|
|
|
Anti-virus Testing Standards Come to the Cloud
By: Brian Prince
2009-05-21
Article Rating:  / 3
There are 2 user comments on this Network Security & Hardware story.
The Anti-Malware Testing Standards Organization has adopted a set of best practices around testing cloud security offerings. The body - which is made up of officials from companies such as Symantec, McAfee and Trend Micro - has also agreed to make analysis of product reviews public to educate consumers.
The words "in
the cloud" were heard numerous times at this years RSA security
conference in San Francisco. With the number of cloud-based
security products growing, the Anti-Malware Testing Standards Organization
(AMTSO) has been stirred to action.
Last week, the two-year-old
industry standards body adopted a paper setting forth best practices for
testing in-the-cloud security products. The
six-page document, available here, touches on subjects such as
virtualization, connection filtering and the repeatability of the tests.
For users, this means bringing a new
level of uniformity to the testing of cloud-based products on the market so
that more value can be taken from product reviews.
The most important element is
that some of the main assumptions of on demand tests no longer apply,
explained Mark Kennedy, distinguished engineer at Symantec. On demand
tests to date were widely held to be reproducible. Cloud technology now
makes this difficult if not impossible. Moreover, retrospective testing
(freezing products and testing them against newer samples) will be extremely
challenging without biasing it one way or the other.
The advent of cloud technology now
means static testing faces the same challenges as dynamic testing, he
continued, such as the freshness of samples and access to the Internet.
Many of us have argued for years
that static testing was not indicative of the full range of protection provided
by security suites, and that tests should move to dynamic testing, Kennedy
said. The rise of cloud technology should accelerate this process.
Testing cloud products is more
complex than traditional standalone software and requires more resources,
McAfees Igor Muttik added. To be reliable and fair, the tests have to be run
constantly - which means more computers, more bandwidth and a reliable testing
framework.
If the testing setup fails, this
can't be seen as a product failure, said Muttik, senior architect at McAfee
Avert Labs. To make the testing setup reliable, it itself needs to be tested.
Stepping away from the cloud, the
organization also announced plans to make analysis of anti-malware reviews
public in order to allow consumers to better assess their validity. The reviews
will be measured against AMTSOs standards for testing.
