Results 1 to 3 of 3

Thread: Security Stream Product Quality Assurance

Hybrid View

  1. Security Stream Product Quality Assurance

    I guess this falls more into Michael Mychalczuk's domain...

    To be blunt, what the hell is going on?

    Over the past 12 to 18 months we have noticed a drastic decline in the
    quality of products released by NetIQ, specifically across the security
    stream (IDM, Sentinel, Access Manager, eDirectory, etc). The change has
    been noticable and dramatic, so something has changed or begun to fail
    in a significant manner.

    Alone I have 22 SR's _currently_open_ with the majority linked to a bug
    of some description. The majority of those bugs are not related to some
    bizarre way we're using the product, but basic core functionality of the
    product (I'm not going to put specific examples in this post, I consider
    it a wider issue than that).

    When Product Managers tell me that they have strong Testing and Quality
    Assurance for their products, I just have to laugh. "Quality Assurance"
    is supposed to mean that NetIQ assures the customer that the product is
    of high quality and has been tested to behave as documented, which is
    just simply not the case anymore.

    Too much emphasis has been placed on shoehorning new features into
    products with little to no validation that the core functionality has
    not been compromised.

    On a slight side note, the timing of these issues could not be worse.
    The State Government is in the process of reviewing the ICT roadmap with
    emphasis on the IDM, Access, and Security/Privilege components. As part
    of this review, questions are being asked about product cost and
    suitability. The process has already begun in earnest with various
    vendors presenting their products. Having poor functioning products come
    out of NetIQ is making other vendors look more attractive, despite NetIQ
    being the incumbent.

    It never used to be this bad, what has gone wrong?

    Visit my 'Website' ( for links to Cool
    Solution articles.
    ScorpionSting's Profile:
    View this thread:

  2. #2
    mychalczukm NNTP User

    Re: Security Stream Product Quality Assurance

    Thank you for taking the time and posting your thoughts on the forum!
    The first thing that is appropriate for me to do here, before going any
    further, is to say that *on behalf of the teams I offer to you, and
    everyone else that reads this post, my personal and our collective
    apology. *

    Speaking candidly for products that are part of the privilege portfolio
    (CG, DRA, GPA, PAM), *we have found some significant breakdowns in our
    processes and our testing technologies*. Im happy to say that those
    issues were addressed for the upcoming release of DRA, and that other
    product teams are looking at similar exercises for their products in
    their near-term release cycles as well.

    Over the past 18 months, and a bit longer, *there have in fact been a
    number of changes going on behind the scenes within product engineering
    and product management teams across the portfolio products*. I want to
    assure you, and others, that *there has not been a conscious change made
    to our testing procedures and personnel with the intent to reduce our
    focus or emphasis on delivering high quality software*. However, as you
    have pointed out there has been a need to rapidly address some market
    needs, and what has happened is that there have in fact been cases where
    we simply did not test far enough in some areas.

    In one of our product teams, we recently performed a comprehensive
    end-to-end test case review that covered over 2,000 test cases. In that
    analysis, we discovered that when we had added new functionality, we had
    created both unit and functional test cases, but had not adequately
    addressed regression test cases which test how our new functionality
    interacts with existing functionality. This omission in effect created
    several blind spots in our final testing phase.

    Writing a response to you, and others, on a forum is easy. Lets be
    frank, words are free, easy, and available in plenty. The only thing
    that will demonstrate our commitment to quality is our actions. *I am
    confident that in the releases around the privilege products that will
    be occurring in the late June time frame this year you will see progress
    in this area.*

    mychalczukm's Profile:
    View this thread:

  3. Re: Security Stream Product Quality Assurance

    Thanks for taking the time to respond Michael.

    Visit my 'Website' ( for links to Cool
    Solution articles.
    ScorpionSting's Profile:
    View this thread:


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts