Testing of Bit Defender Defs
|
Logged in as: Guest
|
|
Users viewing this topic:
none
|
|
Login  | |
|
Testing of Bit Defender Defs - 2.Mar.2005 7:34:00 PM
|
|
|
mps_surcouf
Posts: 72
Joined: 5.Oct.2004
Status: offline
|
I would have added this to the long thread but it is now closed.
I recommend GFI ME/MSEC to customers.
I just had to apologise to 5 angry customer sites. One I only recommended GFI to a few days ago. I felt pretty unprofessional.
I want to know from GFI that there will be testing systems in place to prevent this reoccuring.
Rather than a bashing here is a constructive suggestion.
A mail loop test is a test by which an email is sent to a mailserver that is automatically forwarded to an external POP3 account. This can then be checked to verify the full mail path is working ie mail in and mail out.
A GFI MSEC test server that is subject to a mail loop test could be set up at GFI headquarters to check that AV updates do not disrupt the flow of mail. After a successful amount of mail loop tests the updates could be copied automatically to the ftp site.
I need my confidence restoring. Email gateways are very critical systems these days and I need to know my customers sites will be working 24/7.
Also in this case a mail loop test for GFI NSM would have alerted me to this problem. The SMTP test is not extensive enough as it does not test the full mail path.
Mike
|
|
|
|
RE: Testing of Bit Defender Defs - 3.Mar.2005 6:47:00 AM
|
|
|
Nicks
Posts: 2771
Joined: 17.Mar.2003
Status: offline
|
Hi Mike,
We understand that this matter has caused a large number of our GFI MailSecurity customers great inconvenience and we sincerely apologize for this. We are addressing the matter with BitDefender with the highest priority.
We have also updated our knowledgebase article to include more information on this issue - http://kbase.gfi.com/showarticle.asp?id=KBID002294
|
|
|
|
|
RE: Testing of Bit Defender Defs - 3.Mar.2005 7:00:00 AM
|
|
|
Charles U Farley
Posts: 20
Joined: 3.Sep.2004
Status: offline
|
Ive got a customer threatening me with legal action now. Needless to say
1. I wont be installing your products anymore
2. I can laugh at your testing.
With the reading available, BitDefender dont test their signatures with GFI and GFI dont test them before releasing them. Hmm, do any of the other a/v packages get tested by the providers against your software or do you test (it seems you dont) them against your software?
I have the feeling that we wont get an honest answer to that.
|
|
|
|
|
RE: Testing of Bit Defender Defs - 3.Mar.2005 7:57:00 AM
|
|
|
Nicks
Posts: 2771
Joined: 17.Mar.2003
Status: offline
|
Hi Charles,
A good ammount of testing is done on each set of virus definition files before they are made available on our site. This testing is automatically done to ensure that the virus definition files are provideded in the least time possible 24 hours a day. If no testing was required, MailSecurity could have been linked to the BitDefender update center directly.
|
|
|
|
|
RE: Testing of Bit Defender Defs - 3.Mar.2005 8:07:00 AM
|
|
|
cpi
Posts: 19
Joined: 31.Mar.2004
From: UK
Status: offline
|
As I understand it from the various emails from GFI, GFI test the definition files. What they don't do, but surely should have been doing, is test those definition files WITH their product - Mail Security - installed on a test system. Had they, then none of this would have happened. So, GFI's claim that "It was therefore impossible for us to foresee this occurrence" is not correct.
|
|
|
|
|
RE: Testing of Bit Defender Defs - 3.Mar.2005 8:24:00 AM
|
|
|
raptorleader
Posts: 3
Joined: 2.Mar.2005
Status: offline
|
We have to problem to.We have installed Gfi Mail Security and Essentials on 10 Companys.After the automatic update of the bitdefender,we doesnt recive any email,our customers have the same problem.
Now we disable the bitdefender engine.
But the really worst problem is,that the mails the recive was killed by bitdefender if the rules says "delete emails with virus inside".
It would not be a problem if only simple texts in mails would be, but at customers there is far out more sensitive mails, like orders, sensitive data, etc...
Who pays now the developed damage? GFI? I hardly think, although GFI is responsible. Please tests your programs somewhat longer!
[ March 03, 2005, 02:26 PM: Message edited by: raptorleader ]
|
|
|
|
|
RE: Testing of Bit Defender Defs - 3.Mar.2005 8:59:00 AM
|
|
|
Wainer
Posts: 68
Joined: 7.Sep.2004
From: Italy
Status: offline
|
I agree absolutely with Charles. Is not possible these thing happen ! BitDefender deleted ALL messages and not only a few ! Any test would have seen this problem, that was a very big problem also for us: we lost messages till 7:38 this morning, Italy time.
