Secure Computing’s Zero-hour Attack Protection Technology Automatically Protects Against Recently Identified Sendmail Vulnerability

Bracknell, UK, March 27, 2006 – Secure Computing Corporation (NASDAQ: SCUR), the experts in securing connections between people, applications, and networks, today announced the Sidewinder G2(r) Security Appliance’s patented Type Enforcement(r) technology protects customers from hacker attempts to exploit the recent Sendmail(tm) vulnerability. The vulnerability was reported by the Computer Emergency Response Team (CERT) in CERT advisory CVE-2006-0058. The Sendmail vulnerability may permit an attacker to completely take over Sendmail message transfer agent (MTA) servers, left unprotected or protected by weaker firewalls, on the Internet or on corporate and government networks; subsequently, e-mail privacy and availability are compromised. The vulnerability also allows the attacker to possibly take control of other devices on the network. Secure’s zero-hour attack protection stops attackers’ attempts to exploit this vulnerability by taking the impact of an attack on Sidewinder G2, at the perimeter, containing the attack, automatically terminating the hacker’s connection and continuing to securely pass e-mail through the system.

Sendmail is the cornerstone e-mail delivery application on the Internet used for moving billions of e-mail messages daily. More than half of the large ISPs and Fortune 500 use Sendmail, as well as governments around the world.

“This recent Sendmail vulnerability is just one more example why we have been using and trusting Sidewinder G2 for years,” said John Wickwire, chief technology officer at the Central Bank of Illinois. “We know that if we’re targeted by an unknown attack, we’re protected.”

Sidewinder G2 ZAP(tm) technology is based upon the positive security model, which allows only legitimate network traffic and denies everything else. “Negative model” security technologies like IPS gateways are extremely useful, but they allow everything through the gateway unless they recognize known viruses and attacks. The positive security model is therefore superior at preventing unknown attacks because it automatically eliminates exposure to many types of attacks-unknown as well as known. ZAP technology combines over 200,000 attack signatures with a positive security model for maximum protection.

“Sidewinder G2 protects against known and unknown attacks because of its highly configurable secure application pathways and it’s patented method of securely embedding its appliance software, like Sendmail, in its never been compromised SecureOS(r) operating system,” said John Doyle, vice president of product marketing at Secure Computing. “Our customers can be assured that they are protected from attacks that come about from the Sendmail vulnerability without having to install any patches. Unfortunately, many companies and governments around the world will be scrambling to patch their Sendmail software over the coming weeks. Our customers don’t have to go through that time draining process.”

Secure Computing’s ZAP technology also includes all key defense-in-depth security techniques working simultaneously in the Sidewinder G2, including:

* SecureOS self-defending platforms with patented Type Enforcement(r) technology – a preeminent example of the positive security model.

* Secure Application Pathways that come pre-built with the system and are then tightly configured by the customer to protect their Internet facing applications – another preeminent example of the positive security model.

* Event monitoring, analysis, and notification using the Sidewinder G2 dashboard and Sidewinder G2 Security Reporter(tm).

* Traditional signature-based attack protections, including over 200,000 threat signatures.

You can review the entire CERT advisory at http://www.kb.cert.org/vuls/id/834865. Secure Computing’s official response to this vulnerability is available at http://www.kb.cert.org/vuls/id/834865 .

About Sidewinder G2

The Sidewinder G2 Security Appliance consolidates a wide variety of security functions in one system, thereby greatly reducing theSecure Computing’s Zero-hour Attack Protection Technology Automatically Protects Against Recently Identified Sendmail Vulnerability

Sidewinder G2 self-defending platform with patented Type Enforcement technology protects customers from unknown attacks

Bracknell, UK, March 27, 2006 – Secure Computing Corporation (NASDAQ: SCUR), the experts in securing connections between people, applications, and networks, today announced the Sidewinder G2(r) Security Appliance’s patented Type Enforcement(r) technology protects customers from hacker attempts to exploit the recent Sendmail(tm) vulnerability. The vulnerability was reported by the Computer Emergency Response Team (CERT) in CERT advisory CVE-2006-0058. The Sendmail vulnerability may permit an attacker to completely take over Sendmail message transfer agent (MTA) servers, left unprotected or protected by weaker firewalls, on the Internet or on corporate and government networks; subsequently, e-mail privacy and availability are compromised. The vulnerability also allows the attacker to possibly take control of other devices on the network. Secure’s zero-hour attack protection stops attackers’ attempts to exploit this vulnerability by taking the impact of an attack on Sidewinder G2, at the perimeter, containing the attack, automatically terminating the hacker’s connection and continuing to securely pass e-mail through the system.

