Posts made by beta

Hey all,

Yea, so it's been a while since I bought a new server for our company but the time is coming

I need to replace a 10 year old Dell PowerEdge that was bought new direct from Dell at the time. I know xByte used to get a lot of love on various forums, but like I said, I haven't had to purchase server gear in a while so I just wanted to check in with you all to see if they are still recommended for quality gear? I know some companies change for the worse, just hoping that is not the case with xByte.

And not related to xByte, but might as well ask here, my new server is going to be used to store Veeam backups which means I'm looking at needing a decent amount of storage. I was going to put 8 14TB drives (Dell drives bought with the server through xByte if I go that route) in RAID 6 for 84TB raw storage. Is that size array unwise for RAID 6?

Thanks all!

I need a small managed switch (absolute minimum 8 ports, but preferably a little more for just in case) with POE that can do VLANs and is reliable.

This if for a small branch office with 3 people max and they have no IT closet so it will be sitting on a shelf in the manager's office, so preferably something not too noisy either.

I know Ubiquity seemed to be pretty heavily recommended around here, but I can never remember what line of products I should be looking at for their switches.

Thanks!

@scottalanmiller said

It's always array size, never drive size, that matters primarily.

Just so I make sure I understand, array size meaning total TB or total number of disks?

@dustinb3403 Well I looked up Dell drives and the 3.84 SATA read-intensive drives are going for ~$1800 a piece (before any discounting).

@pete-s How much are two 3.84TB enterprise SSDs going to cost me again?

@dashrender Based on what I've seen re:IOPS usage of my current VMs I believe it will.

I guess my other concern with RAID 6 in this case is if the array is getting too big? The individual disks themselves at 600GB I don't think are a problem, but 12 in a single array?

Hear me out...I have a Dell server that I use as a Veeam replication target. This host is used as a backup in case my primary server dies - I just turn on the replicas and run from it until primary host is repaired.

This backup host currently has OBR10 comprised of 10 600GB 10K SAS drives. I'm running up against storage capacity limitations and have ordered 2 additional 600GB disks to add to the array, but I was thinking while I am in the process of rebuilding this array, maybe I should change it from OBR10 to RAID 6? My concern is that while I am pretty sure the OBR10 will give me enough space to last until I schedule a complete replacement of the server, the margin will be very slim whereas the RAID 6 I'm sure will give me plenty of extra breathing room until the server is replaced.

Would this be crazy to do? Or should I just stick to OBR10? Thanks!

Hello everyone,

As the title mentions, I'm a one man IT shop for a nonprofit with about 100 users (120 or so workstations) and am looking at continuity options to help out when I'm on vacation/sick/need extra help etc.

I'm thinking about looking at a MSP for additional help and was just wondering if this is something MSPs typically do, this "fill the gap" type of support when primary IT is unavailable. I'm concerned I've got my environment setup in a specific way using Veeam for backups/replication and even an AWS site for DR purposes. Will an MSP work with my existing technologies or are they going to want to come in and use their backup product for example?

Also, I'm wondering is it worth it to create an RFP or should I just ring up some MSPs and tell them what I'm looking for and craft a quote based on our conversations?

Really I'm just looking for any advice that can help me to actually step away from work at times (when COVID permits) and not be super anxious that something is going to break down and I won't be available to fix it.

Hey everyone,

I hope it's OK if I x-post this as I'd like to get as many opinions as possible.

We are evaluating finally moving to O365 and I had a scenario in my mind I'm not quite sure how to address and wanted to see what others are doing or if I am worrying about this too much.

I have a group of users who need to follow HIPAA compliance. I'm concerned that by going to a cloud platform where users can access files/email from any device anywhere in the world, that they could accidentally download sensitive info to unsecured devices.

For example, if a user logs in to OWA from their home computer and opens an attachment, that attachment is downloaded to their local temp files which is technically now on an unencrypted hard drive right?

Or say a user logins in to their OneDrive and downloads a file with sensitive info to their home computer. You now have that data stored in an unsecure location right?

Are there ways to mitigate these risks that I should be taking? In practice do you do anything to mitigate these risks?

I've done a lot of searching and when I look at compliance issues related to HIPAA, folks seem to say E3 licenses are sufficient to cover your bases because you get some DLP features and email encryption, which I suppose is good to stop people from accidentally emailing sensitive info outside the org or for sharing files on OneDrive or Sharepoint outside the org, but what about the situations I described above? Am I being too paranoid? Should we just come up with a written policy that says users should not download files to their personal computer?

I raised this issue with the company we are looking at using for help with the migration and he mentioned a lot of orgs usually issue company equipment for this type of access. Which I agree is good to do, but I'm still concerned that a user would figure out they could sign in from their home device and open up files without them even knowing that those files are then stored locally on their unprotected machine. Also, it would be nice if people could work from home using the online versions of Office without us having to issue them company equipment during this whole worldwide pandemic thing.

Any feed back is appreciated. Thanks!

Do any of you have any experience with the Unifi APs in a warehouse environment? Don't know if it matters, but the detail I forgot to add is these will also be deployed in a 30k sq ft warehouse (might be bigger). I know the Ciscos we are using here are designed for "external" use with external antennas as well. I'm assuming the Ubiquity line has something similar?

Also, since someone mentioned NVRs earlier, instead of starting a new thread, I'm wondering what you all are using for camera systems. This new location is probably going to need 5-10 cameras. At HQ we use a Genetec system for CCTV/access control which is great and it would be nice to be able to tie that system into this new system, but that probably won't be possible due to bandwidth limitations so we'll probably have to put a local device at this new location.

Thanks for your help as always!

I forgot to ask, who do you guys like for Wireless Access Points? We'll probably need to add a few of those too. Currently our main facility is covered with Cisco APs and a 5508 controller. I don't think we're going to need that many APs for this location obviously.