AMTSO is clear in its desire to
improve the quality of tests in a way that is independent of any vendor or
tester, Kennedy said. While it can be challenging to reach broad agreements
with such a diverse set of competitors and experts, the speed at which we have
done so underscores how important we all believe this group to be.
|
|
�������x}r㶲s\@♵MQHS-b[�I*�EB�c")J
7](ɗd��6ЍFh|Ggo�D.�01tE1�>=zo�HRso���L#4rJ��:AF#:,t�}w5�k9�9�rM���z=�>�;|�9|@D��%�j'ACm3c{zc_6ژ2z9o2�f��E63&��I��=E�9�J�>�֥q�ɏB#�4HXߢȱ�7{Xe�3��76m( C
X^P~�FD;ǎ5{N�̚0/Pcw��0}dh9�r4=yͰ*[Ƌa��F.�9�1rx&Լ;�@
*YsD�ƞ4IC�d!�LJA`:t,#��G^C]ݱ���R,RE͌iAw4Ԭ�kS��zcG
3�G(&�$gtj�v?ĭ(Q If%[a�W ̋5g�?L�G`B'lǦ"
'�m_j|��5n938$3z3 �wj%NXE
?q74Ba��H��O�L�"��9ˡ,kFpf0閩m�Ⱥuw*r]�
GjR/G{C
L{hTyݙ�۟]�*�
U:G���-;��жD^ԢZt{ݳ>~j_\[�r ��+ NֶRߘ�0Q\�&*+Jx4M2�A�>j��`%rM7JQ߸+z^T�Z, Ԏ$0L"�J�1~̢(:2q}?-~k~>C,[3sAVU�̠`W:+�㽩S=;}\vo{{CN۟:'�gg�:�R��ڟl3H/k�Cp=�['^=:$?N-rO=����j�iT뒒{iM&�usBr,�OdJy �=M�%�%wܿ��/Rx3o�F5
tA��%92ȔS�Hu��t9��~cE'zf-Mf�#d��Li�|] p3Z&�9T2�3<�M��H��:Ɯ5ņ]�)!exF-�I�K
_VPB�5)\Dh+�ԌTwPH7#DD��v�x��r!DKI��88��c�^IRYE1\ni>U<8�vwެ.�Uմ-~iKsqiuO^
S��3�G#��вnZ��Zc1x2,ՎJb�~�_1p�-~~b0B��m�]
:fV|,�|0�t@6O=Sjicvi(|��
I�}Ц�><7�M���I70i��+����GݺzLnXŞ�+�Rm:FAтMx>t�T�ێ�]6}l2���9<8�L&&�zrWt��#`���V���PCh�9N@tmS(�r`�)�ڽfZдc@!��&B~�`Z&4$
7q�9準I`L)^HIRЙj!@�9z٧l�)>�3-$֒e�{_�No6�viX�Z @)��e�i
-a-0^�Ԣ(/Q|u$"!�t��sqŰ,B�/0<:Bb&^fdhQ&���|sö��V/E\W˟@��ZY-x�K;���ʸAS�Aݐ`�@E�Ll5K�׳�թw@�4�=".I�Nŧ��C��<<�f�Rq'�Pi�t
@I*5%}�끆�_ƅ/c%�|o2rl\�:|Ꚛ8_,-�{guaWjI�Ws4&MM8`
;D�Ӝh2�F��ÑiH5ߴ�IF+eu�&-JJPT$���i/#Y��/9-0cYC6aDm6#k(-ER&=��G.4uD83[-OAU��4$qxS??4X)0*�y�.|�|u�V�N0\�}��єa˘34|q֓-*I�RP$x!�5 �dj>Ǿ$o':|�#H�E�~H�Q�7Ϗ9(gd%d��)>�'HZ+�k�fj�E)WJJZ
_{}|3??=e�dԌR�p�8�< _�p˻�m??�h�_g��no?�SMw+\ks>�#�]\V`Qa��Ɩ]4F�XX�H]M;H̎O�z\NR_!�<�4`,\rRj͔�
Q=8z0�~�e7ufv�9A�خ� �crA=5}}v~
9N�(u89'&�b)&GJtl��ʂu��!
2tXݙ
`��1}j$�a��!L`�f0!�+
#mqJk�8ԿC��uλWԴ)Z+�::>j�9g�kӥ����,ć{n�#f�
>L�k}�]P
z֬s�bo^
�څH��B&�GdH��>�#`POT<]w�]܁c:P=H(T\�g7cMEH]ac6U�{z@n�)Zڽ/''vhT�JE噛>67/=Od[̌<9y�n2$8z.0JL;%95$_ہ�3JnuItLe``l�Dif\{e"�>QXk����ٿ�~TkG�K(
L ��$q�)YUi�hja{I1A$Ks??$ESuYs��0q�3fnt� �3�9ow><�{>{q 4
}U\yHG�V-?~::�m~61��z˾NIU�$(��X�q�4qߵ!s'^y {{:=\}n;�E�Fp0Z
<�!hq^
8�+%E�;"�u�߽�< rDp'Bj]t>\�$'d�0
srn݄'�6b��`
xѤȢ<"̔F<$]wFD�!B2.ݛ
g��^|&�֒}UYq!slPh�'lꏽ�/Q�֭�̚_�f?ĄBAjNx�P(� �� c@JA=�Vo8/Z#i%LB[(�
�`E/)�(+RJ)"4FYO |�N'ݛ�g
<�@�9F�hDu~mnER�}C�fax!w,0qB;DLa2Da~�=m1결u]$�<2OтN)tJȓÓ!�F�=�)�I"8IUF4A2�uIH?�Md4XPW
Pق[W��'59ܻ8�^]ҹs�<<�RpLCR��CsҺ�'�B}$XyKw8Ť�b%&h8W߅u^N4�~x�r�'|'xj��}yU�y^K=t#J^uwj̣�cy~"ѴGNxL�7Ď#^@(NVu2k#�x'�[_YN.t0o���9]#ޓd=tWc�T1;�>^Y��]s6�ͥ��O̴E�{�wmhG(WV#w9c990�vY��?yxX��T3mD1CN'~>A
6̯�>���H-@^���=2GoQ��p]9Qz ACvo~⌜71n;z6�Ş`4tͥoV<��i?{¾"CWq��[:i)`*9$�Xh�Hn
e_"+2�NIɅ^t;>�ri���,F} �d3Do�Ӽ4hAhfl��O�C]�`l_s�TxBo~<Ϥ�
]ek��*)��w}�o}VZ�tC.q�B� &�d/.%�o.E j
O�Kt�1ڮ/=ا�HkYX�xlQ�Wg�o
?
