Nominum Helps ISPs Deliver Safe and Secure Internet without Privacy Concerns

New Products and Architecture Provide Complete Coverage from Web-Based Malware, Phishing, Illegal and Inappropriate Content, E-Mail Spam, and DNS Attacks

October 15, 2008 — Nominum, the leading provider of network naming and addressing technologies, today announced enhancements to its Vantio caching DNS platform, two new products, and the new Trusted Response and Universal Enforcement (TRUETM) architecture that leverage the ubiquity, scale and performance of Nominum’s technology that currently serves 150 million broadband households. Together, the new products and architecture offer real time protection for all broadband users and devices against a wide range of Internet threats and malicious, illegal and inappropriate content.

Nominum’s TRUE architecture and new products offer the following advantages:

New revenues through paid subscriber services
Reduce cost of helpdesk calls from users victimized by Internet threats
Network-wide protection (all users, devices and applications)
No impact to users, browsers and applications
No privacy issues unlike intrusive approaches
Hundred times better price / performance of alternatives
No network re-architecture and no new hardware
Scales up to a billion malicious Internet destinations
Supports multiple threat data sources (best-of-breed)

“The browsing public, policy makers and industry watchdogs are all demanding greater safety and security while using the Internet,” said Tom Tovar, CEO of Nominum. “With Nominum’s new offerings, service providers are now uniquely positioned to meet the demand for a trusted Internet experience with technically effective and operationally efficient solutions that don’t compromise user privacy or network performance.”

Comprehensive Architecture for a Trusted Internet Experience
Nominum’s TRUE architecture is an ideal launch point for service providers to maximize user protection without impacting privacy. The following Vantio enhancements and new products are the first in a series to utilize the new TRUE architecture:

Vantio Base Server is an advanced caching DNS platform that now features a modular design for on-demand addition of new services. Vantio offers the most advanced DNS security, including protection against the Kaminsky cache poisoning attack.

Vantio MDR (Malicious Domain Redirection) Service Delivery Module is a new add-on software module for the Vantio Base Server with real-time enforcement of threat data and security policies to safe guard Internet interactions. It acts as a self-learning enforcement point in the network and redirects user requests for malicious destinations to a helpful provider-managed notification page.

Centris Server is a new threat aggregation and provisioning platform capable of tracking up to a billion malicious Internet destinations. It complements the Vantio MDR module by synchronizing with a wide range of threat information feeds in real-time and making the data instantaneously available to MDR enforcement nodes.

“Nominum addressed DNS security with layered defenses against the Kaminsky and other vulnerabilities, and is now leveraging its secure DNS foundation to enable a safer and trusted Internet experience,” said Dr. Paul Mockapetris, Chairman and Chief Scientist at Nominum and inventor of the DNS. “Nominum allows service providers to protect users with reputation information that doesn’t invade user privacy and meets or exceeds legal mandates.”

The new products and the TRUE architecture achieve complete coverage of threats to the network and Internet user, and maximize effectiveness across the entire broadband subscriber footprint, including new Internet-aware devices such as mobile phones. They provide real-time protection from all forms of web-based malware, phishing, illegal or inappropriate content, and e-mail spam. Likewise, Nominum’s Vantio provides four layers of protection against all forms of DNS attacks, including the Kaminsky cache poisoning attack, DoS and DDoS, and Birthday attacks.

“DNS-based services present a variety of valuable benefits to service providers as well as end-users, encompassing things such as security, revenue generation and customer satisfaction,” said David Vorhaus, analyst David Vorhaus, associate analyst in Yankee Group’s Enabling Technologies Service Provider group. “Additionally, as government agencies and industry watchdogs pressure service providers to ensure security while safeguarding privacy, DNS redirection is an indispensable tool.”

Pricing and Availability
All products are software only, generally available and may be purchased separately. Pricing is configuration dependent.

About Nominum
Nominum’s network naming and addressing solutions power IP networks of all sizes globally, from the largest carrier broadband network to enterprises, universities and government agencies. Nominum’s Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) products lead the industry in security, performance, and reliability. They are the foundation of the always-on broadband Internet, supporting 150 million households connected by more than one hundred carriers in every region – North America, Europe, Asia-Pacific, and Latin America. Large businesses, educational institutions and governmental networks also depend on Nominum to support mission-critical IP services and applications. For more information, visit www.nominum.com. (Click here for a partial list of Nominum’s key customers).

Background and Additional Information
Broadband users face growing risks in every Internet interaction, including browsing, email, e-commerce and entertainment. These threats erode consumer trust and degrade the online experience. Do-it-yourself security solutions impose the burden on consumers, and suffer from limited protection and poor adoption in the face of now-organic, accelerating threats. Worse, they only cover legacy PCs and leave new and emerging devices in the home such as IP-enabled game consoles, set top boxes, and mobile devices, including Wi-Fi phones vulnerable.

The scope and seriousness of this problem is forcing action by policy makers and law enforcement agencies. Many European governments have mandated ISPs to block malicious and illegal content, and US law enforcement agencies are drafting service providers to voluntarily – at least so far – prevent access to offensive content such as child sexual abuse content. A recent report by the Federal Trade Commission (FTC) titled “Roundtable Discussion on Phishing Education”[1] highlights a critical role for ISPs in preventing phishing scams. Amidst all these actions, there is pressure on service providers to comprehensively address the entire “web” of threats, and not just isolated applications and users.

The TRUE architecture provides a step-by-step framework for deploying and taking advantage of the new products. Vantio Base Server is a foundational element, offering superior DNS performance, availability, and advanced security. Adding MDR brings real time enforcement that prevents access to malicious, illegal and inappropriate content for all broadband households. Centris server aggregates massive threat data from multiple Internet sources and propagates to the points of enforcement. Vantio, MDR and Centris are the first in a series of products to utilize the TRUE architecture.

Nominum Contact:
Bruce Van Nice
Nominum
+1.650.381.6308
bruce.vannice {at} nominum(.)com

Media Contact:
Tom Herbst
Tom Herbst PR
+44 (0)7768 145571
tom {at} tomherbstpr.co(.)uk

[1] “Round Table Discussion on Phishing Education” Federal Trade Commission, July 2008, http://www.ftc.gov/os/2008/07/080714phishingroundtable.pdf.