SUNNYVALE, Calif., August 21, 2002 - Blue Coat Systems, Inc. (NASDAQ: BCSI), a provider of Web security appliances, today announced the results of a Web security survey that highlights an alarming 64% of corporate environments are found to be unprotected from Web-based threats. Blue Coat Systems conducted the survey of IT professionals in conjunction with InfoWorld, Network Computing, and Silicon.de.

Based on responses from more than 800 survey participants, Blue Coat found the following:

• The majority of enterprise network traffic is now Web traffic — 76% of enterprises state that Web traffic has exceeded non-web traffic. This growth can be attributed to the growth in Web-enabled client-server applications and the increasing mission-critical nature of Web access.
• 64% of enterprises admit they have opened port 80 — In order for users to access Web-based applications like Instant Messenger programs, personal Web-based e-mail and streaming media, administrators must open port 80 on the firewall to allow Web content to flow to end-users. Many of these Web applications are considered "port-agile," often rolling over to port 80 when the application's native port is closed.
• Only half of enterprises believe they are handling the port 80 problem — Approximately 56% of IT professionals surveyed think they are adequately handling port 80 security, citing Web-based viruses, unproductive Web surfing and bandwidth-intensive content as the greatest dangers to their enterprise security infrastructure.

"The Web context is quickly becoming the preferred model for new and revamped legacy applications that are critical for users in everyday activities," said Eric Hemmendinger, research director for security and privacy at Aberdeen Group. "But this model is no longer sufficiently protected through the use of packet filtering routers or firewalls. The volume of unexpected and dangerous applets, microbes, content, and attacks that use port 80 as an expressway into the enterprise speaks to the problem that Blue Coat is solving for companies."

Blue Coat Systems has introduced the industry's first port 80 security appliance that safeguards the use of mission-critical enterprise Web applications. The Blue Coat SG800 product protects against security threats created by Web content freely traversing the open port 80. The product leverages its own unique high-performance platform, a specially designed Web Knowledge Framework, and advanced Policy Processing Engine to carefully and efficiently police Web transactions.

"The availability of port 80 is critical to the productivity of our organization, and we are pleased that Blue Coat Systems has introduced a solution that makes it possible to keep information flowing over port 80 while not compromising network security," said James Heyen, principal network analyst for the Phoenix-based Salt River Project, the areas largest supplier of electricity and water. "The Blue Coat Web Security Appliance enables greater enforcement of my content security policy without dragging down network performance."

"Port 80 is the last big 'open-door' in the enterprise security infrastructure, and securing Web content crossing port 80 has become paramount in locking down the enterprise security policy," said Charles Dauber, vice president of marketing for Blue Coat Systems. "Blue Coat is delivering the industry's first port 80 Web security appliance that empowers administrators with maximum content control and protection over Web traffic entering the enterprise through the firewall."

The port 80 Web security survey was conducted to analyze existing security infrastructures and evaluate the gravity of the Port 80 security problem. The survey was both posted on the InfoWorld and Network Computing Web sites, as well as sent to enterprise IT professionals in companies greater than 250 employees. Approximately 800 survey participants were asked a series of 11 questions about enterprise Web connectivity and security, ranging from topics like "firewall installation," to "perception of network vulnerabilities." All participants were anonymously polled for their feedback over the course of five business days with the survey concluding on August 7, 2002. More information on the Web security survey can be found at www.bluecoat.com.