Trustwave Receives NAC Patent

CHICAGO (December 1, 2009) " Trustwave, the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world, has received its sixth U.S. patent for its Network Access Control (NAC) technology. Trustwave NAC patent #11/329,786 was specifically issued for its ability to provide network-based detection of wireless endpoints.

Network Access Control technology helps prevent unknown or unauthorized endpoints " such as a laptop from a third-party vendor " from connecting to a network. These types of endpoints are primary vectors for the introduction of viruses and other malware onto corporate networks. Trustwave NAC can check an endpoint's security posture before allowing it to connect, and also governs each endpoint's behavior on the network once access is granted.

Trustwave's sixth NAC patent enables the detection and management of endpoints connected to wireless access points. Separation of wired and wireless endpoints is critical to managing access to a corporate network. Because a wireless endpoint's signal is not physically connected to a corporate network, an organization must search for it, typically by scanning radio waves, which is expensive and often produces unreliable results. Trustwave NAC communicates directly with endpoints and determines whether those endpoints are connected to the network via a cable or a radio.

Many, if not all, businesses today provide some form of wireless access, though few provide the same level of corporate access for wireless and wired endpoints. With Trustwave NAC, organizations have full visibility into every device connected to the wired and wireless networks. This capability provides organizations the ability to execute the appropriate network use policies and to deny access to endpoints that shouldn't be connecting.

This patented technology compliments Trustwave NAC's capability to detect rogue wireless access points and help businesses satisfy requirement 11.1of the Payment Card Industry Data Security Standard (PCI DSS) version 1.2, which states, "Test for the presences of wireless access points by using a wireless analyzer at least quarterly or deploying a wireless IDS/IPS to identify all wireless devices in use."

PCI DSS is the payment card industry security requirement for entities that process, transmit and/or store cardholder data, which has been endorsed by all the major card brands " Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB.

By controlling access to network resources and validating endpoint compliance, Trustwave NAC supports compliance with six of the 12 requirements of the PCI DSS including:

* Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters * Requirement 5: Use and regularly update anti-virus software of programs * Requirement 6: Develop and maintain secure systems and applications * Requirement 7: Restrict access to cardholder data by business need-to-know * Requirement 11: Regularly test security systems and processes * Requirement 12: Maintain a policy that addresses information security for employees and contractors

"Using Trustwave NAC to detect wireless endpoints significantly reduces the costs associated with maintaining security around wireless networks," says Robert J. McCullen, chairman and CEO of Trustwave. "With our patented NAC technology, we are helping businesses prevent attackers from using a wireless device to penetrate their network environment and gain access to critical systems to illegally harvest sensitive data."

About Trustwave Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper' compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com.