NetContinuum Announces the NC-1000 4.3 – the Market’s Most Comprehensive Web Application Security Gateway – at RSA Conference 2005

SAN FRANCISCO, RSA Conference 2005 (Booth #422) – February 15, 2005 – NetContinuum, the worldwide leader in application firewalls, today announced the 4.3 release of its popular NC-1000 Application Security Gateway product line. With this release, NetContinuum delivers on its promise to provide the industry’s most comprehensive product for web services and web application security in a single, powerful integrated gateway appliance. Version 4.3 also includes significant new features that represent industry firsts and enhance the availability, reliability and performance of enterprise-scale deployments. These include AppDos (Application-Level Denial of Service) attack protection provided by unique rate limiting and blocking features, stateful application failover for web session continuity assurance, and application performance acceleration enabled with an integrated hardware compression module.

“Version 4.3 is a significant release from NetContinuum driven by customer demand for the highest levels of protection for both application- and data-level threats. This combination of security, flexibility and performance can not be found in any other product on the market today. This announcement is another step in our strategy to continually set the bar and expand the role of application-layer security in a market expected to hit $2B by 2009,” commented Kurt Roemer, Chief Security Officer for NetContinuum.

Application-Level Denial of Service (AppDoS) Protection

Like network Denial of Service (DoS) attacks that are designed to overwhelm network resources, AppDoS attacks are designed to overwhelm application resources. An AppDoS attack either floods the application with more requests per second than it can handle or forces it to perform intensive computations that tie up the system. These malicious tactics can easily take over application resources including bandwidth, database connections, storage, memory, or thread counts – rendering the application unavailable to legitimate usage. Unlike network DoS attacks however, custom web applications do not have security countermeasures for defense.

The NC-1000 AppDoS protection allows organizations to easily add an additional layer of protection against application-layer DoS and DDoS attacks and increase both security and application availability:

Unique defense system limits the requests per second for application usage and even temporarily blocks specific clients that are attempting to abuse the application.
New rate control features allow administrators to define thresholds while maintaining full control of the application resources.
Intelligent algorithm automatically queues requests and provides priority access to designated users.

Hardware Compression and Performance
A large concern for data center operators is application delivery performance and response times to users of their web site applications. Because these applications increasingly rely on dynamic content, conventional caching capabilities cannot be utilized. As a result, web application performance can be less than optimal, especially for clients relying on dial-up connections. Industry benchmarks have indicated that a majority of web users will abandon a web site if downloading a page that requires more than eight seconds. Therefore, web application performance has a direct impact on the organizations bottom line.

Implementing compression for web applications instantly allows faster access. Until now, web application security devices lacked the ability to read compressed data. With the NC-1000 hardware based compression card, organizations can realize the benefits of compression without sacrificing security:

· State-of-art compression engine significantly accelerates application delivery to end users
· Saves up to 50% in bandwidth consumption

Stateful Application Failover Assurance
NetContinuum NC-1000 is the first-and-only application firewall to solve the difficult problem of managing the failover of stateful applications with zero impact to end users. The NC-1000’s advanced stateful application failover technology is based on the company’s core Dynamic Application Protection (DAP) technology, which maintains unique session state and context for each client and ensures that the information is preserved and always on during a failover condition:

Business transactions will not be interrupted during failover conditions – no loss of revenue or customer confidence End user application sessions will transparently switch to an available system without experiencing any disruption in service Application providers will not have to compromise security to ensure maximum application continuity

Pricing and Availability
The NetContinuum NC-1000 version 4.3 is currently available for early access customers with general availability starting in March 2005. The release will be availability as a no cost upgrade to customers with a current service/support contract in place. The compression module will be offered as an optional hardware component for an additional fee.

The NetContinuum NC-1000 Enterprise-Class Web Services & Web Application Solution NetContinuum is delivering the NC-1000 WSE as part of a strategic partnership with Forum Systems, the leader in web services security. This development is expected to change the landscape for application-level security, promising customers a true best-in-class solution to address the new wave of “hidden” XML data-level attacks without forcing them to learn, deploy and manage yet another separate firewall device. The NC-1000 WSE includes all features of the award-winning NetContinuum Application Security Gateway with all features of the award-winning Forum XWall web services firewall in a standards-based, single footprint solution with a consistent management interface and integrated audit trail, allowing organizations to streamline deployment times and lower administrative costs.

The NetContinuum NC-1000 Application Security Gateway is a powerful application firewall that delivers the highest level of protection available for mission-critical web applications. Unlike reactive signature-based products, NetContinuum utilizes a powerful, multi-layered approach to proactively defend against both known and unknown attack methods. The NetContinuum NC-1000 is the only application firewall on the market designed from the ground up with strict data center requirements in mind. Unlike generic PC and software-based alternatives, the NC-1000 is based on a purpose-built platform that begins with the world’s most powerful security ASIC and extends this design philosophy through the entire system architecture. The result is an application security system that is dramatically more robust, more reliable and more secure than any other product in the industry today.

About NetContinuum, Inc.
NetContinuum is the leading provider of ASIC-based application firewalls that deliver the highest level of protection available for web applications and web services. The NetContinuum Application Security Gateway product line drastically reduces the risk associated with doing business over the web and is the only product on the market to pass rigorous independent certification from ICSA Labs for protection against both network and application-layer security threats, including data theft, cross-site scripting, SQL injection, command execution, information disclosure and authentication bypass. NetContinuum is listed as the most “visionary” company in Gartner’s Magic Quadrant for enterprise firewalls, named a “winner” in the rapidly-growing application security gateway market by Yankee Group and chosen as a 2005 “company to watch” by Network Computing Magazine. NetContinuum boasts an impressive customer base comprised of Fortune 1000 enterprises, government agencies and service providers. For more information, please visit www.netcontinuum.com or call 408-961-5600.