Kaspersky the AV engine in ZA Extreme Security poses a quandry
Having used Symantec and McAfee in the past, I settled on the paid edition of ZA. In reading the fine print (again recently) I see that ZA's Extreme Security edition does in fact use the Kaspersky AV system for AV.
Now I trust CheckPoint to be CheckPoint, and there is no doubt in my mind that some data is being harvested from the Firewall component of the package to bulk up its knowledge of the (un)known universe. I appreciate that I can articulate my inbound and outbound data preferences as I wish to control this flow because I am running layered firewalls.
I would (did) not buy Kaspersky because as it turned out I had three (former Soviet) Russian engineers working for my Internet company beginning in the early nineties through to 2000, and I trusted them to be Russian. This means take a tea break at 10 and 4, engineer for re-purposability (object oriented discipline), solve complicated problem with simple, effective solutions, and take 'their' source code with them each day. They were brilliant and well educated, and therefore above my paygrade to characterize them as being crooked and/or pro_russia. I recognize that I paid their wages and was entitled to keep the source code of applications they developed on the company's behalf, so I was taking a risk? I didn't buy Kaspersky was my response.
My company implemented CheckPont firewalls in the nineties.
However Kaspersky working alongside ZA and operating within their framework? I am still in shock a little bit (having just discovered this recently), perhaps denial, and haven't pulled the plug on ZA yet. Indecision is, the only times I have detected malcode on a machine under my purview, the computer (users) were running Symantec or McAfee and naturally not performing regular updates, practicing unsafe surfing, and using mickey mouse routers. Secondly, ZA paid service is obscure from the mainstream. Third, geopolitically speaking, I believe that there is sufficient mistrust between Israel and Russia and with the source residing within CheckPoint (and Kaspersky's commercial interests in financial survival) to defeat the massive trojan hypothetical that Kaspersky AV residing within CheckPoint's framework poses. Fourth, Russia expelled and exported a significant number of clever, motivated (Soviet educated) engineers to Israel in the early 90's sufficient to start an extremely successful software industry which included sufficient technical talent to control any bad actor.
I am going to keep my ZA for now.
Opinions on my approach?
Biting the hand that feeds IT
