New iPass Dynamic Device Identification Service Helps Ensure Trusted Connections to Corporate Networks

New iPass Dynamic Device Identification Service Helps Ensure Trusted Connections to Corporate Networks

New DeviceID(TM) Service Enables IT Departments to Restrict VPN Access Solely to Corporate-Authorized Devices

REDWOOD SHORES, Calif., Dec. 15 /PRNewswire-FirstCall/ -- iPass Inc. (NASDAQ:IPAS) today announced the availability of DeviceID(TM), a new security service that helps IT managers create and enforce access policies that ensure that only known and trusted computers are granted access to the corporate network. Based on technology from Safe3W, the company iPass acquired in September of this year, DeviceID uses patent-protected dynamic device "fingerprinting" technology to identify and authenticate a computer requesting access to the corporate network via a virtual private network (VPN). The new service adds a device-oriented factor to the authentication process, helping enterprises guard against deceptive practices that can compromise a corporate network such as password theft, identity spoofing and replay attacks.

"Strong authentication is required to give assurance that only authorized devices are able to connect to corporate networks and that these are in the hands of known and legitimate users," according to a November 2004 Gartner Group research note by Roberta Cozza, Brian Gammage and John Girard entitled, Update Your Security Practices to Protect Notebook PCs. Together with other steps that companies should take in protecting their notebook PCs, Gartner encourages IT departments to "Use a combination of remote certificates and device 'fingerprinting' to determine whether a user is connecting from a known and secured, managed company device, from a registered and known personal device or from an unrecognized third-party device.

"DeviceID helps IT departments establish the trustworthiness of endpoint devices. By adding device-based authentication, the IT department can apply tighter access controls and enforce compliance with endpoint security policies across network connections. Device-based policy management enables better control of network access from mobile users by using a combination of two criteria: who they are and which device they are using. For example, IT can define an employee's home PC as "less trusted" than a corporate-issued notebook as well as denying access to unidentifiable devices. These policies can also be tied to group policies for more fine-grained control.

"Our Global 2000 customers consistently tell us that their remote and mobile devices are a large and growing threat to their IT security. DeviceID can give the IT department additional peace of mind from knowing only trusted computers are accessing sensitive data over the corporate network," said Jon Russo, vice president of marketing at iPass. "This new security capability is just another example of iPass' commitment to helping our customers protect and maintain the integrity of corporate networks across a distributed workforce."

DeviceID benefits include:

-- Closed-Loop Strong Authentication for VPN Access: One-click
integration with top VPN products offers a closed loop of secure access
by linking successful VPN establishment with a combination of both an
authenticated user and trusted device.
-- Spoof-Resistance: Through Dynamic Machine interrogation, DeviceID
identifies machines by checking different hardware attributes for each
authentication request. Because the set of attributes checked changes
with every interrogation and the process does not require a certificate
to be stored on the device, it mitigates the risks of replay attacks,
reverse engineering and spoofing.
-- Transparency to Users: DeviceID does not add any steps to the user's
login process.
-- Easy to Deploy: No additional expensive hardware or complex
software-based solutions required. For existing iPass customers,
DeviceID can be integrated into the iPassConnect(TM) universal client.
-- Real-Time Visibility and Robust Reporting: The DeviceID system
includes a powerful real-time reporting system allowing IT visibility
into who is logged in at any given time. In addition, administrators
can run reports by User, Machine, Transaction Type and Status.



DeviceID is expected to add another valuable layer of protection, strengthening enterprise security while maintaining mobile workforce productivity. The iPass platform already incorporates password encryption, SSL tunneling, VPN integration, digital certificates and policy enforcement capabilities to protect end -users' identities, endpoint integrity and corporate data.

DeviceID is available today from iPass and iPass Solution Partners. It may be purchased as an integrated option to the iPass Corporate Access global connectivity service or as a stand-alone service.

About iPass

iPass Inc. delivers simple, secure and manageable enterprise mobility services, maximizing the productivity of workers as they move between office, home and remote locations. iPass security services -- based on unique Policy Orchestration capabilities -- work to close the gaps in protecting computers, network assets, user identities and data whenever users connect over the Internet. iPass connectivity services utilize the iPass global virtual network, a unified network of hundreds of dial-up, wireless and broadband providers in over 150 countries. iPass services are the choice of hundreds of Global 2000 corporations including General Motors, John Deere and Hershey Foods. Founded in 1996, iPass is headquartered in Redwood Shores, Calif., with offices throughout North America, Europe and Asia Pacific. For more information visit www.ipass.com.

More information about the iPass acquisition of Safe3W is available online at: http://www.ipass.com/company/company_safe3w.html .

NOTE: iPass is a registered trademark of iPass Inc., and DeviceID and iPassConnect are trademarks of iPass, Inc.

The statements in this press release relating to the benefits iPass expects it and its customers will obtain from DeviceID are forward-looking statements that are subject to risks and uncertainties that could cause results to be materially different than expectations. Such risks and uncertainties include, but are not limited to: the risk that security breaches may still occur despite the use of this device fingerprinting technology by innovative hackers that develop new methods of avoiding security software. Further information on potential factors that could affect the financial results of iPass are included in the Company's Quarterly Report on Form 10-Q under the caption "Risk Factors" in "Management's Discussion and Analysis of Financial Conditions and Results of Operations," filed with the Securities and Exchange Commission (the "SEC") on August 16, 2004 and available at the SEC's website at www.sec.gov. iPass assumes no obligations to update the information in this press release.

Contact: John Sidline of iPass Public Relations, +1-650-232-4112, or jsidline@ipass.com; or Melissa Burns of The Hoffman Agency, +1-916-683-9068, or mburns@hoffman.com, for iPass.


Source: iPass Inc.

CONTACT: John Sidline of iPass Public Relations, +1-650-232-4112, or
jsidline@ipass.com; or Melissa Burns of The Hoffman Agency, +1-916-683-9068,
or mburns@hoffman.com, for iPass

Web site: http://www.ipass.com/


-------
Profile: intent