Stay informed. Sign up to receive the “Intelligent Control Informer.”

Press Release [PDF]

CONSENTRY NETWORKS ANNOUNCES PAYMENT CARD INDUSTRY (PCI)-COMPLIANCE INITIATIVE & PARTNER PROGRAM

Establishes Broad-based Partnership with Leading

Milpitas, CA –November 7, 2005 – ConSentry Networks, a leading provider of secure networking solutions for LANs, today announced a new regulatory compliance initiative and partner program targeting customers that must comply with the Payment Card Industry (PCI) Data Security Standard, a set of security requirements outlined for merchants and service providers that store, process or transmit cardholder data.   As part of this program, the company also announced a partnership with Atlanta-based Vigilar, a leading information security consulting organization with a broad set of regulatory compliance, risk assessment, security audit and managed services expertise and an established authority on PCI-compliance.

The PCI standard is comprised of twelve key requirements that include building and maintaining secure networks and implementing strong access control measures to protect cardholder data.  While the standard specifically recommends installing and maintaining a firewall configuration for internal segmentation, these management-intensive devices typically reside on the perimeter of the network where network connection speeds are low. Compared to a ConSentry solution that is custom-built for LAN deployments, “internal” firewalls used to protect LAN-based cardholder data carry significantly higher costs, deliver sub-par performance in high-speed, latency-sensitive LAN environments, and increased management complexity due to an ongoing need to configure access control lists (ACLs),

“ConSentry’s PCI-compliance solution doesn’t require additional or specialized staff to configure and manage its Secure LAN Controller, which is a ‘snap-in’ network device that integrates with existing identity-management systems,” said Palaniswamy (Raj) Rajan, Vigilar’s President and CEO.  “Customers want a highly integrated PCI solution, especially when it comes to implementing airtight access enforcement and network segmentation technologies to comply with the PCI standard.  ConSentry delivers a unique network access and identity-based networking control approach that addresses PCI compliance.”

As of June 30, 2005, MasterCard and VISA require all online merchants processing over $125,000 a month in credit card transactions, or more than 20,000 credit card transactions per year, to complete a quarterly network scan and annual compliance audit.  All merchants and service providers with external-facing IP addresses that meet these guidelines must comply.  ConSentry’s Secure LAN Controller (SLC) provides a PCI-compliance solution that addresses many of the PCI Data Security Standard requirements pertaining to internal network segmentation.

As the industry’s first systems to provide full visibility into and control over the network admission and ongoing activity of users once they’ve been authenticated to access an enterprise LAN, ConSentry’s SLC enforces roles-based policies to thwart unauthorized access, especially to sensitive enterprise LAN resources like cardholder data.  This is one of the core access control requirements of the PCI standard.  In addition, the SLC can enforce a “white list” of approved hosts, networks and applications while denying all other traffic from “untrusted” sources.

To ensure only established connections are allowed into the network, the SLC tracks authorized application activity.  The SLC can also be configured to automatically block any application or database access on the network for a given user or user group that is not approved. For a comprehensive overview explaining how ConSentry supports PCI-compliance, see our PCI Compliance Solution Matrix

“The requirements to comply with the PCI Data Security Standard recently went into effect and there are thousands of customers that will benefit from the combined ConSentry offering and our partner Vigilar,” said Faizel Lakhani, vice president of marketing with ConSentry Networks.  “As a Compliant Security Vendor authorized by MasterCard International’s Site Data Protection [SDP] program, Vigilar provides unparalleled PCI auditing and technology assessment expertise.  By coupling their expertise with our secure LAN control and audit trail capabilities, we’re providing a formidable solution for the PCI compliance challenge.”

ConSentry and Vigilar will collaborate on a series of PCI-compliance seminars, the first of which is scheduled on November 16 at 11:00 a.m. EST, and will feature Andre Gold, Director of Information Security of Continental Airlines, discussing his company’s PCI compliance strategy.  Sign up at: www.vigilar.com/event/consentry2/

About Vigilar

Since its inception in 2000, Vigilar, the leading information security consulting firm, has focused solely on establishing organization-wide optimal security postures for its clients. Vigilar’s security expertise is all-encompassing and includes regulatory compliance services, risk assessments, IT security audits, managed security services, security architecture design, product selection and delivery, implementation services, technical support, and IT and security training. Vigilar partners with more than 140 leading security technology innovators to meet the diverse needs of its client base, which numbers in the thousands and spans a broad range of industries. To learn more about Vigilar visit: www.vigilar.com

About ConSentry Networks

ConSentry Networks secures enterprise LANs with a purpose-built system that preserves data integrity, ensures network availability and supports regulatory compliance at disruptive price/performance levels. ConSentry’s solution leverages its breakthrough, patent-pending silicon architecture to continuously identify all LAN traffic and enforce user access to authorized resources and applications at wire-speed, in real-time. Backed by blue-chip venture capital firms that include Accel Partners, INVESCO Private Capital and Sequoia Capital, ConSentry is headquartered in Milpitas, California. For more information, visit the company’s web site at www.consentry.com.

ConSentry Networks, the ConSentry Networks logo and LANShield are trademarks of ConSentry Networks Inc., for use in the United States and other countries. All other product and company names herein may be trademarks of their respective holders.