Symantec Products Earn Common Criteria EAL2+ Certification

CUPERTINO, Calif. – July 2008 – Symantec Corp. (Nasdaq: SYMC), today announced that Symantec Endpoint Protection 11.0 and Symantec Network Access Control 11.0 have been awarded Common Criteria Evaluation Assurance Level 2 augmented with ALC_FLR.2 and AVA_MSU.1 (EAL2+) certification. This certification assures customers that Symantec Endpoint Protection and Symantec Network Access Control have gone through a rigorous analysis and testing process and conforms to standards sanctioned by the International Standards Organization. Common Criteria is an important worldwide evaluation standard for security products as its certifications are recognized in 25 countries around the world.

Based on the recent certification, Symantec Endpoint Protection is conformant to the U.S. Government Protection Profile for Anti-Virus Applications for Workstations in Basic Robustness Environments, Version 1.1, April 4, 2006. For more information about Symantec’s Common Criteria certifications, visit: http://www.cse-cst.gc.ca/services/common-criteria/trusted-products-e.html.

"This certification further validates the ability of Symantec Endpoint Protection and Symantec Network Access Control to protect any organization,” said Brad Kingsbury, senior vice president Endpoint Security and Management, Symantec Corp. “Recognizing that the Federal government is a leading proponent of Common Criteria certification, Symantec is well positioned to continue providing customers in the Department of Defense and civilian federal agencies with endpoint protection technology that meets stringent EAL2+ certification.”

Symantec Endpoint Protection combines Symantec AntiVirus with advanced threat prevention to deliver defense against malware for laptops, desktops and servers. It provides protection against sophisticated attacks that evade traditional security measures, such as rootkits, zero-day attacks and mutating spyware. Symantec Network Access Control securely controls access to corporate networks, enforces endpoint security policy and easily integrates with existing network infrastructures.

Communications Security Establishment Canada (CSEC) participates in the international Common Criteria Recognition Arrangement (CCRA) on Canada’s behalf and sets the standards for the Canadian certification process. Upon successful completion of the certification process, a product’s Security Target and Certification Report and its Certificate of Product Evaluation are posted on CSEC’s Internet site at: http://www.cse-cst.gc.ca/services/common-criteria/common-criteria-e.html.