@scottalanmiller said in bitlocker suddenly enabled:

@PhlipElder said in bitlocker suddenly enabled:

@pattonb said in bitlocker suddenly enabled:

greetings, I have a user that claims on his recently purchased lenovo laptop, that he started it up and is now asking for the bitlocker key. I have checked his Microsoft account, and there has not been any bitlocker keys used or saved. Is this a matter of a user inadvertently enabling bitlocker or............ ?

Recent Windows Update is the culprit. The catch is, to remove it one needs to get in to the OS partition in order to remove it.

Seriously? What the heck. What triggers it getting deployed?

My guess is that it was set up and on right from the factory image.

@pattonb said in bitlocker suddenly enabled:

greetings, I have a user that claims on his recently purchased lenovo laptop, that he started it up and is now asking for the bitlocker key. I have checked his Microsoft account, and there has not been any bitlocker keys used or saved. Is this a matter of a user inadvertently enabling bitlocker or............ ?

Recent Windows Update is the culprit. The catch is, to remove it one needs to get in to the OS partition in order to remove it.

@PhlipElder said in Mikrotik software firewall/router?:

@scottalanmiller said in Mikrotik software firewall/router?:

The same sales tactic is used to sell expensive "you have to pay the vendor extortion rates for support" over open source products that are known to be far better for decades. It's probably the best known scam in our industry. And once people overpay and get too little, the vendor has customers over a barrel and they feel that they can't expose to management that they spent a fortune and got less than they would have gotten for cheap or for free. And so the spending spree continues because no one up the chain wants to expose what they've done.

Three cluster setups:
1: Cisco Small Business Pro series Gigabit and 10GbE
2: NETGEAR Gigabit and 10GbE
3: Ubiquiti Gigabit and 10GbE
4: Mellanox/NVIDIA 10GbE, 40GbE, 50GbE, 100GbE

Guess which ones we've had the most grief with? Which one's the least?

Off the top:

4: ConnectX-3 VPI would not come back online after a cable swap no matter what. Had to reboot the node. SwitchX still up and running and we're getting close to 8 years.
1: We have some SG300x or SG350x series that came back from clients still humming along close to 10 years later. Had a few early hardware rev editions drop ports. Some issues with the UI and responsiveness but all and all a solid platform.
2: Solid. 10 years later still going though firmware tends to get persnickety after 24-36 months of uptime or longer so an occasional reboot needed.
3: Management UI installed the reset the adopted switches without any warning. Threw a cluster into chaos. Site does not mention that that would happen. Lesson learned. VLANs: If there are "too many" the switches randomly stop routing. Just stop. In a teamed setting not so bad but the VMs residing on the port that gets dropped just disappear. What a PITA to troubelshoot troubleshoot (dyslexic brain on overdrive today).

We do get what we pay for. ;0)

@Pete-S said in Mikrotik software firewall/router?:

@PhlipElder said in Mikrotik software firewall/router?:

@scottalanmiller said in Mikrotik software firewall/router?:

The same sales tactic is used to sell expensive "you have to pay the vendor extortion rates for support" over open source products that are known to be far better for decades. It's probably the best known scam in our industry. And once people overpay and get too little, the vendor has customers over a barrel and they feel that they can't expose to management that they spent a fortune and got less than they would have gotten for cheap or for free. And so the spending spree continues because no one up the chain wants to expose what they've done.

Three cluster setups:
1: Cisco Small Business Pro series Gigabit and 10GbE
2: NETGEAR Gigabit and 10GbE
3: Ubiquiti Gigabit and 10GbE
4: Mellanox/NVIDIA 10GbE, 40GbE, 50GbE, 100GbE

Guess which ones we've had the most grief with? Which one's the least?

I can't stand the suspense. Please tell!

In order of stability and longevity:
4 1 2 3.

@scottalanmiller said in Mikrotik software firewall/router?:

The same sales tactic is used to sell expensive "you have to pay the vendor extortion rates for support" over open source products that are known to be far better for decades. It's probably the best known scam in our industry. And once people overpay and get too little, the vendor has customers over a barrel and they feel that they can't expose to management that they spent a fortune and got less than they would have gotten for cheap or for free. And so the spending spree continues because no one up the chain wants to expose what they've done.

