yes i just got an infected computer with the latest build on avg 8.5
8.5.339 270.12.42/2137
and an infected with PAV...boo for avg...they should have integrated eset nod32 for a real antivirus app not avg..oh well

Legacy Forum Name: KES,
Legacy Posted By Username: ustekschad

I love you guys... I guess when you get Eset and you catch something it won't handle, you'll decide to go to Panda becuase it cought it? Stop attacking the process reactively! Get proactive and figure out how to improve the process... how did the AV get on the system in the first place? How could you have prevented it from even getting to the user? Attack the delivery of the problem.

Legacy Forum Name: KES,
Legacy Posted By Username: boudj

boudj

I love you guys... I guess when you get Eset and you catch something it won't handle, you'll decide to go to Panda becuase it cought it? Stop attacking the process reactively! Get proactive and figure out how to improve the process... how did the AV get on the system in the first place? How could you have prevented it from even getting to the user? Attack the delivery of the problem.

Then we wouldnt need KES then would we, what a strange thing to say.....

KES is alot better now than the original crap we were fed, no doubt through the hard work of Jeff but its still got a long way to go.

I think a post here with every virus/spyware KES misses would be a great start for the people trying to make it better and a heads up for us that have it.

Or maybe the marketing department at Kaseya is more concerned about keeping up appearances over getting the product to work properly.


Imagine taking your car into GM because your car wont start only for the service people to turn round and say, why don't you walk, you need the exercise anyway......

Legacy Forum Name: KES,
Legacy Posted By Username: mrbiggles

Once again... you don't get it. AV prevention is a complete strategy and not just "let's throw the best AV/AS product at it". You'll be like a dog chasing it's tail. Instead, AV/AS is only part of the solution. You should also deploy:

• A gateway AV/AS scanner at the firewall level
  
• Use some kind of web filtering service (like opendns.org which is free)
  
• Use a spam prevention product
  
• Lock down security on systems as tight as possible (without affecting end users of course!!!)
  

A good all around strategy to attacking AV/AS problem will help prevent or limit outbreaks. And using KES can be a part of that strategy. KES has tremendous upside on the manageability and for configuring many, many clients at once. And it will only improve (see the roadmap for details). And frankly, no one AV/AS product is really "the king" anymore. All have vulnerabilities that can be exploited. Because of this I need to make sure I have the best tool to properly & quickly respond to outbreaks before the become a massive disaster. KES is giving me this.

Legacy Forum Name: KES,
Legacy Posted By Username: boudj

boudj

Once again... you don't get it. AV prevention is a complete strategy and not just "let's throw the best AV/AS product at it". You'll be like a dog chasing it's tail. Instead, AV/AS is only part of the solution. You should also deploy:

I think those things are a given though, anyone who has invested the time and money into Kaseya must be at a level that understands the items you have mentioned.

I still think a test machine that compares AV without any safeguards is a true indication of its performance.

Another analogy using cars is discussing the safety. If a car company said, listen we know our airbags are pretty average but really I think its up to the driver to learn to drive safely in the first place and avoid the use of the airbags altogether.

The common thread between airbags and AV systems is that they are both the last line of defence and they must absolutely work and must be the same standard as all the others that are out there.

Its why they have the NTSB and a dozen other departments to work out why something went wrong.

AV should be the same, when something goes wrong, its better to acknowledge its not perfect and work towards a solution.

Legacy Forum Name: KES,
Legacy Posted By Username: mrbiggles

mrbiggles,

I thought that was a good analogy - AV and airbags. Both need to work well, when needed!

Lloyd

Legacy Forum Name: KES,
Legacy Posted By Username: lwolf

Now you're talking! The product needs to be improved (all AV/AS product need improvement), and hopping around from product to product isn't the best solution (usually). One thing I like about KES is we CAN influence how the product works (try and influence Symantec, CA, MCafee, etc...) and Kaseya can influence AVG. Over the long term this seems to be a good combination that I've decided to buy into (for now... that's why I only buy enough licenses for 1-yr sub). Add in the integration into K and I don't see another product out there with the 1-2-3 punch that K has the "potential" to provide. Now is AVG the best product out there... no. I'm sure there is others that are better, and others that are worse. And you can keep chasing your tail around each year and switch everytime something better comes out.

Finally, since you use the "airbag" analogy, do you happen to know the failure rates, as well as the injury rates caused by airbags? Google it and you'll be surprised how similar to the AV/AS software failure rate it is (metaphorically speaking of course!). Even thinking about the best vehicle with airbags I make sure the vehicle I'm driving is considered well built (Yugo vs. Honda) instead of researching airbag manufacturers and who uses them (interesting way we think isn't it??). Because it really comes down to design of the vehicle, how airbags are utilized in it, and how involved the vendor is in improving the combination of these thing work together. Using this same logic, I choose KES (for now) bacause I do believe that Kaseya has this focus.

Legacy Forum Name: KES,
Legacy Posted By Username: boudj

We are planning on having the Identity Protection component included into KES 2.1. This is a behavioral engine that watches the running processes for malicious activity and then shuts them down. Once a process has been flagged, it automatically reports that back to AVG virus labs for signature detection (to help out the rest of the folks).

There are a few problems however
- The IDP engine is not fully integrated into AVG / KES yet. We'll be able to install / uninstall...and not much more until AVG9
- It has a separate system tray icon disconnected with AVG
- I'm unclear on how detailed the rules are with IDP and how well they will do against PAV for example....These fake AV vendors are going to get smart against the behavioral engines and try to find workarounds there as well.


On that note, we do have a fantastic relationship with AVG. They are continuing to make great strides and improve along side with Kaseya improvements. The goal is to make this better and better (with less effort of course). Anyways, thanks for working with us to really win this battle.

Jeff

(The airbag guy...i think....if i got the analogy right...)

Legacy Forum Name: KES,
Legacy Posted By Username: Jeff.Keyes