'|ȞF8^j[ci��2��>
ZAC؞qbL�p��O�$`G-ݺ�ܭ)³��$`GDA7}ig涣A� jm��Z0\�9f�>
��V2+&[qVL|}�rx�|[q$[+/' g|o#&_M_k
�S M[k/!/1�%]%h3�[a@)��wCOƥ�G/>qlh`bo�x?Դaf.kr/u쑧a4+dQ`QR(�X/_C�r+'vY|_}
��`Q�,GS��IQ{͗(QG�:�氘�LS*��g)L�O�V*?�GR#Owz�EY?c!�ѴOm<<�8u�C���
-x18r]�Iٛǀ��;�3 .0ÄA%RW+9�|���S$vL{'\I~60n!2F+렳.&&dϝ�,�$YM�l�T�� geik�JSuLd=͇Ca=�Q W�(b�3*v/
F�/�3VV,UmR�MiJ^I?�x�G~�^\)= RB�%8>�=R֫J}E�jjV;*JP:'qcX'yyN7��I�0TM6�=�����=��x�?O.h˘S�
Onws42z|i&��/k� wqjX^!qax�"vPˉ�WKވ!l.PA%,7o{�< d|����}�}&6Ftb՟��4QՑo❤R�Aط�l)"T!az9d̲�R4,=|E1=*eX)g0Y�pp���G:> �- ��"nx7w�[-?U^XR34��PJq.aQ-��*9 z^$� �9���D�_�<�hZ߀csC]9�L-gT_|:3Daf�&��[T*�+�<[7��O{7�뚮7Du#zM5^Ҿa��+�e5Pq�#��~~~ղ|h�_5h� 'ͥ.{3f�,�lܑ#p
�0߸;$xC�<�H�Ol1<-ୟlƘ��%D4ꖜ2gu0+zu$MP�8�1y6'ETs|$|mH)[`ܺꖜP|iMS}^�A.X��s�"Ѕ ѵcD*N
KQ� opy�s-�&(V/fxIEz 25_�ʖXz-N�qh>�GT73� <�BJi�qp���^c }<35�jk�4w~eKV)G|NqJ@]똤�m�ϗ=a�H'J�G-mnQiA�\R^bRO @M�'f6�ċD̶_Zi_y_�h�:[�?CO?9�2ƄJg�-9#ӗn�2$z
JBA�AT'�D/4�ti>uK�d}}}}?}Zks_1Z$� !�x=ٙIW@z8uy�ݳ��>$���`7,��~^�`쇰ٶ3�BŸe/h6P`e(e�<:h0�جq-*fW3�@b⭰ HC#�O�EHqoƗ?&�IZQ9�{/*R�k~p�ULP}k3t̀[4̋4�|i%9.xc~Ju�R\#~��_7b#osR8,*9/�lB]/p[q'^ݔWA:���8| ��w:���j��c9p�ͭ_nݴx(f.�0%n\�OE�
-�"߈Ysc馃�+P/B%Sp,gi-b1DKb��@/]j�S}0=|L^,T�.��{*_f�]�G?\ՍA@���,��~V�xrڢOv��w+9�k`cJ4$p{��#�M^�/
:ä="L1~%�ͦ��0a���:6M݉.��Wr@~��Q&
&����>~/$�&ФC>y| [�V�R#ঀ߉~�xw
�܍;@�u#��fד|'"�RRZ3ʉmOE_xNUq`�6BX�M�$&��mpr�CvI
rซذj~�r,z�6�6'T9E|�)96iܱ��4>�RP�y!�Fvw{�Kb+.3J7�$q�pj+j5��A�^�Ck7�cZrD�,?��t�UHE�/]^|��~8�.
