Symantec Announces New Proactive Behavior-Based Host Intrusion Prevention Solution

CUPERTINO, Calif. -- December 12, 2005 -- Symantec Corp. today announced Symantec Critical System Protection 5.0, a proactive behavior-based intrusion prevention solution for multi-layered protection of servers and critical clients running on Windows, UNIX, and Linux platforms. Available later this month, Symantec Critical System Protection provides zero-day protection against application and operating system attacks, enhanced auditing and compliance enforcement, enterprise reporting capabilities, and improved manageability of heterogeneous environments from a single management console. Using a unique combination of signature- and behavior-based detection, this enterprise-class product helps prevent system downtime while protecting critical information assets.

Symantec Critical System Protection is part of a comprehensive portfolio of endpoint security for both managed and unmanaged endpoint devices, and enables enterprises to regain control of network security and ensure compliance across the organization. When deployed alongside Symantec Client Security or Symantec AntiVirus Corporate Edition, Symantec Critical System Protection specifically safeguards applications and operating systems without the need for a known signature or patch. It delivers powerful behavior-based intrusion prevention technology for network protection, exploit prevention, system control, along with system audit and alerting capabilities. Buffer overflow and memory-based attack protection provide added defense against the most sophisticated attacks, while a high-performance firewall monitors network traffic with the ability to block inbound and outbound connections by application, port, protocol, and IP address range.

A centralized management console allows Symantec Critical System Protection to manage endpoint systems across large heterogeneous IT environments. Using the management console, security policies can be set to harden and protect systems by creating a shell around each application to define acceptable behavior and user actions to prevent exploitation or misuse. Advanced auditing, monitoring, and alerting capabilities along with enterprise-class reporting provides detailed, granular analysis to ensure adherence to regulatory compliance requirements. Log consolidation and monitoring capabilities allow for complete event discovery and can be forwarded to Symantec Security Information Manager for correlation analysis and to conduct computer forensic investigations. In addition, the management console can be configured to deliver automatic notification alerts to ensure rapid response to high priority incidents.

To reduce the complexity of administration, Symantec Critical System Protection provides out-of-the-box configurable security policies to lock down the operating system, applications, and databases. These policies automatically adapt to the operating system and applications installed, including custom in-house applications, thereby eliminating the need to configure different policies based on the type of application or machine. Symantec Critical System Protection also prevents unauthorized executables from being introduced and run, along with “de-escalation” of administrative user privileges to restrict access and protect against malicious behavior. Furthermore, IT administrators can configure policy controls over device management, such as USB drive access, CD ROM writing and non-VPN protected wireless connections to prevent the leakage of sensitive customer information.


Symantec Critical System Protection 5.0 is scheduled to be available in late December through Symantec’s worldwide network of value-added resellers, distributors and systems integrators. Organizations seeking a reseller or distributor should contact Symantec at

About Symantec

Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at


Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.