Sendmail is the cornerstone e-mail delivery application on the Internet used for moving billions of e-mail messages daily. More than half of the large ISPs and Fortune 500 use Sendmail, as well as governments around the world.

“This recent Sendmail vulnerability is just one more example why we have been using and trusting Sidewinder G2 for years,” said John Wickwire, chief technology officer at the Central Bank of Illinois. “We know that if we’re targeted by an unknown attack, we’re protected.”

Sidewinder G2 ZAP(tm) technology is based upon the positive security model, which allows only legitimate network traffic and denies everything else. “Negative model” security technologies like IPS gateways are extremely useful, but they allow everything through the gateway unless they recognize known viruses and attacks. The positive security model is therefore superior at preventing unknown attacks because it automatically eliminates exposure to many types of attacks-unknown as well as known. ZAP technology combines over 200,000 attack signatures with a positive security model for maximum protection.

“Sidewinder G2 protects against known and unknown attacks because of its highly configurable secure application pathways and it’s patented method of securely embedding its appliance software, like Sendmail, in its never been compromised SecureOS(r) operating system,” said John Doyle, vice president of product marketing at Secure Computing. “Our customers can be assured that they are protected from attacks that come about from the Sendmail vulnerability without having to install any patches. Unfortunately, many companies and governments around the world will be scrambling to patch their Sendmail software over the coming weeks. Our customers don’t have to go through that time draining process.”

Secure Computing’s ZAP technology also includes all key defense-in-depth security techniques working simultaneously in the Sidewinder G2, including:

* SecureOS self-defending platforms with patented Type Enforcement(r) technology – a preeminent example of the positive security model.

* Secure Application Pathways that come pre-built with the system and are then tightly configured by the customer to protect their Internet facing applications – another preeminent example of the positive security model.

* Event monitoring, analysis, and notification using the Sidewinder G2 dashboard and Sidewinder G2 Security Reporter(tm).

* Traditional signature-based attack protections, including over 200,000 threat signatures.

You can review the entire CERT advisory at
http://www.kb.cert.org/vuls/id/834865. Secure Computing’s official response to this vulnerability is available at http://www.kb.cert.org/vuls/id/834865 .

About Sidewinder G2

The Sidewinder G2 Security Appliance consolidates a wide variety of security functions in one system, thereby greatly reducing the management complexity for IT professionals. These security functions include an unprecedented Application Defenses(TM) firewall with application-level intrusion prevention, protocol anomaly protection, a secure e-mail, Web, and DNS gateway, anti-spam, anti-virus, IPSec VPN, IDS and response, outbound Web access filtering, SSL termination and clientless VPN access.

About Secure Computing

Secure Computing (NASDAQ:SCUR) has been securing the connections between people and information for over 20 years. Specializing in delivering the world’s strongest security appliances/firewalls, strong authentication, and content management and filtering solutions, Secure Computing is uniquely qualified to be the global security solutions provider to organizations of all sizes. Our more than 17,000 global customers in over 100 countries, supported by a worldwide network of partners, include the majority of the Dow Jones Global 50 Titans and the most prominent organizations in banking, financial services, healthcare, telecommunications, manufacturing, public utilities, education, and national and local governments. The company is headquartered in San Jose, Calif., and has offices worldwide. For more information, see http://www.securecomputing.com. management complexity for IT professionals. These security functions include an unprecedented Application Defenses(TM) firewall with application-level intrusion prevention, protocol anomaly protection, a secure e-mail, Web, and DNS gateway, anti-spam, anti-virus, IPSec VPN, IDS and response, outbound Web access filtering, SSL termination and clientless VPN access.

About Secure Computing

Secure Computing (NASDAQ:SCUR) has been securing the connections between people and information for over 20 years. Specializing in delivering the world’s strongest security appliances/firewalls, strong authentication, and content management and filtering solutions, Secure Computing is uniquely qualified to be the global security solutions provider to organizations of all sizes. Our more than 17,000 global customers in over 100 countries, supported by a worldwide network of partners, include the majority of the Dow Jones Global 50 Titans and the most prominent organizations in banking, financial services, healthcare, telecommunications, manufacturing, public utilities, education, and national and local governments. The company is headquartered in San Jose, Calif., and has offices worldwide. For more information, see http://www.securecomputing.com.

Don't miss