We are about to upgrade to unlimited license, but this matter, this way you behave..... I'm very unsatisfied.
|
|
|
|
|
RE: Testing of Bit Defender Defs - 3.Mar.2005 9:08:00 AM
|
|
|
mps_surcouf
Posts: 72
Joined: 5.Oct.2004
Status: offline
|
Hi Nicks
What is your opinion on the mail loop testing procedure. It appears your current testing procedure is not a true test if it does not send a mail in and out of your gateway product. This would be so easy to set up.
Mike
|
|
|
|
|
RE: Testing of Bit Defender Defs - 4.Mar.2005 8:33:00 AM
|
|
|
Nicks
Posts: 2771
Joined: 17.Mar.2003
Status: offline
|
Hi Mike,
The test that you have mentioned would have been a good test to check for this type of unexpected issue. We will surely include similiar measures to ensure that such an issue does not occur again.
Thank you for your comments.
|
|
|
|
|
RE: Testing of Bit Defender Defs - 4.Mar.2005 9:05:00 AM
|
|
|
David Vella
Posts: 393
Status: offline
|
Hi,
First of all I would like to clarify that GFI DOES test all the updates of all the virus engines we use. As a matter of fact this is the reason why we first download the definition files from the virus vendors site, test and then the products download from the GFI ftp/http sites.
The problem in this update was that the issue was during the updating (using GFI virusdef updater) the engine against the GFI engine. It was not a corruption or consistency issue. There was a change in the BitDefender engine that caused an incompatibility between the BitDefender virus definition files and the virus engine update mechanism in MailSecurity.
I also appreciate the comments made about improving the testing process which in fact is something which we are looking into. What Mike said re the mail loop test is also interesting and we will be looking into it in more detail.
regards,
David Vella
GFI MailSecurity/MailEssentials/MailArchiver - Product Manager
GFI
|
|
|
|
|
RE: Testing of Bit Defender Defs - 4.Mar.2005 10:38:00 AM
|
|
|
cpi
Posts: 19
Joined: 31.Mar.2004
From: UK
Status: offline
|
"There was a change in the BitDefender engine that caused an incompatibility between the BitDefender virus definition files and the virus engine update mechanism in MailSecurity."
I still don't get why part of the testing wasn't testing the whole update process on a test system which would have identified this incompatibility.
|
|
|
|
|
RE: Testing of Bit Defender Defs - 4.Mar.2005 10:53:00 AM
|
|
|
David Vella
Posts: 393
Status: offline
|
quote:
Originally posted by cpi:
"There was a change in the BitDefender engine that caused an incompatibility between the BitDefender virus definition files and the virus engine update mechanism in MailSecurity."
I still don't get why part of the testing wasn't testing the whole update process on a test system which would have identified this incompatibility.
Dear cpi,
We as GFI where not notified that an engine change was done so we only done the automated testing.
If we had to human test all the definition files the customers would get a delayed set of def files which could be a big problem if a new virus is doing the rounds!
When a new definition file is made available and the engine is modified we make extra testing for it.
|
|
|
|
|
RE: Testing of Bit Defender Defs - 4.Mar.2005 11:22:00 AM
|
|
|
mckiku
Posts: 9
Joined: 1.Mar.2005
From: Spain
Status: offline
|
So, David, do you mean that the problem is that between you and BitDefender there is a lack of communication?...
|
|
|
|
|
RE: Testing of Bit Defender Defs - 4.Mar.2005 11:25:00 AM
|
|
|
dorian
Posts: 6
Joined: 1.Mar.2005
Status: offline
|
quote:
If we had to human test all the definition files the customers would get a delayed set of def files which could be a big problem if a new virus is doing the rounds!
While I appreciate the hard work I know you guys are doing, saying that you are testing stuff, but yet not testing what we the customers are doing is not going to be sufficient.
I do not want to go into the details, but if you are not testing with a full on system just like your customers have, then what use is it?
Having virus definitions that are as fast as possible to protect people from a virus that may be spreading is important. Comparatively, having every email NOT deleted that comes into your system with no way to retreive it is rather imprtant also.
If it came down to a decision, I would rather the definitions be delayed a little longer if it was a guarantee that the scanning engines would not go crazy and delete every email.
I, among others, have supported your product in the past, and so far, will continue to do so in the future, but I would rather you miss a virus for x hours if it means I can guarantee that emails will not be summarily deleted again in the future.
This going back to reasonable testing practices. This should never have gotten to the customers to find out.
|
|
|
|
|
RE: Testing of Bit Defender Defs - 4.Mar.2005 11:26:00 AM
|
|
|
David Vella
Posts: 393
Status: offline
|
I do not think that it is fair to say that there is lack of communication between GFI and BitDefender because of this issue.
Do not forget that we have been running with BitDefender for quite some time (1.4+ years) and if there was such lack of communication such issues would have happened before.
So no, between GFI and BitDefender there is no lack of communication.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
Printable Version
