Internet Security Systems, Inc. - Security Software -  Category Directory

(404) 236-2600

6303 Barfield Road
Atlanta, GA 30328

www.iss.net

Sales

$246 million

Business Description 

Internet Security Systems, Inc. is an established world leader in network
and information security providing products and services that help to protect
businesses from network and system risks. We offer a proactive line of security
solutions that provide protection against a variety of ever-changing threats for
gateways, networks, servers and desktops, and includes security software and
appliances, managed security services, consulting and training services and
online security research, advisory and other knowledge services. This
comprehensive line of products and services are designed specifically for the
enterprise, service providers, risk management, small business and consumer
markets. Our threat protection solutions go beyond basic access control to
deliver multiple layers of defense that detect, prevent and respond to threats
before those threats cause damage to our customers' business operations.

Our products are designed to meet the need for comprehensive,
cost-effective detection, prevention and response arising from attacks, misuse
and security policy violations while promoting the confidentiality, privacy,
integrity and availability of proprietary information. Our family of products is
a critical element of an active Internet and networking security program within
today's world of global connectivity, enabling organizations to proactively
monitor, detect and respond to risks to enterprise information. Our managed
services offerings focus primarily on remote management of our best-of-breed
security technology including security assessment and intrusion protection
systems. We focus on serving as the trusted security provider to our customers
by maintaining within our products the latest counter-measures to security
risks, creating new innovative products, and providing professional and managed
services.

ISS was founded in 1994 and is headquartered in Atlanta, Georgia. The
mailing address for our headquarters is 6303 Barfield Road, Atlanta, Georgia,
30328, and our telephone number at that location is (404) 236-2600. Our website
can be found at www.iss.net. We make available free of charge through our
website our Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, and
Current Reports on Form 8-K, and amendments to those reports, as soon as
reasonably practicable after we file them electronically with, or furnish them
to, the Securities and Exchange Commission. Our Corporate Governance Guidelines
and Code of Conduct are also available on our website and are available in print
to any stockholder
who mails a request to our headquarters, attention to the Corporate Secretary.
Our website also contains other corporate governance-related documents that may
be found of interest to stockholders. The information on our website is not
incorporated by reference in this Form 10-K.

INDUSTRY BACKGROUND

Online security is of growing importance to today's businesses, as
organizations of all sizes and markets become increasingly reliant on
Internet-based technology to conduct day-to-day operations. Businesses adopt
these Internet-based technologies to streamline operations and create new
business opportunities. To capitalize on the benefits of the Internet,
businesses must open their networks to business partners, customers and their
mobile workforce, significantly increasing the value and vulnerability of their
online assets.

The more that organizations and consumers depend on networks to conduct
business, the greater the risk of business interruption, negative publicity,
theft of proprietary or private information, liability for damages to others,
and other costly business losses. The gateways, networks, servers and desktops
that make online commerce work are inherently vulnerable to online threats. A
threat is any tool or technique that can be used to damage the data stored on a
network, server or desktop, or to compromise those resources for unauthorized
use. The tools used to attack online resources and the sophistication of these
threats continues to increase. At the same time, the technological
sophistication needed to launch an attack continues to decrease.

MARKETS

We provide products and services to a variety of customers. We view our
primary customer markets as enterprise, service provider and risk management
customers. We also have products for consumers and small offices. Our primary
markets are addressed through our direct sales efforts and through various
partners, including system integrators, value-added resellers and distributors.

ENTERPRISE

Enterprise market customers generally have annual revenues exceeding $100
million. Our enterprise software, appliances and services solutions provide
proactive protection against online business interruption and loss, all designed
to operate with minimal administration or interference with normal network
operations. These comprehensive protection offerings merge gateway, network,
server and desktop protection into an integrated threat management environment.
This combination of software, appliances and services enables centralized
management across multiple locations and network segments, including wireless
networks, branch offices and mobile workers. Most importantly, our proactive
approach keeps staff informed about newly discovered security issues, ensuring
that the protection solution can be updated to account for newly evolved
threats.

SERVICE PROVIDER

We provide best-of-breed technology and a proven track record in network
security management for service providers looking to establish online security
as part of a broad-based, Internet-oriented business solution. We partner with
service providers that want to resell managed security services and are seeking
a well-known, credible and stable partner in the security industry, an
established ability to bring partners to market, and a comprehensive services
portfolio.

