Symantec Penetration Assessment of Remote Support Appliance

Summary: NetworkStreaming’s remote support appliance passes detailed Symantec security audit with flying colors

RIDGELAND, Miss. - October 24, 2005 - NetworkStreaming, a leading provider of appliance-based remote support software, further demonstrated its commitment to providing best-in-class solutions for customers by announcing results from a recent penetration assessment from Symantec. NetworkStreaming's SupportDesk^TM offers enterprise users a remote help desk support solution that fits within an existing secure infrastructure and meets requirements for corporate governance. The results of Symantec's assessment offers testament to SupportDesk's^TM security features and highlight another advantage that SupportDesk^TM offers to enterprise organizations seeking a better way to provide help desk support.

SupportDesk^TM was designed from the beginning with security as a chief focus, making it the only solution suitable for integrating into an enterprise's existing security infrastructure. Key security features built into the SupportDesk^TM product include:

* Appliance-based Delivery: Running the software on an appliance ensures that sensitive company information is only routed through internal servers, thereby keeping the organization in compliance with Sarbanes Oxley and HIPAA requirements.
* Authorization Controls: Control privileges allow administrators to assign levels of accessibility based on the support professionals background and expertise. For example, the administrator can grant full access to himself and partial - or read only - access to the other members of the support team.
* End-User Override: The end-user always retains overriding control over the support session. This means that if there is sensitive information on a user's screen that might be visible to the support personnel, the user can immediately end the session.
* Logging and Auditing: The appliance retains a log of each support session so that the organization can keep a file of information that may have been transferred or accessed. This again, ensures the organization remains in compliance with corporate governance legislation.

"Security breaches are a constant threat in today's enterprises - and these organizations are spending millions to ensure that data is secure and that compliance standards are met," said Joel Bomgar, CEO and founder of NetworkStreaming. "As an emerging vendor selling to this audience, we understand that we need to provide our customers with a solution that not only meets their remote support needs, but also remains in line with their existing security practices."

To further ensure the security of its remote support software, NetworkStreaming employed Symantec to conduct a penetration assessment of its product. Symantec's assessment is designed to provide insight into methods of attack against a specific product or suite of applications and present a reasonable example of what could result from potential attacks. While it is not intended to provide a comprehensive security evaluation, the assessment concentrates on modeling specific attack scenarios, identifying vulnerabilities and validating exploitation possibilities. Symantec's test of NetworkStreaming's Remote Support Appliance and SupportDesk^TM found the products to be designed and implemented with security best practices in mind.

During the assessment, Symantec identified aspects of NetworkStreaming's security architecture that offer protection against a variety of threats that exist within this type of application architecture.

* Attempts to bypass the security structures of the system were rejected - users could not connect to remote computers without permission or access product features to which the administrator had not granted authorization.
* All data was SSL encrypted and allowed for users to add their own security certificates if additional protection is desired. Untrusted certificates caused the session to terminate, protecting against attack from outside hackers.
* The remote user could only choose to grant view-only or full control or discontinue the software installation; at any time, he or she can regain control of the computer and terminate the session. Once the SupportDesk^TM session was terminated, the software automatically uninstalled from the remote pc, preventing the support representative from regaining control unless the customer reinstalls the small download.

Symantec issued a whitepaper detailing the findings from its penetration assessment of NetworkStreaming's SupportDesk^TM. The whitepaper is available for download from NetworkStreaming's Web site at www.bomgar.com/symantec.htm Additionally, it can be requested by sending an email to NetworkStreaming@lpp.com.

For information on NetworkStreaming's remote desktop support appliance, go to http://www.bomgar.com.

Bomgar is the worldwide leader in secure, appliance-based remote support. The company’s award winning solutions enable organizations to improve IT support efficiency by securely accessing and managing virtually any system – Mac, Linux, BlackBerry and Windows Mobile smartphones plus all versions of Windows. Over 5,000 leading companies around the world have deployed Bomgar’s enterprise-class solutions to transform their IT support functions and significantly improve operational efficiency and customer satisfaction while dramatically reducing costs. Bomgar is a privately-held company headquartered in Ridgeland, Mississippi with offices in Atlanta, San Francisco, Washington DC, Paris and London. In 2009, Bomgar was named one of the 500 fastest-growing companies in the US by Inc. Magazine.

BOMGAR Contacts: