SSH Tectia Now The Leading FIPS 140-2 Compliant Secure Shell Solution

HELSINKI, Finland and LOS ALTOS, Calif. – Nov. 22, 2004 – SSH Communications Security (HEX:SSH1V), a world-leading developer of managed security middleware, today announced that it has added support for Red Hat Enterprise Linux V2.1 and V3.0, Solaris 9, Windows 2000 and Windows 2003 Server to its FIPS 140-2 certified encryption module used in its SSH Tectia(TM) client/server solution. These added platforms make SSH Tectia the leading heterogeneous FIPS supported Secure Shell solution available today. SSH Tectia is an enterprise class suite of security solutions based on SSH’s industry leading technologies.

The Cryptographic Module Validation Program (CMVP) of the National Institute of Standards and Technology (NIST) provides specifications for software and hardware products that employ cryptographic algorithms, cryptographic key generation and distribution techniques. Encryption techniques that are Federal Information Processing Standards (FIPS) 140-2 approved are certified for protecting Federal Government sensitive but unclassified information. Vendor products are tested for compliance to these specifications by NIST-approved testing laboratories. In accordance with the NIST certification guidelines, the SSH cryptographic module has been certified at Level 1, which defines software cryptographic functions to be performed in a general purpose PC without any additional hardware security mechanisms.

“Adding these new platforms to our already extensive list that includes Windows XP, HP-UX 11i, Sun Solaris 8 and IBM AIX 4.3.3 means SSH Tectia client/server is supported on virtually every significant commercial platform,” said George Adams, president and CEO of SSH Communications Security, Inc. “We are delighted that our broad platform support will help ensure that the U.S. Government, as well as major financial organizations now specifying FIPS 140-2 crypto, have complete flexibility securing communications in their heterogeneous network environments.”

Tests performed by NIST validated several algorithms implemented in the crypto module used in SSH Tectia, including AES, Triple DES, DSA and SHA-1, giving it approval for use in Federal agencies within the context of a complete security program. Many U.S. Government organizations are already using SSH Tectia Secure Shell based products. These include the U.S. Army, U.S. Navy, U.S. Marine Corps, U.S. Air Force, the Department of Defense, the Department of Justice, Lawrence Livermore National Labs, NASA, the Naval Air Warfare Center, and others. For more information on the completed certification, please visit: http://csrc.nist.gov/cryptval/140-1/1401val2003.htm#370.

About SSH Tectia
SSH Tectia is an enterprise class suite of security solutions based on SSH’s industry leading technologies. SSH Tectia client/server solution is based on the award-winning SSH Secure Shell used by millions worldwide. SSH Tectia enables end-to-end secure communications throughout the internal and external network. SSH Tectia provides transparent strong encryption and authentication and easily integrates into heterogeneous, multi-platform environments. SSH Tectia’s management capabilities allow for easy scalability and centralized policy deployment.

About SSH Communications Security
SSH Communications Security is a leading provider of easy-to-use centrally managed data security solutions addressing the most critical needs of large enterprises, financial institutions, and government agencies. As the original developer of the widely used Secure Shell technology, SSH is also pioneering the managed security middleware market with its award-winning SSH Tectia(TM) solution. With SSH Tectia, organizations can cost-effectively protect their business communications against both internal and external security risks. Currently more than 100 of Global Fortune 500 companies are using SSH security solutions to secure their data communications. SSH shares are

quoted on the Helsinki Exchanges Main List. For more information, please visit www.ssh.com.