@Hubtech said:

that just seems like a revenue eater.

It's a great option for businesses that specialize in engineering/project services, but also need to offer end-to-end support.

A few things:

1. Each DC should only point to itself for DNS. After turning a member server into a DC, you may need to adjust its DNS settings accordingly.
2. Each site should have a Global Catalog (GC). Ensure that your new DC is also a GC.
3. Make sure that the client computers are set to use their local DC as the primary DNS server, with their secondary being offsite.

Sounds like SipVicious. allowing only end-user subnets to access your SIP interface should fix that issue.

.net domains were for ISPs and networking providers, so depending on your business, they may or may not be a good choice. There's always the country-specific TLDs, such as .us.

What, exactly, is the request? I didn't sense a question in there.

This, folks, is why we test queries before adding the query syntax to create dynamic collections.

@Dashrender said:

I don't disagree Alex. But short of something like Webroots approach, the rest are pointless when you have MSE baked in.

Exactly! There is a reason why I prefer Webroot. It functions well as an immune system for anything which manages to make it past the front door and onto the endpoint. Keep in mind that more and more users are moving to laptops, so there's a decent chance folks will be attached to non-company networks along the way, and need a solid onboard level of protection.

So many businesses never patch their external-facing routers, so this would be a cakewalk in many cases.

@Dashrender said:

And now since Windows 8 includes it built in, a company could effectively get away without buying any AV for the end points. I personally liked MSE, but I know others who don't. Have always of you really need more than what comes with Win8 assuming you're running a decent firewall.

It's about taking the layered approach. Firewalls are old news; most of the modern attacks in the wild work from the inside out now, but it's still a good thing to have. If you have a UTM or other type of inline filtering setup, it's a good layer. Still, a good endpoint protection product is the last line of defense, and shouldn't be passed by.

@Dashrender said:

MSE allows small businesses to run up to 10 licenses. Unless that's changed.

That's correct. Anything larger would be out of compliance.

@JaredBusch said:

@Dashrender said:

is the MX60 a firewall? I suppose I'm ok with the yearly fee for AV/spam updates... but Meraki's yearly fee for APs is just over the top. $300-500 a year for something that's fairly static. I understand there are a ton of features, but that price.. just OUCH.

That is why I like the Ubiquiti stuff. The AP's are great and you have a centralized controller you set up for it. The EdgeMax Lite is a Vyatta based router. You can buy both for $150 total.

What anti-malware, IPS, and content filtering does it have?

@Dashrender said:

is the MX60 a firewall? I suppose I'm ok with the yearly fee for AV/spam updates... but Meraki's yearly fee for APs is just over the top. $300-500 a year for something that's fairly static. I understand there are a ton of features, but that price.. just OUCH.

The MX60 is a security appliance, yes. For a small 30-person environment, if you wanted a separate Meraki AP, the MR-12 would be sufficient. MSRP for that is $399 and $150 per year for licensing.

If central management isn't on the table, there's the Sophos UTM 100 appliance. It's a bit more powerful than the MX60 or PA200. It can come bundled with an AP10 as well. I don't have an MSRP for it or annual subscription pricing, but I see it on Newegg for $687.

@scottalanmiller said:

@alexntg said:

@scottalanmiller said:

For that price, I could have Pali Alto!

It's a comparable product to the PA 200, and also includes a built-in wireless access point.

I wouldn't compare Meraki to Palo Alto. And built in AP is nice but not huge.

If not including wireless, you'd be looking at an MX60, and the MSRP would be $495, with the full subscription of $500 per year, and also adding the cost of an access point.

@scottalanmiller said:

For that price, I could have Pali Alto!

It's a comparable product to the PA 200, and also includes a built-in wireless access point.

@scottalanmiller said:

@technobabble said:

I lost count of the PCs that small business have running some type of free av.

Yeah. Nearly all, I'd say.

And as a responsible MSP, we work to get them into licensing compliance.

@scottalanmiller said:

Be aware, with Meraki, that you have recurring annual costs. So the TCO is very high compared to the sticker price.

Strictly MSRP (so I'm sure you can find better pricing out there), the unit's $845 and the subscription's $550 per year.

@IRJ said:

@alexntg said:

Perhaps just picking up some off-hours contract work for server maintenance may be a decent way to go? You'd get exposure to other environments, likely bigger ones, and get paid to do it. You'd also be free to work your day job without being impeded by your side work. You could also sign up with Onforce and keep an eye out for evening jobs.

That's kind of what I was aiming for. Maintaining WSUS, packages, and etc

I am already talking to a potential client about doing an exchange upgrade. Which would need to be done after hours anyway.

Just make sure to take a few days off from your day job for go-live.

@Carnival-Boy said:

@scottalanmiller said:

I've written a bit on the evils of SMS.

Link? I definitely don't understand the risks.

Another problem I have with using e-mail for confidential communication is the annoying habit of some users to set-up rules to forward all of their work e-mail to their personal e-mail. That's usually their personal Hotmail e-mail that uses the password "password".

That's one of the many reasons that it's important for companies to have and enforce policies that prohibit employees from using their personal email for work purposes.

Before making a purchase decision, you may want to also evaluate Webroot.

That article had some really dated (and mostly residential) thinking. A modern AV solution (of which I can only think of 2 offhand) isn't bloated, and doesn't run on definitions. Free AV isn't available to businesses in most cases, so their statement of everybody being able to have free AV's really directed at the residential market. Most residential customers would rather not pay a recurring license charge for AV and instead pay more to generic residential tech firms in order to clean or wipe their computers.

In the business world, it's still very much alive and kicking. Pricing's tighter, as it's more of a comodity now, but if a vendor can listen to the users and give them what they need with good detection and performance, there's some profit to be made.