NOD 32 has been ICSA "de-certified" ?? How come?? What's this mean?

[Charlie]

Nod 32 has been "de-certified" from ICSA ratings for 1st quarter 2004 tests.
What is going on with this half-baked AV "solution" anyway??

--

 

[Duane Arnold]

Nod 32 has been "de-certified" from ICSA ratings for 1st quarter 2004
tests. What is going on with this half-baked AV "solution" anyway??

I'll put it to you this way. Just because something doesn't have some kind
of certification, it doesn't mean that something is not good.
Certifications only mean so much. Maybe, the folks at NOD didn't want to
pursue a certification.

It's just like when I posed the question to ISS a couple of years ago as to
why BlackIce was not ICSA certified. ISS response to me was the ICSA
certification didn't meet their requirements and the ICSA certification
didn't mean *jack* to them. That was said in so many words. <g>

It was also explained by ISS that they sat on the ICSA Board at the time.


I have run into people who have certifications and the whole nine yards
that were no good. On the other hand, I have run into others that were
good. So take certifications with a grain of salt.

Duane

 

[kurt wismer]

Nod 32 has been "de-certified" from ICSA ratings for 1st quarter 2004 tests.
What is going on with this half-baked AV "solution" anyway??

maybe they stopped brown-nosing your ICSA heroes...

 

[Spock]

Nod 32 has been "de-certified" from ICSA ratings for 1st quarter 2004 tests.
What is going on with this half-baked AV "solution" anyway??

It means you are a troll.

 

[Will Dormann]

Nod 32 has been "de-certified" from ICSA ratings for 1st quarter 2004 tests.
What is going on with this half-baked AV "solution" anyway??

Tell me "Charlie",
"What" about "Nod 32" is "half-baked" ?


-WD

 

[Larry Bridwell]

Obvioulsy, someone here is mistaken.

1. Eset's Product, ESET NOD32 for Windows XP Professional is
certified by ICSA Labs.[See
<http://www.icsalabs.com/html/communities/antivirus/certification/certprod.shtml>]

2. ICSA Labs does not do QUARTERLY tests, we do MONTHLY tests.

BTW Charlie, where did you get the idea they were "de-certified"?

Larry

____________________________________________
Larry Bridwell
Content Security Programs Manager, ICSA Labs

 

[Larry Bridwell]

Hi Duane,

I'll put it to you this way. Just because something doesn't have some kind
of certification, it doesn't mean that something is not good.
Certifications only mean so much. Maybe, the folks at NOD didn't want to
pursue a certification.

They did want to pursue certifcation. Just check out their website
and marketing materials. They are in almost ALL quality certification
and review tests.

It's just like when I posed the question to ISS a couple of years ago as to
why BlackIce was not ICSA certified. ISS response to me was the ICSA
certification didn't meet their requirements and the ICSA certification
didn't mean *jack* to them. That was said in so many words. <g>

So how about using the exact words, not your interpretation .

Fact 1: BlackIce was never submitted to ICSA Labs for testing by the
developer they acquired it from.

Fact 2: BlackIce (a quality product I might add), while generaly
placed in the category of a Personal or Desktop firewall by those who
don't know the difference, was more closely aligned to a Host IDS and
did not do OUTBOUND filteing and alerts which was a key componentof
ICSA Labs testing program for desktop firewall programs. That fact
may have factored into the reasons for NOT submitting for testing.

Fact 3: ISS is currently part of several ICSA consortia, participate
in technical discussion on testing criteria, whitepapers, etc., and
have very good relationships with ICSA Labs so, while I am not sure
who you spoke with but am relatively certain that what you report here
was NOT what ISS said or believes, but rather what you wanted them to
say . A trend not unusual for this newsgroup I might add.

It was also explained by ISS that they sat on the ICSA Board at the time.

Well I checked around and can't find ANY Board they sit on. Can you
provide me with that, I am sure our executives would appreciate fnding
out what board they sit on?

Another item that should speak to the fact that you are either:
a) mistaken
b) spoke with someone CLAIMING to be from ISS
c) spoke with a janitor at ISS
or

I have run into people who have certifications and the whole nine yards
that were no good. On the other hand, I have run into others that were
good.

I can agree there (especially on people certs), but for product
certification it ALWAYS depends on he criteria (how they were derived
and vetted), testing protocols (are they theoretical or real-world and
is there some typeof certification maintenance after initial testing),
and the people doing the tests (do they know what the heck they are
doing).

So take certifications with a grain of salt.

Actually I like a little sugar 'cause; "It helps the medicine go
down"

Larry

____________________________
Larry Bridwell, ICSA Labs
Content Security Programs Manager

 

[Duane Arnold]

So how about using the exact words, not your interpretation .

Fact 1: BlackIce was never submitted to ICSA Labs for testing by the
developer they acquired it from.

I never said he or ISS did.

Fact 2: BlackIce (a quality product I might add), while generaly
placed in the category of a Personal or Desktop firewall by those who
don't know the difference, was more closely aligned to a Host IDS and
did not do OUTBOUND filteing and alerts which was a key componentof
ICSA Labs testing program for desktop firewall programs. That fact
may have factored into the reasons for NOT submitting for testing.

And you're wrong on that as I have watched BI stop unsolicited outbound
ICMP traffic.

Fact 3: ISS is currently part of several ICSA consortia, participate
in technical discussion on testing criteria, whitepapers, etc., and
have very good relationships with ICSA Labs so, while I am not sure
who you spoke with but am relatively certain that what you report here
was NOT what ISS said or believes, but rather what you wanted them to
say . A trend not unusual for this newsgroup I might add.

That is absolute nonsense from you as I got hammered over in the 24 hour
NG about BI not being ICSA certified and I posed the question to ISS by
first indicating that it was a fine product. The woman who replied to me
who was not part of the Tech Support took the time to write me a three
page letter response email on this issue, which happened over two years
ago.

24 hour is ZA country, but I backed them down on BI when I was there.

I do not have the reply email anymore.

Well I checked around and can't find ANY Board they sit on. Can you
provide me with that, I am sure our executives would appreciate fnding
out what board they sit on?

I am only telling you about the reply email I got from ISS

Another item that should speak to the fact that you are either:
a) mistaken
b) spoke with someone CLAIMING to be from ISS
c) spoke with a janitor at ISS
or
d) just sort of made things up to fit your argument <G> - just a joke
don't freak

Absolute BS from you and I don't appreciate this at all -- not one bit.

I can agree there (especially on people certs), but for product
certification it ALWAYS depends on he criteria (how they were derived
and vetted), testing protocols (are they theoretical or real-world and
is there some typeof certification maintenance after initial testing),
and the people doing the tests (do they know what the heck they are
doing).

Something being good or not is not solely based on some certification. As
an example BI is not certified by ICSA.

Actually I like a little sugar 'cause; "It helps the medicine go
down"

I don't appreciate someone telling me about my own experiences as you
were not there in the first place when it happened.

Duane