dP�
��/�_Z6`c�Gk 0`"Ω,,
Y4jK11\RËBj\#�ZbiE�.c
2�u5WHk̘x%n4�vlNz� yԥ�BM�qEWKTChR��fx�k>qbfƆX5�0�Vz^3��k�صWJ;7�ԕ6�]4_q�=!o7ݝ�AfnVu$�CKVmqDN\,�b����':ƒsRv�m��#�ZM)RӰp-3�SN�pʭBף�:F�yHd�MD0FՊ
ľv7Cy^�)dcGVjjJ
���e�cwa.�Q�^CviBBO�.�kXGl7K1�eTUR5ϚC8,��K&��Y`%LtxZډ�bL�k�R� i G��+1w[
w-ke}
dyl�H`1N�пhE{wi/+1�~Jګk6G&
=l>}rJ+vl"n!F�r9͌�tTB}F}ozW�'b^m9S�lO0�V14-^a�=eE&d[j�il�wAyR$%n�'��蜜kf�MP�x�:�Iϥ4�?R)!o%:*=+s���oiw\X>�`�`i>WO_ňV�R>fD9m��a�WH0D|,d3_+@jL�B(eYiv'
o.'��!S�o/?VH
o�[ȺexxJ�"�r[L%h�c:�&B���)<_]С������ꁢߒ�ߊi48�}A6�ژy���iF$�Y�c
r//R\Ix##��k3`1t*K�_!߰�,VI�m{7�R[�$yf?ZED���$��q}n\moza�C�;3&2��M`#o[y�MmNG7<���LQ! C�O�
21QwKys\v��Ocm�lɧtC�!嘭#!+^�bΑ$h|s+�ELs\eaH��p=Sˑ�-d1Șh
MQ VHxDir�tv4!"��L�s6@@P0H��73.:ϙ�F$�1L;�?0mݚ�1;C>�Yx�N���۹fb��WoP$P`��+wdcF�||�9�k�L/
$N1Xї�vqY�@��y+��LL�͂`Aa~L�!�Rjs# h_'?0�� �Lma`t��.t>�Mݣ0]��Af)�p͒w\j��:r�tԨ�
�b8+M�5?3,ȏݡKlݜ�(�8��3�Zi$�P!%�h$bcx=9`6@2_7=}mh?݉2K�&(��
�@Ka1c�~PBM�Ф�Ps]��+J9q<�>KAguU�p VH+�^@0��3���%M�$͈ɵ?�Xf39ސ�9iIqstq{Ǔ�}��RKG٩;'gM窏w=��|j5ۼV6�ideAήZmf(�T{=\h�^Epɂw�]%;飱8�/�&+(/6PJTَ/!�bTթ2�W?&_z
[7^OͦV\k!?o?gg:^.9q�Χ��A^�^Z�A��*'M&�ORL8���SD^}'ݫv�n�"g(9W(5�o֗S[�](f#ח�
N�'P~�sA����?/?\sQ�d�3r'?r͟{�埡���fe\��_�,@�^�}.3s _f y�2z'(Q~��d_BeF9U^\e�UuwAt3O�K7C\�\g5
M��^�=�B?ח�_SV9)�O@O�۬r�o3ڿ�\'I��2u�S.�ry/
苬 OY射:(Cy>�<_`fk��t�s_2�z�^�}NV&话ir]!,.%P�UZ«�/YSʹ�qմ �6
VD=՞bM�dG,DlG\%�f1' �U͉(c#h��.Ñp[{?|�K2��0Ik~�L(���(G.�v�8Buf¿�n��_�x�`
~iMnڧ[Dpqk;ُϋGkw�Օ� ~3/߆z�Hڟ'<+?q�>��x�P�xZLԸGpoQV"
#�<5 |i3�׃>Zqz`�^M=
�!훫�ڳi>Y}T.q
5sE�Eא�E,&JhӄZ�{J�fBZH�<�&р]
�W, {+2�_i
v�E݉cE\fНXz&(}c"N@U~�
=�׆"�2cX
==GcС�2NG-F{�A�}F垓$gg_5�b
Fy&b3@p�+0 '�Ɣ
ϰ"�� sk29)��,��ǝ�)zE´Bd'KWܱ0_^5F�ElT$bB=�Ay,O~ւ!�gn耵�]~0&��ǂ!0ѕDM1F(ͦ,1.f� � Ax��=`#hxb�<���nh1)�d'kIɻx#795I>eS1C'@n0\|H
d9[H^م�4�3�\j�9/�YH~>����\9�9�.@OI"cXM1}aE�|1GǩW�.r�W��?�aMd�|^�k/o?X�Y/.;��yH%D=C�
QFk;O�(QF2p?\Q|ҽ`ghi�/=nT
+Z(Ksӽ9mA0��}us!Y�/7��~s Wha<�[Wy�&F�{5Vj"<&o�(FҢΰ
\岞�ZqKmN�~늘p6JL?-۔9MR"G�Zi/%!zR4��զr0>dv�=̭Mӝo3a-d4džIkck��j�졘w)��
|
Network Security & Hardware 
