Burned by Eschewing Best Practices
-
@DustinB3403 said in Burned by Eschewing Best Practices:
@MattSpeller In private conversations with the guy now. He is in fact in ownership of this unit, and is trying to set it up to fit his business needs.
-
@MattSpeller said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@MattSpeller In private conversations with the guy now. He is in fact in ownership of this unit, and is trying to set it up to fit his business needs.
Pretty much...
-
Removed a drive from a RAID1 mirror to replace a failed drive.
-
@DustinB3403 said in Burned by Eschewing Best Practices:
@scottalanmiller said in Burned by Eschewing Best Practices:
Me: I just ordered that vehicle that you wanted.
Boss: How did you know which one to order, we didn't discuss what it was used for.
Me: I just got a standard snowmobile, even if it is wrong, it's kinda close, right?I'm ripping into the guy right now on SW. That's unforgivable to blunder into a purchase like that.
How do you manage to rip into people on SW without getting put in David's little moderation time out corner???
-
@RojoLoco said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@scottalanmiller said in Burned by Eschewing Best Practices:
Me: I just ordered that vehicle that you wanted.
Boss: How did you know which one to order, we didn't discuss what it was used for.
Me: I just got a standard snowmobile, even if it is wrong, it's kinda close, right?I'm ripping into the guy right now on SW. That's unforgivable to blunder into a purchase like that.
How do you manage to rip into people on SW without getting put in David's little moderation time out corner???
I'm not ripping into him, asking important questions to help resolve the issue.
Also Dave has tried several times and conceded that "You (I) were right, no longer moderated."
-
Also Dave has tried several times and conceded that "You (I) were right, no longer moderated."
Words that he wouldn't say to me, even if his very life were at stake.
-
But this does sound like a case of FakeRAID, to which this person was brought in to try and repair.
-
Windows RAID it is...
Sadly the client doesn't seem to understand the benefit of properly designing a system with hardware RAID. They built the server on a generic Intel board and just connected the drives to the motherboard.
From there windows was installed and the array built..
And this isn't the only time that this system has had these issues.... he's been here before and performed the same process...
-
@MattSpeller said in Burned by Eschewing Best Practices:
Are these new? What the heck purpose do they fill? Super weird man.... I think you called it spot on: "spec'd by sales dude for max commission"
Not new, just horrible for the SMB. Good for a ROBO though.
http://www.smbitjournal.com/2015/11/understanding-the-role-of-the-dell-vrtx/
-
@scottalanmiller said in Burned by Eschewing Best Practices:
@MattSpeller said in Burned by Eschewing Best Practices:
Are these new? What the heck purpose do they fill? Super weird man.... I think you called it spot on: "spec'd by sales dude for max commission"
Not new, just horrible for the SMB. Good for a ROBO though.
http://www.smbitjournal.com/2015/11/understanding-the-role-of-the-dell-vrtx/
More articles for the massive pastbin bucket!
-
@travisdh1 said in Burned by Eschewing Best Practices:
@scottalanmiller said in Burned by Eschewing Best Practices:
@MattSpeller said in Burned by Eschewing Best Practices:
Are these new? What the heck purpose do they fill? Super weird man.... I think you called it spot on: "spec'd by sales dude for max commission"
Not new, just horrible for the SMB. Good for a ROBO though.
http://www.smbitjournal.com/2015/11/understanding-the-role-of-the-dell-vrtx/
More articles for the massive pastbin bucket!
Scott said sexy in the first line. Idk if I can handle this article.
-
I don't know if I posted this yet or not, but what the crap... he wants variants of Crypto-Viruses to show his powers that be what they do, and how they can ruin the business.
What the %&*)
-
"proxying internet traffic when people are connected to VPN"
I don't do this. Should I? I recall looking into it a few years ago and deciding it wasn't necessary, but I can't remember now.
-
To run a proxy depends on if you need it or not.
I don't ever really have a need for it, and therefore don't.
-
@Carnival-Boy said in Burned by Eschewing Best Practices:
"proxying internet traffic when people are connected to VPN"
This makes no sense to me. Either you run a proxy or you do not, weather or not they are connected via a VPN shouldn't make a difference. The only thing I can think of is doing something weird like a caching proxy for the VPN.
-
I guess that if your LAN has web filtering it is protected from malicious websites (in theory), so any devices connected to it (via VPN) should go through that filtered connection rather than through the unfiltered connection of the remote users (which might be McDonald's Wifi). So when you're not connected to the VPN you're free to browse Russian porn, but when you're connected to the VPN (and hence exposing the LAN) you're blocked from Russian porn. Does that make sense?
We run web filtering via our Trend anti-virus software installed on every client, so this doesn't apply to us. I think we probably should start running a proxy, if for no other reason than to provide an audit trail when bad things happen.
-
@Carnival-Boy I think we're saying the same thing in different ways.
If they are connected to the local network via a VPN and you run a proxy for the network, then they have to use the proxy, just like everyone else.
Weather they are connected to the local network or via VPN makes no difference to the proxy server. Which is why I said that the original statement makes no sense to me.
When they're connected to some random open wifi and not the VPN, then yeah, no proxy, but they're also not on the network.
I'd argue that using a proxy for web filtering isn't needed. Either your users are trustworthy or their not, either way they are management's problem. If management has asked you to add that ability then do it, otherwise it's in the "not my problem field". Now if you have bad internet connection options and want to speed loading popular pages up, then a proxy can make all kinds of sense.
I'd not want to let people into the local network anymore anyway. Yes, you should have a VPN for when they want to use public wifi spots (the lack of security on most of them is horrendous.) Everyone here has convinced me that moving to a LANless design is a better way to do things moving forward.
-
@travisdh1 said in Burned by Eschewing Best Practices:
I'd argue that using a proxy for web filtering isn't needed. Either your users are trustworthy or their not, either way they are management's problem. If management has asked you to add that ability then do it, otherwise it's in the "not my problem field".
I agree. I'd make management aware of the risks (by writing them an e-mail, not by installing actual malware on a VM!) and give my recommendations and if they decided not to take my advise then fine. Then if the **** hits the fan, it's their problem.
-
I find it hard to believe that web-filtering is going to reduce the risk of malware that much anyway, if at all. Unless your filtering is so strict that users struggle to even use the internet. I think it just creates a false sense of security. And when the **** hits the fan management are going to turn around and say "but you told us your proxy would stop this!" and suddenly it's your problem big time.
-
Sadly, we are in emergency/security fatigue mode now. Every day when you turn on the news there's some huge crisis somewhere. Crypto virus, Brexit, Greece collapsing, etc. Most just stick their heads in the sand.
Showing what these viruii do might be the only way to really show management how screwed their network is if they don't pay attention to these threats and find mitigations for them.