Symantec Expands SCADA Protection for Electric Utilities; Web Seminar Offers Advice on ICCP Signatures and Other Security Measures Required to Become NERC CIP Compliant

Symantec Corp. (Nasdaq:SYMC) today announced expandedsecurity protection aimed at helping electric utility companiesproactively detect and prevent malicious attacks against theinfrastructure of computers and applications -- known as SupervisoryControl and Data Acquisition (SCADA) networks utilizing theInter-control Center Communications Protocol (ICCP) protocol -- usedto run key U.S. utilities. This specialized SCADA security includesprotection against known and zero-day attacks, enabling utilitycompanies to more effectively meet the new security requirements ofNorth American Electric Reliability Council (NERC) CriticalInfrastructure Protection (CIP).

ICCP is the primary protocol used to communicate real-time data,schedule, and control command exchanges between the energy controlcenters that operate these SCADA networks and remote terminal units(RTUs) and substations. While it has been developed with built-insecurity, in today's interconnected environment additional securitymeasures are critical for enabling uninterrupted operations fortransmission, generation and independent service operators.

ICCP security signatures are available immediately for SymantecNetwork Security 7100 Series appliances offering real time intrusionprevention (IPS) and detection to proactively protect criticalenterprise assets, and are supported by Symantec Managed SecurityServices. These signatures were developed to address not just knownattacks, but also key vulnerability areas for optimal protectionagainst new and unknown exploits. Symantec Research Labs, thecompany's industry-leading research organization, crafted thesignatures using new techniques developed specifically for ICCP.

"Given that SCADA networks are the underlying infrastructure forworldwide power grids, it is vital that the integrity of these systemsremain intact," said Gary Sevounts, director of Symantec power andenergy industry strategies and solutions. "Beyond our extensiveinternal testing of these vulnerability signatures, we have alsosuccessfully run these signatures for over three months with no falsepositive triggers, further validating our development efforts. As aresult electric utility companies can rely on our ICCP signatureprotection as part of their effort to meet pending NERC CIP compliancerequirements, to mitigate the risk of potential service disruptions,process redirection, or manipulation of operational data that couldresult in public safety concerns."

The Symantec ICCP signatures were rigorously lab tested by theleading ICCP provider SISCO for three months, using live ICCP traffic,and produced no false positives. This testing also included a knownattack procedure, which had previously resulted in crashed systems,and the Symantec signatures correctly triggered against this knownattack. In addition, leading EMS vendor AREVA T&D tested live ICCPtraffic for two weeks and also detected no false positives. Thesetests indicate the Symantec solution accurately detects and preventsattacks, without producing false positives that could result inunnecessary control system downtime.

"Securing the SCADA infrastructure is of critical importance tothe energy industry," said Ralph Mackiewicz, vice president, sales andmarketing for SISCO, Inc. "The work of Symantec to develop ICCPsignatures for intrusion detection and protection is an important stepin improving the security environment for SCADA communications and isvery complimentary to SISCO's own efforts in securing ICCPcommunications. SISCO wholeheartedly supports the Symantec approachbased on real implementations of SCADA systems and protocols that arein actual use today and was very pleased to have been able to workwith industry leaders like Symantec and AREVA on this project."

Laurent Demortier, executive vice president of AREVA T&D, incharge of the automation business unit adds, "This collaboration helpsensure that customers using AREVA/Symantec security solutions get themaximum benefit from their security investment, with technology,integration, and services tailored to the unique needs of the criticalinfrastructure environment of electrical utilities."

NERC CIP Readiness Web Seminar

In an upcoming Web seminar, Symantec will conduct a readinessworkshop designed to help electric generation and transmissioncompanies, and independent system operators find a balance betweenoptimal NERC CIP compliance, and profitable, cost effectiveoperations. The Web seminar, titled "NERC CIP Readiness Workshop forElectric Utility Companies" will be held on Thursday, Sept. 15th, at1:00 p.m. EDT/10:00 a.m. PDT. Attendees can register athttp://ses.symantec.com/EC_EMAIL.

Ideal for IT operations, engineering professionals and managementresponsible for compliance, the seminar will address the following:

-- Pertinent details of NERC CIP

-- Tools to evaluate and assess the current level of NERC CIP compliance readiness

-- Tactics that can help companies cost-effectively comply with NERC CIP

-- Secure Inter-Control Center Communications Protocol (ICCP) connectivity as part of complying with NERC CIP

"Our most recent research indicates that security continues to beone of the top IT concerns in the energy industry," stated RickNicholson, vice president of research for Energy Insights, an IDCcompany. "With the recent passage of the Energy Policy Act of 2005,which includes provisions regarding electric transmission reliability,we expect spending on cyber security by US electric utilities toaccelerate during the next 2-3 years, especially as it relates toSCADA and other real-time systems. Within that context, the ICCPprotocol is one of most critical areas that must be addressed in termsof cyber security."

About Symantec ICCP Signature Support

Symantec offers ICCP signature capability as part of the SymantecNetwork Security appliance series, offering proactive networkintrusion prevention, and Symantec Managed Security Services,providing real-time threat analysis to meet compliance requirementswith minimal business impact. These signatures provide proactiveprotection on X.500, CMIP, CMIS, FTAM and Microsoft Exchange Serverprotocols.

About SISCO

SISCO (Systems Integration Specialists Company, Inc.) is aprivately held developer of standards-based real-time communicationsand integration software for energy utilities headquartered inSterling Heights, Michigan. SISCO is the world leader in theInter-control Center Communications Protocol (ICCP) with installationson 6 continents serving electric utilities, independent systemsoperators, gas pipeline operators, power generators, and originalequipment manufacturers supplying these customers.

About AREVA

With manufacturing facilities in over 40 countries and a salesnetwork in over 100, AREVA offers customers technological solutionsfor nuclear power generation and electricity transmission anddistribution. The group also provides interconnect systems to thetelecommunications, computer and automotive markets. These businessesengage AREVA's 70,000 employees in the 21st century's greatestchallenges: making energy and communication resources available toall, protecting the planet, and acting responsibly towards futuregenerations.

AREVA's T&D division is an active player around the globe. Itdesigns, manufactures and supplies a complete range of equipment,systems and services for all stages in the transfer of electricity,from the generator to the large end-user. For more information, go towww.areva-td.com.

About Symantec

Symantec is the world leader in providing solutions to helpindividuals and enterprises assure the security, availability, andintegrity of their information. Headquartered in Cupertino, Calif.,Symantec has operations in more than 40 countries. More information isavailable at www.symantec.com.

NOTE TO EDITORS: If you would like additional information onSymantec Corporation and its products, please view the Symantec PressCenter at http://www.symantec.com/PressCenter/ on Symantec's Web site.All prices noted are in US dollars and are valid only in the UnitedStates.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo aretrademarks or registered trademarks of Symantec Corporation or itsaffiliates in the United States and certain other countries.Additional company and product names may be trademarks or registeredtrademarks of the individual companies and are respectfullyacknowledged.