iPass Policy Orchestration Automates Continuous Endpoint Security

REDWOOD SHORES, Calif., – 15th November, 2004 – iPass Inc. (NASDAQ: IPAS) today announced the first new service based on its Policy Orchestration initiative, an enhanced version of the iPass Endpoint Policy Management service. Making good on a promise to deliver a Policy Orchestration service to customers by the end of 2004, Endpoint Policy Management now fully integrates patch management, assessment and remediation of remote and mobile computers into the iPass secure connectivity platform. These integrated capabilities can protect remote and mobile computers without requiring them to connect to the corporate network. The new Policy Orchestration version of Endpoint Policy Management replaces the previous release and is available immediately for enterprises.

Endpoint Policy Management mitigates the risks posed by a persistent environment of virus and worm attacks that have cost enterprises billions of dollars in lost productivity since the summer of 2003. The service works to ensure that devices accessing the Internet are running up-to-date and properly configured security and operating system software without adding any additional steps or complexities for the end-user. By keeping the end-user experience very simple, this iPass service better ensures that remote and mobile computers remain “trusted” devices – known to the IT department and protected against viruses and worms.

“Mobility services are increasing the quantity of valuable data kept outside of the corporate network on the computers of remote and mobile employees,” says Jon Russo, vice president of marketing at iPass. “Remote and mobile devices are most vulnerable when they are out “in the wild.’ It’s not enough to offer protection for endpoint devices only when they come back to the corporate network; some devices may not come back to the corporate network. Endpoint Policy Management works to protect endpoints every time they access the Internet.”

When a user connects to the Internet, the Endpoint Policy Management service identifies whether a computer requires any operating system patches or anti-virus definition and signature file updates (assessment). Required updates are automatically downloaded and installed via the iPassConnectTM client software (remediation). These patch management, assessment and remediation steps take place immediately after the connection to the Internet and continuously throughout the session. This automated process ensures that the end-user experiences minimal disruption and can quickly connect to the Internet without risking future infections to the computer or the corporate network. This integrated approach allows the IT manager to protect the corporate network and data without impacting user productivity.

The new Policy Orchestration version of Endpoint Policy Management offers customers the following benefits:

” Protection and productivity. Enables the IT department to easily and quickly deploy the most current security updates and operating system patches, thereby maintaining the ability for employees to safely access the corporate network while away from the office.

” Control without complexity. Simplifies IT operations through a suite of Web-based tools to set policies for users, devices and locations, and deploys and maintains policy configurations as well as monitors end-user policy compliance.

” Universal coverage from one provider. Provides unified global coverage and device protection over the world’s largest virtual network built specifically for the enterprise, spanning more than 150 countries and including dial-up, Ethernet, Wi-Fi, 2.5G and 3G wireless services. The service also integrates easily with private, corporate and home networks.

Endpoint Policy Management is based on technology developed by iPass and the recently acquired Mobile Automation. Additional patch management technology is licensed from Shavlik Technologies, the recognised industry leader in security patch management for Windows environments. For more information on the Mobile Automation acquisition visit: www.ipass.com/pressroom/pressroom_releases.html?rid=126.

“Security threats have IT departments scrambling to find the right balance between keeping remote employees productive and protecting corporate data,” adds Russo. “IT directors tell iPass that the array of available solutions forces them into unwanted compromises in order to provide mobile connectivity for their users. Integrated iPass global connectivity and security services protect corporate assets from the moment users access the Internet, no longer forcing a company to compromise between workforce productivity and IT resources.”

iPass Policy Orchestration is a layer of software intelligence built into the iPass connectivity platform that enables iPass services to control and enforce the use of enterprise policy-based security systems. The Policy Orchestration initiative works to close gaps between security services by ensuring the proper sequencing and operation of third-party software and extending protection to the point of Internet logon. Services based on Policy Orchestration leverage the iPass secure connectivity platform, the iPass global virtual network and integrated solutions from leading third-party vendors.

About iPass
iPass Inc. (NASDAQ: IPAS) delivers simple, secure and manageable enterprise mobility services, maximising the productivity of workers as they move between office, home and remote locations. iPass security services – based on unique Policy Orchestration capabilities – close the gaps in protecting computers, network assets, user identities and data whenever users connect over the Internet. iPass connectivity services utilise the iPass global virtual network, a unified network of hundreds of dial-up wireless, and broadband providers in over 150 countries. iPass services are the choice of hundreds of Global 2000 corporations including Sony, Fujitsu Services, HSBC and Reed Elsevier. Founded in 1996, iPass is headquartered in Redwood Shores, Calif., with offices throughout North America, Europe and Asia Pacific. For more information visit www.ipass.com.

iPass® is a registered trademark of iPass Inc.

The statements in this press release relating to the potential benefits to be obtained by using the Endpoint Policy Management service are forward-looking statements that are subject to risks and uncertainties that could cause results to be materially different than expectations. Such risks and uncertainties include, but are not limited to: the risk that despite the use of the Endpoint Policy Management service security breaches may still occur by innovative hackers that develop new methods of avoiding security software; the risk that an interruption of the remediation process may prevent critical updates from being properly installed; the risk that new viruses or worms may infect endpoint devices before third-party anti-virus and operating system patch vendors create necessary updates for downloading through Endpoint Policy Management; and the risk that the rate of adoption by enterprises of network security software or integrated secure connectivity solutions will not be as iPass anticipates, which if slow would reduce or eliminate the purchase of this anticipated new product. Detailed information about other potential factors that could affect iPass’ business, financial condition and results of operations is included in the Company’s Quarterly Report on Form 10-Q under the caption “Factors Affecting Operating Results” in “Management’s Discussion and Analysis of Financial Conditions and Results of Operations,” filed with the Securities and Exchange Commission (the “SEC”) on October 26, 2004 and available at the SEC’s website at www.sec.gov. iPass assumes no obligations to update the information in this press release.