Security Basics mailing list archives
Re: Anti-Virus Updates - How?
From: "Sandeep Cheema" <51l3n7 () live in>
Date: Mon, 13 Jul 2009 22:47:17 +0530
Testing the updates is not feasible for most of the organizations even if they can afford to. Luckily for us we haven't had one of those false positive or corrupt definitions from the vendor. We are using SAV 10.x and do have a testing environment but haven't really tested any of their definitions ever.
Testing them once in a while doesn't make any sense as well. If they have to be bad, it can be anytime not necessarily when you test them. I think you should open up a support case with the vendor and ask for an explanation on what went wrong with the last definitions, As far as I am aware they are supposed to provide an answer to that and the more the number of people, the more pressure on them.
Deploying the updates like once a week is too dangerous and not at all a good plan if you ask me. There are hundred of variants coming in everyday that sometimes they have to release definitions more than once for a day.
The correct approach should be the rollback technology to the previous definitions in case the current one's are bad. With Symantec, you can keep backdated definitions on the client machines for 3 revisions by default and can revert the clients from the console if required. This will take much less of the resources over the long run.
-------------------------------------------------- From: "Ian Bradshaw" <ian () ianbradshaw net> Sent: Friday, July 10, 2009 20:19 To: <security-basics () securityfocus com> Subject: Anti-Virus Updates - How?
Hi, Just wondering if anyone has a plan for deployment of AV updates? There have been a couple of AV updates that have trashed systems recently (one from CA and one from McAfee). Neither of these have affected me (fortunately) but we do have all oursystems set to update to the latest definitions - so guess it will happen atsome point. The problem is, in a small IT department (4 staff with ~5,000 pcs/laptopsover 10 geographic locations - we don't have much spare time!), what is thebest way to deploy AV updates? Given the number of updates sent out, it's not feasible to test them all when they are released. So, leave auto-update on or hold back and test say once a week and update then, or what? Any thoughts? / how do people do it at the moment? Cheers I. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital CertificateIn this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Anti-Virus Updates - How? Ian Bradshaw (Jul 13)
- Re: Anti-Virus Updates - How? Francois Yang (Jul 13)
- Re: Anti-Virus Updates - How? Adam Mooz (Jul 13)
- Re: Anti-Virus Updates - How? Miguel TubĂa (Jul 14)
- Re: Anti-Virus Updates - How? Adam Mooz (Jul 13)
- Re: Anti-Virus Updates - How? Mike Hale (Jul 13)
- Re: Anti-Virus Updates - How? Sandeep Cheema (Jul 13)
- Re: Anti-Virus Updates - How? Kurt Buff (Jul 13)
- Re: Anti-Virus Updates - How? Eric C. Lukens (Jul 13)
- RE: Anti-Virus Updates - How? Ramki B Ramakrishnan (Jul 20)
- Re: Anti-Virus Updates - How? Francois Yang (Jul 13)