Skip to main content

日本語

한국어

Notice

    Safe Deployment Practices

  • Created :
  • Edited :

    • Overview

    • This document describes the stability validation process through testing prior to the release of AhnLab products and content (patterns and rules), the phased release process, and the monitoring process after release.

     

    Testing Process

    1) Quality Assurance

    • Through a dedicated quality assurance team, AhnLab conducts the testing of product modifications upon product updates as well as engine and security content updates.
    • A plan including pre-testing strategies is first created. Then, the testing of product modifications (in terms of functionality, compatibility, reliability, security, performance, user environment, rollback, etc.) is manually or automatically validated.
    • In particular, when testing driver modifications at the kernel level, compatibility and stability validation is performed for all supported OS environments.
    • Additionally, to prevent engine malfunctions, a separate validation test regarding engine loading and operation is conducted through the quality assurance team upon each update.

    2) Security Content Monitoring

    • Security content (signature patterns and rules) is updated and deployed more than four times a day to quickly respond to new threats.
    • Although updates occur regularly, in order to prevent false positives, signature patterns and rules are monitored for a certain period by a separate threat analysis team before deployment.

    3) Internal Deployment

    • For additional validation, product modifications go through internal deployment as part of dogfooding by being applied first to the work devices and internal systems of all AhnLab employees before release.
    • After applying internal deployment for a certain period, the decision to release is made based on the final quality test results.

     

    Deployment Process

    1) Progressive Deployment

    • Once the release of the product update is decided, a target ratio for the AhnLab deployment server is selected to conduct progressive deployment (e.g., 30% / 40% / 40% of the target devices are updated progressively over three days).
    • In the case of progressive deployment, if issues are identified during deployment, the deployment is immediately halted, and a quick rollback is performed on the existing deployment targets.

    2) Custom Update Options

    • Customers are provided with detailed options related to updates so that they can manage their own update plans and target versions, thus maintaining a stable environment.
      • Customers can automatically apply the latest deployed patch set available online via the product options, or they can manually register the patch set for updates.
      • Additionally, customers can choose the type of update engine (the latest engine or an engine confirmed stable after a certain period post-release) via the product options according to their security operation policy.
    • Customers can quickly apply and test new features or diagnostics, and minimize the possibility of issues by applying a verified engine.

    3) Monitoring

    • During the progressive deployment, alerts for anomalies are monitored.
    • In case of issues, the release is halted, and recovery is performed according to the rollback procedure.
    Was this article helpful?
    0 out of 0 found this helpful
    Return to top