Three cluster setups:
1: Cisco Small Business Pro series Gigabit and 10GbE
2: NETGEAR Gigabit and 10GbE
3: Ubiquiti Gigabit and 10GbE
4: Mellanox/NVIDIA 10GbE, 40GbE, 50GbE, 100GbE

Guess which ones we've had the most grief with? Which one's the least?

@PhlipElder said in Mikrotik software firewall/router?:

@scottalanmiller said in Mikrotik software firewall/router?:

@PhlipElder said in Mikrotik software firewall/router?:

It's also one of the main reasons why a red flag gets raised when vendors, especially the hyper-cloud sized ones, remain silent about any issues they've had.

that's a tough one because how do we know when they are being silent or not, or just have had fewer issues? It's hard to say.

Okay, I have a memory: A perp was running around Microsoft's CorpNet and snipping images of what they saw and posting them via Tw33ter or other social media platform. I did not save them, unfortunately.

So, have they been memory holed? Can you find them?

How about Microsoft's statement around the perps running around CorpNet after the SolarWinds fiasco? "Oh, they only saw not important code" or something to that effect. Has that been memory holed?

The reason I ask is because it seems to be the standard order of procedure to hide everything instead of coming clean and being forthright.

iNSYNQ, Maersk, Wolters Kluwer are three public situations. I know of plenty of not public ones that never got broadcast beyond those impacted. No news item, no mention anywhere.

So, what's up with that?

@scottalanmiller said in Mikrotik software firewall/router?:

@PhlipElder said in Mikrotik software firewall/router?:

It's also one of the main reasons why a red flag gets raised when vendors, especially the hyper-cloud sized ones, remain silent about any issues they've had.

that's a tough one because how do we know when they are being silent or not, or just have had fewer issues? It's hard to say.

Okay, I have a memory: A perp was running around Microsoft's CorpNet and snipping images of what they saw and posting them via Tw33ter or other social media platform. I did not save them, unfortunately.

So, have they been memory holed? Can you find them?

How about Microsoft's statement around the perps running around CorpNet after the SolarWinds fiasco? "Oh, they only saw not important code" or something to that effect. Has that been memory holed?

@scottalanmiller said in Mikrotik software firewall/router?:

The same sales tactic is used to sell expensive "you have to pay the vendor extortion rates for support" over open source products that are known to be far better for decades. It's probably the best known scam in our industry. And once people overpay and get too little, the vendor has customers over a barrel and they feel that they can't expose to management that they spent a fortune and got less than they would have gotten for cheap or for free. And so the spending spree continues because no one up the chain wants to expose what they've done.

Open Source may be as vulnerable or more vulnerable to the SolarWinds style "attack":

https://www.theverge.com/2021/4/30/22410164/linux-kernel-university-of-minnesota-banned-open-source

No system managed and run by human beings is exempt from issues with the product nor the malicious behaviours of perps.

@ITivan80 said in Mikrotik software firewall/router?:

I have seen them used in DC world. Though i myself do not have experience on them sorry

Being that human beings are imperfect anything we make will be imperfect.

It's a given that all products experience problems that need to be addressed.

It's also one of the main reasons why a red flag gets raised when vendors, especially the hyper-cloud sized ones, remain silent about any issues they've had.

@nadnerB said in Random Thread - Anything Goes:

Ours will actually park themselves on the rails and stay there waiting for mice, shrews, and voles to hop through the small cat door in our garage's man door. They'll eat the mice but just kill the shrews and voles.

@pmoncho said in POTS line replacement:

We are currently required to have POTS lines for our current fire alarm system which is a PTIA. We also kept one other POTS line for our main fax line also (not my call).

Our POTS line pricing was bumped again and with a call to AT&T we found out that there as a "newish" service AT&T Phone for Business Advanced. This service is suppose to be the replacement for specialty analog lines like Security/Fire Systems, elevators and such. The cost with 3-5 lines is significantly cheaper than our current bill.

