Lancope Ships StealthWatch Xe for sFlow®

StealthWatch System 5.1 Expands Integration with Network Infrastructure to Deliver Cost-effective, Scalable, 10 Gbs+ Network Anomaly Detection and Response Enterprise-wide

ATLANTA, NOVEMBER 14, 2005-Lancope, Inc., the leading provider of network behavior analysis and response solutions, today announced the general availability of StealthWatch System 5.1, which includes enhanced operational reporting, extended Flow Visualization and the new StealthWatch Xe for sFlow® appliance, the first anomaly detection solution to leverage sFlow data that is natively available in routers and switches from Foundry Networks (Nasdaq: FDRY), Hewlett Packard (NYSE: HPQ) and Extreme Networks (Nasdaq: EXTR). Highly scalable and leveraging the existing network infrastructure, the StealthWatch System 5.1 delivers multiple enhancements across the product family and provides unmatched levels of identification, prioritization and control of network behavior for the most cost-effective and accurate enterprise-wide network protection.

StealthWatch System 5.1 introduces StealthWatch Xe for sFlow. Built on the same foundation as Lancope’s successful StealthWatch Xe for NetFlow technology, StealthWatch Xe for sFlow analyzes sFlow records to extend internal security without deploying costly sensors or in-line devices throughout enterprise networks, thereby dramatically reducing cost and complexity of deployment and significantly increasing scalability.

According to the Naval Postgraduate School’s Network Security Group director, Lieutenant Commander Reese Zomar, "Effective network security requires thorough network monitoring. By utilizing sFlow and integrating it with Lancope’s network behavior analysis and response technology, we have improved our ability to quickly determine what has happened during a security incident, what remediation needs to be done and how to prevent future occurrences."

Zomar added, "StealthWatch Xe for sFlow has increased our visibility of internal network traffic ten-fold from 90MB per minute to 900MB per minute. StealthWatch Xe for sFlow helps our network and security managers view traffic patterns without having to deploy costly sensors or LAN probes on every segment and provides a rich source of data for security-related tasks."

Enterprises with switches and routers that support sFlow as a standard feature can simply "turn-on" sFlow and direct it toward the StealthWatch Xe appliance, which baselines network traffic to detect and prevent network anomalies. Through its patent-pending Custom Response™ feature, a remediation script capability that commands routers and switches to block malicious traffic at the network edge, the StealthWatch System extends flexible mitigation across the enterprise to enable "Infrastructure IPS" to provide unprecedented levels for controlling network behavior. The resulting combination of rich visualization and advanced behavioral detection functionality in the StealthWatch System enables organizations to more quickly defeat zero-day attacks, worms, policy violations, network misuse and other anomalies.

Additionally, StealthWatch System 5.1 delivers key capabilities designed to help “operationalize” network and security incident response, investigation and remediation:.

• Operational Reporting
  In addition to rich visualization that offers flexible multi-tab views of network activity, StealthWatch now offers scheduled as well as on-demand rapid reporting to provide instant awareness of network health and facilitate regulatory compliance. Administrators can schedule or instantly generate PDF reports to distribute to senior management or affected departments.
• Extended Flow Visualization
  Enabling swiftly assessment and analysis of security posture and network health, the extended Flow Visualization capability allows for greater manipulation of data views and drill-down analysis for improved investigation work flow, resulting in reduced down time and faster remediation

Overcoming obstacles, such as physical proximity requirements and limited span ports, staff or budget, StealthWatch System 5.1 delivers the following key benefits for enterprises:

• Continuous, cost-effective network monitoring and coverage with sFlow data
• Contextual security awareness and network visibility across the enterprise
• Effective mitigation via “Infrastructure IPS” which leverages existing network infrastructure
• Scalable to 10+ Gbps networks to provide unprecedented protection
• Mixed deployment for greatest flexibility and breadth of coverage

“By expanding the integration options to leverage additional network infrastructures, we are delivering a powerful and effective internal security solution that integrates easily into a variety of customer environments and scales to meet their growing security needs” said Harland LaVigne, president and CEO of Lancope. “As the first security solution to utilize native sFlow, Lancope continues to expand the usage of behavior-based anomaly detection technology, broaden the support of enterprise network infrastructures and ensure that customers gain maximum value from both network and security investments.”

StealthWatch System 5.1, including StealthWatch Xe for sFlow, is now shipping. Entry-level enterprise pricing for StealthWatch Xe for sFlow begins at $29,995 for coverage up to 2,500 ports . For more information, please contact the Lancope at 888-419-1462 or sales@lancope.com. Current customers can contact the Lancope Customer Care Support Desk for upgrades at 800-838-6574 or support@lancope.com .

About Lancope
Lancope is the leading provider of Network Anomaly Detection Systems (NADS) that defeat zero-day worms, internal network misuse and other anomalies that compromise network integrity. Lancope’s StealthWatch integrates security and network management technology to reduce network risks and maximize network availability by rapidly identifying, prioritizing, mitigating and resolving critical threats, whether new or well-known. Both OPSEC and Common Criteria-certified, StealthWatch was named InfoWorld’s 2005 Technology of the Year and finalist for Network Computing Magazine’s 2004 Well Connected Awards. Additionally, it has received outstanding reviews from InfoWorld, eWeek and CRN magazines. Defending the networks of Global 2000 organizations, academic institutions and government entities, Lancope’s StealthWatch protects over 170 enterprise customers and 15 million hosts worldwide. Lancope is a privately held, venture-backed company headquartered in Atlanta, Georgia. For more information, call 888-419-1462 or visit www.lancope.com.