Our advanced security management software solutions, extensive experience
protecting customer networks and industry leading ability to collect and analyze
threat trends from around the world in our Global Threat Operations Center
(GTOC) allow us to partner with organizations looking to bundle a security
management component within a broader set of business services.


PRODUCTS AND SERVICES

ENTERPRISE PROTECTION

Enterprise solutions include Proventia(TM) multi-function protection
products, RealSecure(R) software and Managed Services. Our products and services
protect the entire infrastructure, from the perimeter to the core. Our centrally
managed family of Proventia protection products ranges from detection up to
completely unified and proactive multi-function appliances, combining firewall,
intrusion prevention and anti-virus technologies. The Proventia multi-function
protection family streamlines and simplifies security by unifying security
technologies on a single engine. In 2003, we continued to market our REALSECURE
PROTECTION PLATFORM, a unique software offering that encompasses vulnerability
assessment and threat detection, prevention and response across networks,
servers and desktops, all coordinated through the SITEPROTECTOR(TM) centralized
management platform. In addition, our Managed Services extends this protection
strategy through managed security offerings and expert 24/7 monitoring, support
and response management for situations where additional flexibility and support
are required. Extensive professional services and emergency response services
provide an appropriate, effective security solution, regardless of business
environment.

Key components of our enterprise protection products include:

GATEWAY PROTECTION -- Unifies critical security technologies,
including firewall, virtual private network (VPN), anti-virus and intrusion
prevention, within a single appliance and management system to protect
against known and unknown threats, worms and viruses.

Proventia M Series Multi-Function Appliances -- Provide complete
protection at the gateway and network level in a single all-in-one
appliance without jeopardizing network bandwidth or availability.

NETWORK PROTECTION -- Utilizes industry-leading intrusion detection
and prevention technologies to protect corporate networks from attack and
misuse.

Proventia G Series Intrusion Prevention Appliances -- Proactively
block malicious attacks from entering the network, including denial of
service, backdoors and hybrid threats. Attacks are blocked in real-time,
minimizing the need for active administrator involvement in most
security events.

Proventia A Series Intrusion Detection Appliances -- Deliver our
market-leading RealSecure network intrusion detection, forensics, and
response technology in an easy-to-use, cost effective, rapidly deployed
appliance format.

RealSecure Network 10/100 Software -- Provides intelligent,
automated integration of threat assessment, intrusion detection, and
data analysis within a self-contained, centrally managed application.

RealSecure Network Gigabit Software -- Provides intelligent,
automated integration of threat assessment, intrusion detection, and
data analysis within a self-contained, centrally managed application for
line operations at gigabit speeds.

SERVER PROTECTION -- Defends servers and applications against
unauthorized access and a broad array of threats by combining intrusion
prevention with firewall capabilities.

RealSecure Server Software -- Provides automated, real-time
intrusion protection by analyzing events, host logs, and inbound and
outbound network activity on critical enterprise servers to block
malicious activity from damaging critical assets.

DESKTOP PROTECTION -- Protects fixed, remote and mobile desktops
against unauthorized access and a broad array of threats by combining
intrusion prevention, firewall capabilities, application protection and VPN
compatibility.

RealSecure Desktop Software -- Provides real-time protection
against malicious activity by analyzing application, network and VPN
behavior on desktops.

SITEPROTECTOR MANAGEMENT CONSOLE -- Scalable, centralized management
and reporting for enterprise deployments of Internet Security Systems'
protection products. Significantly reduces demand on staff and other
operational resources.

SITEPROTECTOR SECURITYFUSION(TM) MODULE -- Uses advanced data
correlation and analysis to rapidly and automatically derive the likelihood
of a successful attack from aggregated vulnerability assessment
information.

SITEPROTECTOR THIRD PARTY MODULE -- Interfaces with market-leading
firewalls such as CheckPoint and Cisco PIX to automate the collection of
audit and intrusion detection events into SiteProtector's central
management system for advanced analysis.

VULNERABILITY ASSESSMENT SOFTWARE

In addition to our gateway, network, server, and desktop protection
products, we also offer security assessment and policy compliance solutions for
proactive measurement of online risk. These offerings include:

INTERNET SCANNER(R) SOFTWARE -- Provides comprehensive network
vulnerability assessment for measuring online risk.

SYSTEM SCANNER(TM) SOFTWARE -- Ensures policy compliance and detects
vulnerabilities that leave servers open to compromise.

DATABASE SCANNER(R) SOFTWARE -- Assesses online business risks by
identifying security exposures in leading database applications.