Basically they connect to our network and install their "Phone for Business - Advanced device" (I'm guessing just a suped up ATA device) which will allows up to 8 analog that connect to a 66 Block.

I was wondering if anyone else out there has/seen/installed/messed with this service? Also wondering exactly what this "Advanced Device" actually is that they want to charge about $500 for (BIG UGH).

We also have a call into our Security/Fire Alarm company on the costs of a replacement alarm system is and if it can work over cellular. We will then see which will have the best ROI depending on years of service.

Our alarm company told us the same thing when we inquired about putting in our fibre provider's VOIP based phone system.

The fibre provider called it bunk so we switched and have not had any problems.

The alarm system needs a dial tone. That's it.

@dmacf10 said in Mikrotik software firewall/router?:

@PhlipElder Odd that you had stability issues. When properly configured I've never had any issues at all besides the occasional lightning strike back in the day on the PtP sites. When used in controlled environments they have world-class stability and reliability. At least that's been my experience with the 500+ that I've worked with.

It's been a while, but they were primarily due to the site-to-site VPN going down and the occasional lockup.

There's always been "suspicion" around inexpensive products since we get what we pay for.

Ubiquiti is no less in the crosshairs of that suspicion with it being justified.

Once bitten, twice shy so really haven't looked back.

Are there folks that are running MicroTik now with no issues? It sounds like you are?

@Pete-S said in Mikrotik software firewall/router?:

@PhlipElder said in Mikrotik software firewall/router?:

@Pete-S said in Mikrotik software firewall/router?:

Does anyone have experience with Mikrotik's software firewall/routers?
Or any opinion on their products in general, especially for business use?

I used to think they were some kind of garage company but it turns out they're a billion dollar company.

We worked with them quite a bit at a site. Clunky, difficult, and not the most stable at that time.

Have they improved? Not sure, but IMNSHO, there's better products out there for the same or slightly higher pricing.

Lack of stability doesn't sound good because that is the most important IMO.

What brand are you thinking of? I have tried to look at the low budget business market but haven't found any other brand that have a complete line-up. Ubiquity for example, only have a small subset of the routers that Mikrotik have and no software router.

The stuff we were working with was their entry level business class products.

Ubiquiti would be one I think. They are pretty stable though we do have issues with them when there's a fair amount of VLANs configured on the switches.

@Pete-S said in Mikrotik software firewall/router?:

Does anyone have experience with Mikrotik's software firewall/routers?
Or any opinion on their products in general, especially for business use?

I used to think they were some kind of garage company but it turns out they're a billion dollar company.

We worked with them quite a bit at a site. Clunky, difficult, and not the most stable at that time.

Have they improved? Not sure, but IMNSHO, there's better products out there for the same or slightly higher pricing.

@scottalanmiller said in MS SQL Server Error: No Process is on the other end of the pipe:

Full error...

A connection was successfully established with the server, but then an error occurred during the login process. (provider: Shared Memory Provider, error: 0 - No process is on the other end of the pipe.)

(Microsoft SQL Server, Error: 233)

---

This error tends to happen when you are trying to authenticate with a SQL Server account on a system that is only configured for Windows Authentication. MS SQL Server allows SQL accounts to be created regardless of this setting in the configuration and gives no errors (for logical reasons we could go into) so it is easy to do without realizing it. So if you see this error, check to make sure that SQL Server authentication is enabled or use a Windows account instead.

We deal with some really clunky front ends that run with SA/SQL Authentication so hybrid mode is a setting that gets done during the initial instance setup process.

The other thing to keep in mind is that if there is more than one admin account being used to manage that instance, or those instances, to make sure to add those accounts during the instance creation process otherwise pain ensues.

@nadnerB said in Random Thread - Anything Goes:

Toss this at the fam as I was clueless in this matter.

This we came up with:
Roses are Red
I am Groot
Have you seen my Super Suit?

@nadnerB said in Random Thread - Anything Goes:

Coffee good beer or other spirited libation better.

@nadnerB said in Random Thread - Anything Goes:

That's about all Asus boards are good for IMNSHO of course.