@Dashrender I actually haven't talked to my Shoretel guy yet ha. I just figured this would be best because then I could get some trunks for the branch office and they could have phone service/911 if the VPN was ever down.

If I run everything over VPN, how would you suggest handling 911?

Hello all!

We currently have a 100 person central office with a Cisco 2901 router to do our core routing functions between VLANs and a Palo Alto PA820 sitting in front of that to do firewall duties.

We now need to open a small branch office to move some of our staff that work here (I'm thinking it is going to be only around 10 people or so).

I'm wondering what are your current recommendations for small branch office setups?

I'm also wondering if I should stick to the separate router/firewall setup or have 1 appliance do it all.

I know Palo Alto makes a smaller unit, the 220, that looks interesting.

We have PA subscriptions for antivirus/IPS/URL filtering etc. and since we plan to have a VPN between the 2 sites, I'm not sure if it would make sense to get those subscriptions again if we bought a 220 instead of just routing all the traffic to HQ.

We are also looking at putting a Shoretel voice switch at this branch to connect back to our Shoretel HQ server for phones, so I'm looking for something that plays nice with VOIP.

Any recommendations? Thanks!

@Grey said in Is texting of pictures HIPAA compliant?:

@beta https://www.wrcbtv.com/story/41974356/hipaa-and-texting-is-sending-a-message-compliant

Thanks. So I think basically you and Scott are in agreement with MY particular situation, no? This would not be advisable and I should look for another way to have the documents sent to us. Or at the very least, it looks like we can inform the client that texting is not a secure form of communication, but if they want to do it they can? I have a feeling a lot of clients honestly wouldn't mind.

@scottalanmiller Yup exactly. Trying to get the client to install a separate app on their phone would be quite the challenge haha.

@scottalanmiller Scott, I know it doesn't seem like a big difference ease of use re:email/texting, but to some of the people we serve, it really is. They may not even have an email address to start with and walking them through how to sign up for one, attach files, etc is a lot harder for them than just going to their text messages and putting in a phone number. I feel the same way, but it is a reality of the population we serve.

We do have a 3rd party email filtering service that allows us to send encrypted emails (Zix) and my thinking was that probably our process should be that we send the client an email through that and then they can upload their documents and send it back to us through Zix. This requires the client to have an email though and for them to register for Zix when they first click the link we send them. Again, this doesn't sound like a lot, but given the population we serve, it can literally take an hour to walk someone through how to do this if they get it done at all.

Texting photos of their stuff really is the easiest option for them, but I didn't think this was secure enough and was looking to see if I was correct. I tend to err on the side of being super secure if possible, but I don't want to put false limitations on us if they are not needed and interfere with helping people.

So yea, I've posted before about how I support a small department in our org that is contracted with the state to help people apply for government benefits. We are not a healthcare provider and don't collect health information, but the state tells us we need to follow HIPAA because they do and they consider us a BA.

Anyway, normally we have a small team in the field who sits with a client one on one to help them apply and as part of that process our staff needs to collect verifying documentation to send to the state including IDs such as drivers licenses, income verification records such as letters from Social Security, paystubs, etc. etc. During pre-pandemic times, the client would bring this with them to their appointment and our team member would scan it and send it securely right then and there over a VPN directly to the state.

Since we can't meet one on one with people anymore, we are looking to change our process to help people over the phone, but we still need to collect these supporting documents. We have clients who are not tech savvy and barely know how to use a computer, but they do know how to text and they want to take a picture of their stuff and text it to us. So this doesn't seem to me that it would pass compliance muster, but I just thought I would throw it out here and see what others think and if you would have any other suggestions for how people could securely send us these documents. The thing is, we are looking for something that is super user friendly. Like I said, a lot of these people can barely work email and texting is really the only thing they know how to do.

Thanks all!

Yup, I know about TechSoup, I didn't think they sell O365 licenses directly though, I thought they just direct you to MS as you can get the MS donations directly from MS.

Basically, thinking a little more about what I need to accomplish in 365:

1. Keep all emails for 2 years (company policy). Currently we are using a 3rd party filter/archive service for our on-prem Exchange server. I was thinking if we moved to Exchange Online we could possibly get rid of that and use MS services? I know there are retention policies that can be configured, but wasn't sure what level of 365 is required.

2. We have small departments, 1 handles applications that contain SSNs, the other handles payment processing (so they touch CC numbers, although our policy is not to store these - we use a 3rd party payment processor). I'd want to protect the data these users handle by making sure it's not leaked or shared accidentally while still allowing them to make use of the collaboration tools like Teams and Sharepoint. I'd also like to restrict any such data from being downloaded to a home device (editing in the web app version of Office would be ok). That's why I figured I'd need something more than E3.

Thank you all again!

Hello everyone!

I'm going cross-eyed looking at all the plans and add-ons Microsoft offers for Microsoft/Office 365 and was hoping to get some feedback.

Trying to get an idea of what it would cost us to move towards Office 365. We are a non-profit so I know it could technically cost us nothing, but I am looking at plans that give us access to the full Office applications and, where things really start to get a little complicated, is that we have a small department here that handles applications for the state and this department handles sensitive info like SSNs so advanced features like DLP and compliance features of Office 365 would be needed for this particular group.

Am I reading correctly that I can mix and match different subscriptions? For example, can I just buy the small subset of users that we need to ensure compliance with the advanced O365 licenses like E3+E5 Compliance add-on? And for majority of our users who don't touch this type of data a simple Nonprofit Business Standard?

Thank you!

Well, they stand behind it for 90 days. Anything more and you have to buy support from their partner. You can also get Cisco coverage through SmartNet, so I suppose that is probably a good sign.