WIRELESS SCANNER(TM) SOFTWARE -- Provides automated detection and
security analyses of mobile networks utilizing 802.11b WLAN (Wi-Fi) access
points and clients.

CONSUMER AND SMALL OFFICE SOFTWARE

We offer powerful, affordable firewall and intrusion detection protection
software solutions providing fast, accurate protection for the consumer and
small office product market. Our products include:

BLACKICE(TM) PC PROTECTION SOFTWARE -- Provides comprehensive personal
firewall and intrusion protection for individual PCs.

BLACKICE SERVER PROTECTION SOFTWARE -- Provides comprehensive firewall
and intrusion protection capabilities for individual servers.

X-FORCE(R) SERVICES

The X-Force organization, our industry leading group of security experts
dedicated to proactive counter intelligence and public education, delivers
timely, accurate information for anyone interested in protecting online assets
against attack or misuse. This proactive approach suffuses all our offerings,
from research and development to products and services, including publicly
available information and product support.

Our X-Force organization provides information on threats through three
complementary online publications:

- Security Advisories contain new vulnerability research developed by the
X-Force itself, as well as solutions to manage or resolve the threat.

- Security Alerts are timely compilations of threat information, both from
us and from other external resources.

- Security Alert Summaries are weekly publications containing short
descriptions of security issues identified and researched during the past
week. Each issue in the Alert Summary is linked to detailed information
in the online X-Force Database.

The X-Force organization begins this process through our Global Threat
Operations Center. This specialized threat intelligence facility collects
security trend information from five state-of-the-art Security Operations
Centers operating on three continents to analyze the nature and severity of any
threat in real-time. The X-Force then proactively helps deliver our solutions to
market via alerts, advisories, product updates, professional services, emergency
response services and 24/7 remotely managed security services. In addition, we
provide the fee-based X-Force Threat Analysis Service for customers needing
immediate, comprehensive notification of the breaking security events.

X-Force threat intelligence consists of global and local primary source
overviews of evolving threats. This information may be sorted by specific
geography, business sector, operating system or attack technique, allowing
anyone interested in information protection to evaluate global threat conditions
as part of their own security operations. All our service offerings use X-Force
threat intelligence as a differentiator, whether as part of a professional
services consulting engagement, managed security services, X-Force Education
Services or customer support. In addition, X-Force research and development
quickly and easily integrates into our software solutions via self-installing
X-Press Update(TM) product enhancements.

MANAGED SECURITY SERVICES

ISS Managed Security Services offer online protection for organizations
lacking the time, expertise or appropriate internal resources to secure critical
information resources. Our services include:

MONITORED AND MANAGED IDS SERVICE -- Unobtrusively monitors client
servers and network traffic for potential threats, and responds to attacks
or misuse that can damage online information resources.

MONITORED AND MANAGED FIREWALL SERVICE -- Flexible, remotely managed
firewall service that delivers cost-effective protection that reduces
customer staff requirements. Optional features include High Availability
capabilities, Monitored Firewall, Client VPN enablement and Site-to-Site
VPN.

VULNERABILITY MANAGEMENT SERVICE -- Provides real time vulnerability
information by examining servers, firewalls, switches and more. Provides
comprehensive on-demand security audits that identify, analyze and report
on network security vulnerabilities.

PROFESSIONAL SECURITY SERVICES

Our professional security services combine our advanced technology and
experienced security experts to help organizations plan and implement sound
security management solutions. Our standards-based methodology covers the
complete security management lifecycle, including assessment, design,
deployment, management and support, as described below.

ASSESSMENT

Penetration Test -- Network simulation attack in a controlled
environment, resulting in a clear snapshot of an organization's security
condition, specific exploitable vulnerabilities and risks as seen from a
designated remote Internet location.

Information Security Assessment -- Comprehensive evaluation of an
organization's information security policies, procedures, controls and
mechanisms, as well as its networks, servers, desktops and databases in
relation to the globally recognized ISO 17799 standard, which is a
comprehensive set of controls comprising best practices in information
security established by the International Standards Organization.

Security Certification -- Comprehensive and rigorous internal and
external evaluation of an organization's information security policies,
procedures, controls and mechanisms, as well as networks, servers, desktops
and databases, comparing current security standing to the globally
recognized ISO 17799 standards. This service includes a two-day
interactive, strategic project-planning workshop that results in an
actionable plan to achieve and maintain on-going security goals. We provide
our clients with a certification of best security practices upon
implementation of our recommendations.

