Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "The Enterprise Anti-Virus Book", Robert S. Vibert

Expand Messages
  • Rob Slade, doting grandpa of Ryan and Tr
    BKENTAVB.RVW 20001019 The Enterprise Anti-Virus Book , Robert S. Vibert, 2000, 0-9687464-0-3, C$99.95 %A Robert S. Vibert rv@segurasolutions.com %C RR1,
    Message 1 of 1 , Jan 30, 2001
      BKENTAVB.RVW 20001019

      "The Enterprise Anti-Virus Book", Robert S. Vibert, 2000,
      0-9687464-0-3, C$99.95
      %A Robert S. Vibert rv@...
      %C RR1, Braeside, ON K0A 1G0
      %D 2000
      %G 0-9687464-0-3
      %I Segura Solutions Inc.
      %O C$99.95 fax: +1-613-623-1645 info@...
      %P ~ 140 p.
      %T "The Enterprise Anti-Virus Book"

      It is very difficult to know what to say about this book. For one
      thing, it isn't really a book. It seems to be printed on a "one-off"
      basis on each request, and is in a constant state of modification.
      (It is printed on standard letter sized sheets, and "bound" in a 3-
      ring binder.) To the specific points that I raise in this review, the
      most common response from Segura was that the item would be addressed
      in a future edition.

      For another, the title, while not exactly wrong, needs some
      explanation. The introduction indicates (without really ever so
      stating) that this is a guide to buying antiviral software. It is
      similar to my own antivirus evaluation FAQ, although much more
      lengthy. More lengthy and much, much more complicated. There are 300
      criteria on the checklist provided, and for each the user has to
      provide his or her own scoring and weighting system.

      Chapter one describes yardsticks for measuring antiviral vendors, and
      makes a very strong promotional push for an expectation of support
      from vendors and VARs (Value Added Resellers). Since Vibert has most
      recently worked as a reseller of antivirus software, this should come
      as little surprise. (Segura Solutions, in response to the draft of
      this review, were most upset that this statement might suggest that he
      or they have any commercial ties to resellers.) More important,
      however, is that while the book lists a great many appropriate
      questions to ask, there is very little content that would allow non-
      specialists to intelligently analyze the answers they might receive.
      Users should ask what kind of training resales agents have received,
      but what standard training is available? Again, users should ask
      whether the vendor provides up to date virus information, but there is
      no gauge of the quality of that information. Yes, the queries are
      apposite; they are, in fact, very similar to the questions I ask as I
      am doing reviews of antiviral software, but I've got many years of
      experience in determining what the answers mean, and how important
      they are in the overall context of both an antiviral system, and a
      given work environment. Readers of Vibert's book are left not only to
      puzzle out what answers might be "correct," but how compliant
      different answers are in relation to each other (and some absolute
      standard), and how important each question might be to the company or
      enterprise they are trying to protect. Some very vague and general
      discussions touch on a few of the points, but many questions are
      simply listed with no discussion whatsoever.

      The second chapter deals with general antiviral aspects. The
      discussion of antiviral actions and functions does cover a wide range,
      but explanatory information is very limited. It is interesting that
      the introduction makes the point that all enterprises are different,
      but the text implies that one antiviral will fit all users, and places
      an extremely heavy emphasis on real time (on-access) scanners. In a
      similar way, the statement is made that all certification tests should
      use at least 100 versions of every polymorphic virus. The number
      isn't justified in any way, and this assertion ignores the fact that
      polymorphs vary greatly: Whale has only thirty variations while Tremor
      has almost six billion. Much space is occupied by material copied
      from certification company Web sites. There is also some confusing
      contradiction: ICSA is first promoted, but two pages later is not
      listed as a reputable tester. No mention is made of the fact that
      ICSA charges vendors for certification, or the implications that fact
      might have.

      Chapter three states a concentration on desktop, or non-server,
      considerations, but duplicates much of the relevant material from
      chapter two. Again, the emphasis on certain subjects is odd: there is
      a large section on DOS TSRs (Terminate and Stay Resident programs) and
      only a terse mention of email. Chapter four then turns to server
      factors, but extraordinarily briefly.

      The section on antivirus deployment and maintenance has the largest
      checklist in the book. There is a great deal of duplication, at least
      in terms of the concepts touched on. There is not much organization.
      Once again, there are many questions, but little content to help the
      reader analyze answers.

      Email gets another mention in a chapter only four and a half pages
      long. The explanation of email operations is poor, and there is no
      discussion of the problem of "streaming" filtering at all. Chapter
      seven, on groupware, is really just a replay of a subset of email
      considerations. The last chapter, on firewalls, provides no
      background at all on firewall technology or types.

      For those who have some background knowledge of viruses and antiviral
      technology, this book will provide you with a checklist to ensure that
      you don't forget any points. It does, however, seem a rather
      expensive checklist, and you will still be left with the problem of
      how to weight and evaluate the mass of data you collect. For those
      without a conceptual foundation, this work is as likely to confuse as
      to assist.

      copyright Robert M. Slade, 2001 BKENTAVB.RVW 20001019

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... rslade@... slade@... p1@...
      My mind not only wanders, sometimes it leaves completely.
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.