Elemental’s Policy Management Integrated with Dynamic, Role-Based Access Controls Delivers New Approach to NAC

Elemental’s Automation and Adaptability to Change Enable Large Enterprises to Deploy Comprehensive Host-Level Access Controls throughout their Networks

LAS VEGAS, Nev. – May 1, 2006 – Elemental Security, Inc., a pioneer of new technology in enterprise information security, announced a new approach to network access control (NAC) for enterprises, one that integrates access controls with a broad policy and risk management framework. The Elemental Security Platform (ESP) is the only product today offering this functionality, due to its unified infrastructure tying in policy, configuration management, and inventory management with access controls.

Managing access controls in large ever-changing networks continues to be a challenge. ESP provides a policy-based approach which is seamlessly integrated with access controls that are granular, adapt to observed change, and are continuously updated. Elemental’s policy and risk management product enables enterprises to continuously monitor machines’ configuration, inventory, activity, and policy compliance. With ESP, enterprises can now integrate the access controls necessary to protect key systems and information, satisfy their internal security objectives, and assure compliance with regulatory requirements. Additionally, ESP supports this unified policy infrastructure and access control capability across a wide array of operating systems, including Windows, Solaris, HP-UX, AIX, Mac OS X, and Linux. This assures that policy management and the implementation of access controls are pervasive throughout the network.

ESP enables security administrators to restrict access of managed and unmanaged machines (such as guest workers), unauthorized personal devices, and machines outside of the network. Unlike labor-intensive and error-prone traditional solutions – such as perimeter gateways; infrastructure-level ACLs, application and file permissions; and personal firewalls – ESP provides automation and ease of administration through dynamic host groupings that allow role-based access controls to be extended throughout large organizations, decreasing the administration burden of controlling access and allowing companies to better manage risk.

Elemental provides the world’s only security policy system built from the ground up to make the state and activity of users and computers fully transparent, enabling customers to directly translate their business objectives into specific policies for all users and systems on their networks. Elemental unifies policy management, host configuration, inventory/discovery and role-based access control in one seamlessly integrated offering. Using Elemental, security administrators can easily assess the security posture of machines and networks, and make proactive decisions about managing risk. Security policy and compliance management continue to be top priorities due to increasing frequency and severity of security breaches, and regulations such as Sarbanes-Oxley (SOX), the Payment Card Industry (PCI) Data Security Standard, and the Health Insurance Portability and Accountability Act (HIPAA).

Elemental also partners with large infrastructure companies and complements their network-level admission control solutions. ESP shares compliance results with infrastructure solutions at the time of admittance, and continuously monitors those same policies after machines are allowed on the network. This layered protection assures that machines are compliant before getting on the network, and that they remain compliant once connected. Computers that fail to meet the required compliance threshold can have their access to key systems restricted by ESP until any issues are corrected.

The Elemental Security Platform

The Elemental Security Platform is an enterprise security software solution that enables organizations to manage the policies and risk for any computer connecting to the network. ESP is a client-server security system that provides broad visibility into all hosts in the enterprise and the means to control them through auto-deployed security policies. The system consists of the ESP server and ESP agents running on desktops and server hosts throughout a network. Its architecture is unique in its ability to detect, monitor and control hosts with or without ESP agents running on them.

About Elemental

Elemental is an industry leader in enterprise policy and risk management. Using its award-winning Elemental Security Platform (ESP), organizations can directly translate their business objectives into specific policies for all users and systems on their networks. For the first time, enterprises can use a single product to obtain measurable and comprehensive metrics for their security policy needs and compliance requirements. Founded in December 2002, Elemental is a privately held company backed by Bessemer Venture Partners, Mayfield, Sequoia Capital and Lehman Brothers Venture Partners. The company is headquartered in San Mateo, Calif., and has offices throughout the U.S. Go to http://www.elementalsecurity.com for more information.