ISO 17799 and Regulatory Compliance Gap Analysis -- Analysis and
documentation of tactical recommendations based upon the globally
recognized ISO 17799 standard and regulatory requirements.

Wireless Network Assessment -- Security assessment of wireless network
environments including both assessment and penetration testing.

Application Security Assessment -- Review and evaluation of
application security from the client and server perspectives.

DESIGN

Policy Development -- Rapid development of security policies that map
to an organization's business objectives, regulatory issues and industry
best practices.

Standards & Procedures Development -- Development of written
procedures to ensure the repeated correct installation and configuration of
operating systems, applications and databases which are essential in
reducing risks to the network environment and computing infrastructure.

Security Strategy Workshop -- Strategic planning engagement in which
we assist customers to develop a specific security strategy based upon best
practices, and the customer's specific requirements.

Implementation Planning -- Our security specialists work with client
staff to determine and plan the most effective and strategic locations in
which to install ISS solutions, how to best implement them with minimal
impact on current network operations, and how to plan for the ongoing
management and maintenance of the security solution.

Network Architecture Design -- Assists organizations in designing a
secure customized network architecture designed to meet organizational
goals now and in the future.

Vulnerability Remediation -- A prioritized roadmap that helps clients
understand the remediation efforts needed, timeframes and expertise
required to quickly remediate the most serious problems and put a long-term
security program into place.

Vertical & Regulatory Markets Strategy Design -- Provides an
organization with a thorough understanding of the impact of regulatory
issues on it and develops a plan to achieve regulatory compliance.

Security Awareness Program Development -- A short duration, high value
engagement that quickly increases employees' security consciousness and
helps other security initiatives move forward effectively.

DEPLOYMENT

Deployment Consulting -- Installation, configuration and tuning for
ISS's vulnerability assessment, intrusion detection and enterprise security
management solutions.

Migration -- Consulting, installation, configuration and tuning
services for migrating to new ISS vulnerability assessment, intrusion
detection and enterprise security management solutions.

MANAGEMENT

Emergency Response Services -- Our professional services staff
combines leading security research with real-world incident response
experience to help organizations prepare for, and respond immediately to,
information security breaches.

X-Force Threat Analysis Service -- Internet Security Systems' X-Force
Threat Analysis Service enables proactive security management through
comprehensive evaluation of global online threat conditions and detailed
analyses tailored for specific customer needs. The X-Force Threat Analysis
Service is a blend of threat information collected from our international
network of Security Operations Centers and trusted security intelligence
from the X-Force research and development organization. This constantly
monitors and advises regarding the nature and severity of external Internet
threats. Dailysummaries provide current and forecast assessments for active
vulnerabilities, viruses/worms and threats, including links to recommended
fixes and security advice.

SUPPORT

ISS Technical Support provides ongoing product support services under
license agreements. We believe that providing a high level of customer service
and technical support is necessary to achieve rapid product implementation,
which, in turn, is essential to customer satisfaction and continued license
sales and revenue growth. Accordingly, we are committed to recruiting and
maintaining a high-quality technical support team. A team of dedicated certified
engineers trained to answer questions on the usage of our products provides
telephone and email support worldwide, 24 hours a day, seven days a week
(including holidays), from our corporate office in Atlanta. Customers in Asia
can also contact ISS Technical Support in the Philippines or Tokyo during local
business hours. The ISS Technical Support Team located in Mountain View,
California provides email support to our consumer customer base. In the United
States and internationally, our resellers and distributors provide telephone
support to their customers with additional technical assistance from us. For our
managed services security solutions, customer support is available for several
offerings up to 24 hours a day, seven days a week. Technical support is offered
via phone, email or secure Web form and includes access to an online knowledge
base as well as direct contact with qualified support personnel.

X-FORCE EDUCATION SERVICES

Internet Security Systems' X-Force Education Services division provides
hands-on, real-world security management courses that empower the IT staff of
our clients to take control of their information security. Our courses are based
on ISS' best-of-breed security protection solutions, critical security topics
and real-world experience, preparing our customers for the security tasks that
they will face.

Our experienced instructors offer educational programs for security
professionals worldwide. By developing and maintaining internal staff knowledge,
organizations can maximize the return on their security investments. Classes are
delivered at our Atlanta corporate training center, regional offices around the
world, authorized training centers, and client sites.
 

Security Software Companies in the Directory

Check Point Software Technologies

Computer Associates

Cyberguard

Internet Security Systems

McAfee

NetIQ

Secure Computing

Symantec

Trend Micro