F- Secure among first companies able to be certified under latest IPSec criteria

JSE-listed Y3K`s Information Security Division (Gas Software) the sole distributor for F-Secure Corporation (previously known as Data Fellows Finland) in Africa, today announced that F- Secure VPN+ is among the first products certified by ICSA.net for Version 1.0A of the Internet Protocol Security (IPSec). According to ICSA.net, only nine companies were able to meet all of the criteria in Version 1.0, let alone the additional requirements incorporated into Version 1.0A. Certification assures customers that F-Secure products meet stronger security standards based on industry-recognised standards.

F-Secure joins such leading companies as IBM, Lucent Technologies, and a handful of others in the first group of vendors with products certified by ICSA.net, the worldwide leader in security assurance services.

A software-only approach to virtual private networking, F- Secure VPN+ takes full advantage of the F-Secure Framework, which provides centralised, end-to-end, policy-based security management. This approach makes F-Secure VPN+ the only virtual private network (VPN) product on the market that is centrally managed and totally transparent to end-users and applications, while still providing end-to-end protection both inside and outside the corporate local area network (LAN).

In addition to securing wired VPNs for enterprises, F-Secure software is helping customers establish and secure their wireless corporate LANs. F-Secure VPN+ provides comprehensive end-to-end security by protecting every link in the corporate network chain - clients, servers, and gateways - and can be configured by the customer for corporate LANs that implement wireless technology. F-Secure has established an early stronghold in this market with VPN+ and, more recently, with its anti-virus software for WAP servers.

"This early certification for IPSec Version 1.0A reinforces F- Secure`s 10-year tenure as a technology leader for securing the distributed enterprise. Experience has shown that market acceptance accompanies such recognition, and we are pleased to join such an elite group of security pioneers", said Risto Siilasmaa, CEO of F-Secure Corporation.

Commenting on the new certification requirements, George Japak, vice president of ICSA Labs, said, "The criteria are significantly more stringent and address more IPSec features, resulting in the most robust IPSec interoperability testing to date. The continued growth in this technology is an important step in a process where secure electronic communications can be continuously improved."

IPSec Version 1.0A includes additional requirements for hashing, entity identification, ESP Null mode (authenticated but not encrypted), and more advanced testing of life times, packet fragmentation handling, replay protection, padding and perfect forward secrecy (PFS).

ICSA`s certification programs provide assurance that products reduce security risks consistent with a set of publicly vetted and industry-accepted criteria, and are upgraded frequently to keep up with both technology and risk changes.