase control over all endpoint activity to further extend their networks to airport kiosks, wireless hot spots, employee-owned PCs, and PDAs. Aventail and Sygate, both Gartner Magic Quadrant leaders, share a history of innovation and focus on securing remote access from the riskiest endpoints on the Internet. We continue to drive the market with our best-of-breed partners, like Sygate, to deliver remote access solutions to our growing customer base.”

“As an existing Neoteris Technology Partner that has achieved certified interoperability, we applaud Sygate’s further movements to enforce security policies at remote endpoints,” said Jason Matlof, vice president of marketing and business development at Neoteris. “Sygate and Neoteris share the belief that lightweight client security enforcement capabilities have become increasingly important in the rapidly growing world of SSL-based secure access technologies. As the recognized market leader in the SSL VPN category, with the leading market share, we are pleased to be part of this announcement, and anticipate that the Sygate Security Portal will create further value for our joint customers in combination with the Neoteris Host Checker API.”

Sygate Security Portal – How it Works
Sygate Security Portal creates a downloadable plug-in, called Sygate Virtual Security Agent (SVSA) that works with existing web applications to determine whether the device is corporate owned and secured with Sygate Security Agent or non-corporate owned. SVSA then ensures that non-corporate owned devices accessing the systems are compliant with corporate security policy, eliminating the potential for them to be exploited as a back door for hackers, trojans or worms. The downloaded agent does not require administrative rights to operate and can be delivered dynamically in formats including Active X, Java, or an executable. For non-corporate owned devices that will access the device multiple times such as employee home computers, SVSA can be configured to remain installed with a password protected Virtual Desktop Environment and Encrypted Vault (see below). For non-corporate owned devices that will only be used to access the web application infrequently, SVSA can be configured to sanitize the device by removing all data from the Virtual Desktop and Encrypted Vault, removing all traces of the session and SVSA.

Endpoint Integrity Verification
When SVSA is initially delivered to the system, it will run Endpoint Integrity Verification to ensure that the system is secure before creating the Virtual Desktop and Encrypted Vault. The Endpoint Integrity Verification process checks a variety of security parameters defined on the SSP including that anti-virus software is running and up-to-date, a personal firewall is running, and that critical service packs and hot fixes are installed.

Virtual Desktop and Encrypted Vault
After the device has passed Endpoint Integrity Verification, SVSA creates and launches a Secure Virtual Desktop Environment. The Virtual Desktop enables users to download confidential data into an Encrypted Vault. The user can then use local applications to work on the downloaded data and upload the information back to the web application. If SVSA is configured to remain on the system, the Virtual Desktop and Encrypted Vault can be password protected

Data Sanitization
When the session is terminated or the configurable inactivity timeout period is met, SVSA will sanitize the system by removing all data that was downloaded or created in the Virtual Desktop Environment including file downloads, configuration changes, cached browser information, password entered, and auto-complete information. Essentially, the device will remove all traces of the session and SVSA.

Malicious Code Protection
Sygate Virtual Security Agent protects confidential information from malicious code by ensuring that anti-virus software, personal firewalls, service packs, and hotfixes are present before allowing the user to access information and encrypting all data that is downloaded. The Encrypted Vault and Endpoint Integrity Verification protects against malicious code such as key loggers, trojans, worms, and viruses.

Adaptive Policies
SVSA has the ability to transparently adapt policies based on identification of network locations and the type of network device (corporate owned vs. non-corporate owned) to ensure that all confidential data is appropriately protected while preserving user productivity.

“Sygate Security Portal (SSP) was developed in direct response to a requirement our customers have frequently requested – a secure means of providing much broader access to corporate resources,” said Bill Scull, senior vice president marketing, Sygate Technologies. “SSP enables safe application access to important constituents outside corporate walls, filling in another piece of the endpoint security puzzle, and ensuring compliance with corporate policy and best practices across both corporate and non-corporate owned equipment.”

Pricing and Availability
Typical customer deployments will range from $15,000 to $400,000 depending upon the deployment size and functionality required. The Sygate Security Portal will be generally available in 45 days.

About Sygate Technologies, Inc.
Sygate is the market leader of endpoint security solutions for the large enterprise. Using Sygate Secure Enterprise, the world’s largest enterprises protect their networks, enforce business policies, and automate security practices to regain control of network security, reduce costs, and ensure compliance across the organization. Partnerships with industry leaders, including Aventail, Neoteris, Netscreen, Nortel, Cisco, RSA, and iPass, enable Sygate’s technology to operate seamlessly across multiple platforms and applications. Sygate Technologies is a privately held company headquartered in Fremont, California. For more information, please visit www.sygate.com or call 866-308-8899.