7 Replies Latest reply on Jan 30, 2010 4:21 PM by pepez

    Is one av pattern file per day enough?

      I have been chewing the following question over for a couple of weeks:

       

      Why does McAfee only provide one anti-virus signature update for McAfee VirusScan per day and it is released nearly at the same time every day?

      McAfee has the second largest market share of the antivirus markets, however nearly every other well-known Anti-Virus vendor

      provides far more than one update per day.

      For instance:

       

      Symantec     ~230 updates/d

      F-Secure      ~6    updates/d

      Kaspersky    ~16   updates/d

      BitDefender   ~18   updates/d

      Dr. Web        ~22   updates/d

      Avira             ~4    updates/d

      (source: av-test.org)

       

      Of course, it depends on how many new malware detections there are in one update, but it is also a question how long is the time of response against new malware and vulnerabilities.

       

      What do you say - is a single update per day enough to keep you protected against cyber threats?

       

       

      on 1/30/10 11:05:01 AM CST
        • 1. Re: Is one av pattern file per day enough?
          exbrit

          230 a day?  People complain enough about 1.   It's a corporate decision and as it used to be once per week it's already been upgraded.  The 1 per day from McAfee would include a lot more I suspect than Symantec's individual updates.

           

          Whether there is room for improvement is, I guess, up to the developers as to where to strike the happy medium between effectiveness and practicality.

           

          There have been more than 1 per day on many occasions.  The SecurityCenter in fact polls for updates every 4 hours and if one is available will pull it in.

          • 2. Re: Is one av pattern file per day enough?

            Yes, of course av pattern files for McAfee VirusScan contain more malware detections than Symantec's because McAfee releases only one by day.

            Anyhow, the point is how many new detections does a McAfee customer, like I, get per day.

            For instance, Dr. Web kindly informs on its homepage, how many records there are in the malware database. The amount increases by at least 2 500 during one day.

            If each McAfee's av patter file contains over 2 500 new detections, too, then there's no big difference.

            However, it'd be more reasonable to release more than one pattern file per day, because then it would take less time to download and install.

            • 3. Re: Is one av pattern file per day enough?
              exbrit

              I would agree with you and I am sure that these things are under constant review.

              • 4. Re: Is one av pattern file per day enough?

                Here is the mcafee per day database update for threat according to the DAT file number.

                 

                http://vil.nai.com/vil/DATReadme.aspx

                • 5. Re: Is one av pattern file per day enough?

                  Thank you!

                  I remember visiting there before, some weeks ago.

                   

                  It says:

                  New detections: 265

                  Enhanced detections: 202

                   

                  That's a way less than 2 500! Well, let's hope that the heuristic of McAfee is very effective, then .

                  Does anyone know, if the total number of records in the malware database is available somewhere?

                   

                   

                  Message was edited by: pepez on 1/30/10 3:41:20 PM CST
                  • 6. Re: Is one av pattern file per day enough?

                    Where it is written Symantec gives 2500 detection per day, it is not clear, and cannot be taken a solid answer in every scenerio, well Symantec does post larger threat database, more then 10 times regular file database update and 5-15 minutes pulse update, but McAfee does has a good artemis database. Symantec also has the same technology name as SONAR2..The most important thing is how wisely you surf the internet and keep your McAfee or Symantec security software updated as well as Windows OS, and other softwarers.

                    • 7. Re: Is one av pattern file per day enough?

                      Here are the update frequencies: http://www.av-test.org/numbers.php .

                      I wrote that the malware database of Dr. Web increases by at least 2 500 new detections per day.

                      I have also read about the Artemis technology of McAfee Online Threat Intelligence web community.

                      But the point is that I can have my computer protected by some free antivirus scanner & firewall, and that way be protected againt the most well-known worms, viruses and spyware. But if I pay for an antivirus software, I expect to be protected not only against the most notorious online threats but also against other kinds of unwanted programmes.