Qualys First to Provide Real-Time Vulnerability Assessment for Check Point Firewalls

Redwood City, CA — March 25, 2002 — Qualys™, Inc., the leader in the emerging category of Managed Vulnerability Assessment, today announced that it has achieved OPSEC® certification from Check Point Software Technologies Ltd. [NASDAQ: CHKP], the worldwide leader in securing the Internet. Through OPSEC certification, QualysGuard™ for Check Point provides Managed Vulnerability Assessment to seamlessly integrate with Check Point’s VPN-1®/FireWall-1® Internet security platform, offering customers automatic and continuous monitoring for vulnerabilities inadvertently introduced during enforcement point policy changes.

As the gatekeeper between corporate data assets and the external world, firewalls are the critical line of defense against network intruders. Leveraging the OPSEC framework, QualysGuard for Check Point proactively scans and analyzes newly deployed policy changes in FireWall-1 and provides near-instant feedback on the impact of enforcement point changes to the security of the rest of the network. Administrators are notified with concise, graphical HTML-based QualysGuard reports via email and Check Point Management Console log events, so they can assess, identify, fix, and verify elimination of vulnerabilities.

“QualysGuard for Check Point is an excellent service that automatically identifies security exposures as they are created,” stated David Thomas, Security Practice Manager of VeriSign, Inc. “With QualysGuard, our security consultants have instant feedback when firewall policies are updated, so they can monitor, analyze, and repair vulnerabilities.”

QualysGuard, Qualys’ advanced Web-based Managed Vulnerability Assessment platform, fundamentally changes the way network security operates, enabling businesses to proactively protect their corporate data assets by automatically monitoring their networks with a Web-based service. Companies of all sizes —from enterprise to small business— can protect their network resources, while at the same time radically decreasing the costs to assess, identify, fix, and verify elimination of vulnerabilities.

“Vulnerability and risk assessment services are a key component of an end-to-end security solution. We are pleased that the QualysGuard for Check Point service has achieved OPSEC certification for its seamless integration with our management console,” said Upesh Patel, OPSEC Alliance Manager. “With enterprises facing increasingly complex Internet security threats, the QualysGuard for Check Point platform serves as proactive protection against vulnerabilities, maintaining the highest level of security throughout the network.”

“Qualys’ certification in the new OPSEC Security Assessment initiative reinforces the necessity for proactive Managed Vulnerability Assessment for businesses of every size,” said Philippe Courtot, Chairman and CEO of Qualys. “QualysGuard for Check Point provides customers with real-time network perimeter scanning and a comprehensive understanding of their exposed risks.”

The QualysGuard for Check Point Plug-In integrates with the Check Point Enterprise Management Console, easing administration while maximizing performance and security. FireWall-1 policy changes are monitored through OPSEC interfaces to automatically trigger a QualysGuard audit that determines the effects of the policy changes. Installed on a standalone server or on the management console, the QualysGuard for Check Point Plug-In operates with the full range of Check Point Management Solutions for small businesses, enterprises, and MSP-Class Provider-1 operations.

The QualysGuard Firewall Policy Analysis Process evaluates practical implications of a firewall policy change —such as the exposure of a new host or application— producing a trend analysis for each scanned IP address by vulnerability, status, severity and category. The firewall administrator receives an email notification with a link to a complete set of HTML graphical reports with a risk score and a comprehensive report covering vulnerabilities to over 300 applications on more than 20 different platforms.

For more information on Qualys and Check Point, please visit http://www.checkpoint.com/opsec/partners/qualys.html

About Check Point’s OPSEC

OPSEC (Open Platform for Security) is the industry’s open, multi-vendor security framework. With over 300 partners, OPSEC guarantees customers the broadest choice of best-of-breed integrated applications and deployment platforms that support Check Point’s Secure Virtual Network Architecture. Products that carry the OPSEC Certified seal have been tested to guarantee integration and interoperability.

About Qualys

With more than 2,000 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to strengthen the security of their networks effectively, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys’ on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organisations. Hundreds of large companies have deployed Qualys on a global scale, including AXA, DuPont, Hershey Foods, ICI Ltd, Novartis, Sodexho, Standard Chartered Bank and many others. Qualys is headquartered in Redwood City, California, with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit www.qualys.com.

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Tami Casey
Qualys
media@qualys.com