[LINK] McAfee update problem

Steven Clark steven.clark at internode.on.net
Sun Apr 25 15:00:01 AEST 2010


On 24/04/2010 10:27 AM, Scott Howard wrote:
> On Fri, Apr 23, 2010 at 5:37 PM, Stilgherrian
> <stil at stilgherrian.com>
> wrote:
>
>> On 24/04/2010, at 10:08 AM, Jan Whitaker wrote:
>>> What "labs"?
>>
>> Any halfway decent enterprise (in the sense of "very large
>> business") will, or at least should, already have a test
>> environment for doing QA on its own internal applications before
>> rolling out changes throughout the organisation. The "lab" may be
>> nothing more than a PC or two set up with the organisation's
>> standard operating environment and a list of quick tests to do.
>>
>
> Find me an enterprise that isn't doing automatic AV updates in
> (basically) real-time from when they are released by the AV
> manufacturer, and I'll show you a company that spends significant
> time cleaning up infected systems...

updating signatures is a different thing to changing the underlying
software.

> Whilst what you're saying is definitely true for new
> applications/etc, it's simply not feasible nor cost effective for
> companies to test each and every new anti-virus signature file
> released by their AV provider.

it's not the signature files, but the *software* upgrades that need
testing. and they do come separately. the first updates the database of
'known' problematic 'signatures', the second changes the software doing
the scanning and so on. and very definitely ought to be tested before
large-scale roll-out.

-- 
Steven R Clark




More information about the Link mailing list