NSS Labs Awards First Product Report on Compliance for PCI to IBM's Unified Threat Management Solution

SAN DIEGO, CA--(Marketwire - April 10, 2008) - NSS Labs, a world leader in independent security product testing and certification, today announced it has given IBM's unified threat management (UTM) product its highly regarded "Approved" rating in its first Product Report on Compliance for PCI.

The global technology provider's Proventia® MX3006 was determined to be appropriate for perimeter and retail storefront environments where there are no hosted services available to external users.

The NSS Labs Product Report on Compliance for PCI is the only one of its kind specifically designed to assist information security and risk professionals in selecting products to address the compliance requirements of the PCI Data Security Standard (DSS). This NSS Labs report provides readers with empirically validated evidence about a product's suitability for use in a payment card network, including:

--  Fulfillment of specific PCI DSS v1.1 requirements, including logging
    and reporting
    
--  Recommended Configuration Details for PCI network deployment
    
--  Security Effectiveness
    
--  Appropriate Usage Recommendations
    
--  Product Stability and Reliability
    

"In our lab evaluations, we found the MX3006 successfully met or supported a broad range of PCI DSS requirements," said Vik Phatak, Chairman and CEO of NSS Labs. "IBM's UTM solution demonstrated excellent security effectiveness coverage, and achieved a sustained throughput level of 136Mbps with the Firewall, IPS and Web-filtering systems enabled. When Antivirus was also enabled, the MX3006 exhibited a sustained throughput level of 90Mbps."

The full report discussing the product's strengths and weaknesses can be viewed at www.NSSLabs.com/pci/ibm.

The NSS Labs Product Report on Compliance for PCI (UTM) evaluates the abilities of a UTM product to serve as a multifunction security gateway that encompasses the following functionality:

--  Firewall
    
--  Virtual Private Network
    
--  Intrusion Prevention System
    
--  Antivirus
    

"Merchants, service providers and auditors are facing significant challenges in determining whether or not particular solutions will satisfy PCI network requirements. A component of IBM's end-to-end solution for PCI compliance, the IBM Proventia Network Multi-Function Security unified threat management solution alone helps address 10 of the 12 PCI security requirements in a single product," said Matthew Ward, Business Line Leader, Proventia Multifunction Appliances, IBM ISS. "NSS Labs' independent, scientifically based findings give the marketplace assurance that our solutions are not only appropriate for safeguarding payment card data, but ideal for their environments."

About NSS Labs

Founded in 1991, NSS Labs is the globally recognized leader in independent security and performance testing and certification. NSS Labs performs the most comprehensive, high-performance security validation in the industry. Our proven methodologies reflect real-world traffic and usage conditions, helping information security professionals understand how products will work in their environments. NSS Labs is a participating organization in the PCI Security Standards Council, and is solely responsible for its test criteria, methodologies and reports. Clients include brand names like IBM, Cisco, Juniper Networks, SourceFire, McAfee, Fortinet, Radware, and Third Brigade. For more information, visit: www.nsslabs.com.

Contact Information: Contact: David Oates david@stalwartcom.com 858.750.5560