Windows JPEG Vulnerability Shows Need for Unified Threat Management Security; Secure Computing's Sidewinder G2 Security Appliances protected

Business Wire, Sept 27, 2004

SAN JOSE, Calif. -- Company has 21.7 percent share in UTM market IDC says will grow to $2 billion by 2008

Secure Computing Corporation (NASDAQ:SCUR), the experts in securing connections between people, applications, and networks(TM), today announced that the company's Sidewinder G2(TM) Security Appliance customers that have activated the Sidewinder's embedded anti-virus module have protection from an expected wave of malicious worms exploiting the recently announced Windows JPEG vulnerability - before the worms can reach unprotected desktops. The proliferation of application-level attacks and other security threats is a major driver of the emerging market for Unified Threat Management (UTM) security appliances. A new report by analyst firm IDC named Secure Computing as one of three leaders with a 21.7 percent share in the new UTM security appliance market, which is expected to grow to $2 billion by 2008.

US-CERT advisory TA04-260A (http://www.us-cert.gov/cas/techalerts/TA04-260A.html) describes a remotely exploitable vulnerability in Microsoft's Graphic Device Interface Plus (GDI ) JPEG processing component, which is used by a wide array of Windows programs, including Word, Excel, Outlook, and Internet Explorer. What is particularly disturbing about the vulnerability is that unprotected desktops can be taken over by a remote hacker after a user performs a routine function such as opening an e-mail or even viewing a webpage that contains the malicious code, passing right through traditional firewalls. Microsoft has issued a series of patches to protect customers from the vulnerability.

Secure Computing's Sidewinder G2 Security Appliance customers who have deployed the Sidewinder's embedded anti-virus module are protected from the vulnerability - even if their desktops do not have the Microsoft patch. Embedding security software at the gateway on a UTM security appliance, such as anti-virus, anti-spam, and web filtering, provides an important added level of protection to security gateway architecture, in addition to regular desktop patches and desktop security software.

"Unified Threat Management Security Appliances are a rapidly growing market because they offer more comprehensive protection on a single platform, reduced complexity, and simplified troubleshooting. IDC forecasts that the unified threat management security appliance market will grow at a compound annual growth rate of 80.1% between 2003 and 2008, which will translates into a total market of $2 billion," said Charles Kolodgy, research director for Security Products at IDC. "Secure Computing is one of three leaders in the UTM security appliance market, with a 21.7 percent share in the UTM security appliance market in 2003."

IDC defines Unified Threat Management security appliances as a combination of hardware, software, and networking technologies whose primary function is to perform specific or multiple security functions. Threat management security appliances consist of hardware with a hardened operating system (OS), a limited applications set, and no user software installation.

"During the last 12 months, enterprise customers have been hit with wave after wave of worms, Trojans, viruses, and other exploits, and this is serving as a wake-up call," said Mike Gallagher, senior vice president of product development for Secure Computing. "More and more customers understand the benefit of a UTM security appliance that stops malicious attacks at the 'front door,' rather than waiting until the attacker reaches desktops or until the attack is propagated throughout a customer's infrastructure."

In addition, Secure Computing's all-in-one security appliance also includes e-mail key-word filters, and e-mail message size and attachment filters that are capable of stopping mail-propagated worms of all kinds, both known and unknown. The eleven models of the Secure Computing branded appliances include the most comprehensive set of Application Defenses(TM) for the widest variety of security applications in the industry; including a market leading application-layer firewall/VPN, anti-spam, anti-virus, employee web browsing controls, SSL termination and clientless VPN access.

About Secure Computing

Secure Computing (NASDAQ:SCUR) has been securing the connections between people and information for over 20 years. Specializing in delivering solutions that secure these connections, Secure Computing is uniquely qualified to be the global security solutions provider to organizations of all sizes. Our more than 11,000 global customers, supported by a worldwide network of partners, include the majority of the Dow Jones Global 50 Titans and the most prominent organizations in banking, financial services, healthcare, telecommunications, manufacturing, public utilities, and federal and local governments. The company is headquartered in San Jose, Calif., and has sales offices worldwide. For more information, see http://www.securecomputing.com.

All trademarks, trade names or service marks used or mentioned herein belong to their respective owners.