Intoto Inc. receives ICSA Labs IPSec 1.1 certification

Santa Clara, CA - November 20, 2002: Intoto Inc., a leader in providing embedded security software to equipment manufacturers, today announced certification of its iGateway VPN solution under the ICSA lab's IPSec 1.1 certification criteria. iGateway VPN is a full featured VPN software for communication gateways supporting IKE, IPSec, RSA signatures and advanced features as NAT traversal, AES and nested tunnels.

Intoto Inc., a leading provider of secured gateway solutions, has always been among the first few vendors to achieve ICSA Lab's continuously evolving certifications. This certification ensures that Intoto's iGateway VPN software is completely interoperable with products from more than 20 vendors that have been certified by ICSA Labs with IPSec 1.0b version of the certification criteria and supports additional features as required by the IPSec 1.1 certification criteria.

"ICSA Lab's IPSec 1.1 Certification Testing Program is a comprehensive multi-vendor interoperability testing milestone using digital certificate handling," said George Japak, vice president at ICSA Labs. "Intoto has been consistently involved with ICSA for its Firewall as well as VPN certification programs and we are pleased that Intoto is one of the first vendors to qualify in the ICSA Labs IPSec 1.1 certification program."

Intoto's iGateway software suite provides equipment manufacturers accelerated time to market as well as ensures highest level of interoperability with leading vendor's products.
The iGateway solution is a fully integrated network security software platform with NAT, Stateful inspection Firewall, and Virtual Private Networking (IPSec, IKE, and PKI), with provisioning, remote management, logging, and configuration capabilities for SOHO, SME and PE market.

"Intoto is very excited to be the only software vendor to achieve ICSA IPSec 1.1 certification," said Sathyan Iyengar, President & CEO at Intoto Inc. "ICSA is an independent authority on Internet Security trusted worldwide, its certification not only brings an added level of confidence to our customers, but it validates our implementation and the depth of our security solution."

ICSA Labs' IPSec 1.1 testing criteria represent the most thorough and stringent certification process to date. The certification process requires that the product meets all Version 1.0b criteria that include support for ESP-NULL, mismatched SA lifetimes, IP fragmentation handling and replay protection. In addition, the product must also meet requirements for certificate based VPNs supporting certificate request, retrieval and revocation. The certification process requires that products accomplish secure certificate enrollment and loading using PKCS#10/7, SCEP, or CMP. Certificate revocation list retrieval via LDAP or HTTP, and proper peer certificate validation. The criteria also require products to employ strong 3DES encryption SHA-1 authentication algorithm and Perfect Forward Secrecy. Other companies with the certified IPSec products are Netscreen Technologies, Inc. (Nasdaq: NSCN), Nortel Networks (NYSE/TSX: NT) and Secure Computing Corporation (Nasdaq: SCUR).

For more information on ICSA Labs IPSec 1.1 Certified Products and lab notes, visit http://www.icsalabs.com/html/communities/ipsec/certification/certified_products/1.1index.shtml

About Intoto Inc.
Intoto Inc. is a provider of secure embedded gateway infrastructure software to equipment manufacturers and processor vendors in the communications gateway market. Intoto offers iGateway™ product platform, a fully integrated comprehensive embedded gateway software platform. Intoto's licensing-based business model allows equipment manufacturers to create and rapidly deploy fully validated, reliable gateway equipment. Equipment manufacturers licensed Intoto software, successfully reduced development costs and re-used the modular software across multiple products to maximize returns. Founded in 1998, Intoto Inc. is headquartered in the heart of Silicon Valley in Santa Clara, CA USA. More information about Intoto, Inc. is available from its Web site at http://www.intotoinc.com.

About ICSA Labs
ICSA Labs, an independent division of TruSecure Corporation, offers vendor-agnostic testing and certification of security products. Hundreds of the world's top security vendors submit their products for testing and certification at ICSA Labs. The end-users of security technologies rely on ICSA Labs to authoritatively set and apply objective testing and certification criteria for measuring product compliance and reliability. The organization tests 95% of products in key technology categories such as anti-virus, IPSec, VPN, firewall, PC firewall, cryptography, intrusion detection and content security. For more information about ICSA Labs, please visit http://www.icsalabs.com/