 And it's showtime That's what it says at the top when I click the little lie button It has like a countdown for me to tell me when I should be live and then I was like I still want another drink of water So maybe two minutes late because I was talking to my wife Fun times fun times Welcome to vlog. There's a number 370 we got Sacramento, Indiana and I know Cody is coming to us from the wonderful wild north of Canada All the way from Sweden Nebraska there we go All over the place Where you got a few things to talk about one of the first things though is going to be and this is what the Screenshot is if you will and let's as they say let's do it live actually let's let's pull this up completely live I'm gonna first queue it up and kick it off. So let me SSH into my forums And we will let's I gotta present it because I want to bring this up briefly because I think this is neat There we go. All right. We're running go access right now. So it is Crunching the logs is what you're seeing going on down there. We're crunching some logs We're gonna talk about my forums. I updated and move them. So there we go And there now you have a live view of how many people are on my forums right now Just in there's only a couple logs here as I just moved them 24 Just a little over 24 or 26 hours ago probably around 1 or 2 o'clock yesterday I set my new forums up and I've already had you know 8,000 visitors here. I mean it is you're watching this in real time So anyone that goes to forums that learn systems.com you're seeing the counters move up. But yeah Over 8,000 unique visitors that is that's just wild to me There's a lot of people that come and visit my forums actually can make it bigger so people can see it. Does this work? There we go makes it easier to see. Yeah, ain't that I mean a look at the total requests. There's a Quite a few of them. Anyways, there's a reason for all of this. There's a reason I'm bringing it up I had to migrate them to another system and I'm trying to decide oh Yeah, I don't know that the migration is not that exciting setting up discourse pretty easy But I am annoyed by something that rhymes The with discourse and it's discord it kind of drives me nuts How many people keep wanting to put information in discord? I've seen more youtubers Epos Fox has been ranting about it I've been ranting about it for a long time of why would you want to move things to discord? Where everything's kind of locked in a proprietary? But discourse on the other hand is a forum where everything is public and I keep all this You know information easily accessible for people lots of answers to things but this is the back-end result fit and I had to move it to a new server because At least some quantity of you said there's not 8,000 visitors on the stream Let me cool if there was but nonetheless 8,530 unique visitors so far visiting my forums. It's really cool Of note because I just noticed this in here. Good evening from Berlin. Yes I'm excited because I've been playing with net bird on the back end I am going to do an updated video on it the people from net bird are awesome. They sent me You know cool stickers So let me show you they have For net bird that IO They have cool logo cool stickers. I don't have my net bird shirt on but I will wear my net bird shirt That when I do the video because hey, why not but they're really cool people picture It's an old net bird is something I talked about in a previous video talking about overlay networks net bird dot IO And let me give a shout out here to the Bird just so I'll send a link in the Here here we go net bird dot IO They do overlay networks and they use wire garden in the back end It's fully open source not just the client but the server side is open source to manage all of it as well So I'll be doing a video. They have a really easy I mean don't wait for me. Just go try it out go to net bird IO and you can download and set it up You can use their service. They have like a free tier They have a hosted tier if you like to pay for them and for those you in the home lab that want to self-host it They got that option too. So I do check out net bird not sponsored by the way other than they did send me a shirt and a sticker So I will fold his closure But I they I generally like people who are big into open source So the reasons I spend a lot of time talking about like XCB and G which we will talk about in a moment after I Testings oh wants to spam it again. I mean stress test it. Yeah. Well, this server is a lot more hefty than my What do you call it? These the that's what I was gonna do I was gonna migrate this anyways this server is quite a bit more robust, but we'll pull up net data on it as well Let's share that real quick to see how many what you guys are doing to my server here Because that definitely is a thing that happens. I don't know that you're gonna crash it. I have no idea So there we go this is the net data running on that server, so Probably let's set it to Last five minutes apply Then we'll make it force play there we go so I guess now if people go visit forums. Lawrence systems calm We'll see what happens Ah the bbs what is that tool for engine X that tool I'm using is called go access. I have done a video on go access before so The Go access is a free open source tool you can apt-get install I think it's just like go if you Google go access you'll find it But it's a free tool for compiling logs based on Apache or engine X standard log formats Definitely really cool Yeah, yeah, yeah, baby sitting while doing solar winds upgrade. I have another friend doing the same thing Hmm. I see I see the peaks going up So I have a feeling people are clicking clicking on the site So someone someone will push this up a little bit either now or in post But none there's a lot more CPU in this than there is in my website all of you crash my website That's what happened last time So that for those of you that weren't part of that when I launched my new website people were like let's crash Tom's website After watching serve the homeless video on to go in 25 they were picking it up for my pfSense project Yeah, it runs pfSense. Well matter of fact, we'll let's What is my topic list here? I've never even know I've upgraded my forums. That was part of it I don't have I have an event. I'm going to so I don't have a ton of time today I'm not going to do a super long live stream, but I will bring this up since let's jump over to it What server one there we go add? Share this tab and seen as the beard IT day I brought this up guess what I'm using right now for my demo for my XCPNG so yes This box will work fine for what you're asking for for pfSense I've tested it with pfSense and I'm currently running XCPNG on it. So yeah, if you're if you want to try that Note in my video the overheating problem. I talked about so definitely Just take note of it that I've not had a problem provided You let it ventilate on the bottom when you start using the SFPs You just got to pop the bottom cover off, but hey, it works I mean, that's a solution and it seems to be for that. So Forums is much faster. Yes, definitely Speed boost there by switching out But let's talk about what changed an XCPNG because today marked a release and we'll start there before we talk about everything else The beta 8.8.3 beta 2 so they're really close to the Latest version so they've been packing a lot more features in here on feedback I'll throw this a link in here for people that want to read it. I tweeted it out as well but I'm excited and It's funny because I hid this such a hit and miss but this is the way they do things that XCPNG Like CBNG is Careful about the releases even their betas are very stable matter of fact I'm running the beta right now the same version on there that I'm working on some new demos for Because it just works so well, but I'm not saying to use it for production I'm one of the people that if I find a problem I report a problem and I participate in their forums for it so I'm excited to see though that the the careful and Planned way that they do these updates. It's not fast but boy is it good and there's a lot of features coming here So it's a lot of little stuff that's going into the base XCPNG So I'm really happy to see all of this come out. So I imagine with the 8.3 being beta 2 we're gonna see a full production release relatively soon And like I said, it's a lot of little things but those little things add up and Let's see AMD mic AMD microcode updates Open vSwitch being updated QME bug fixes with PCI path through for multifunction devices and I will Bow down to the peer pressure of my users and do a pass through video on XCPNG soon I will I need to find a good video card And Set up a good pass through on there. So it'll it'll be on my to-do list back over though to what's changed now This is the part I'm struggling a little bit with in terms of where do I start? I'm gonna do a deep dive into Zen Orchestra Do I do a long dedicated video, you know getting started was XCPNG With how to load it and then how to do Zen Orchestra all in one video Or do I just do a deep dive into Zen Orchestra because my older video on how to get started with XCPNG is just as relevant Even though it's three years old It's still relevant because functionally the getting started didn't change and I'm trying to figure out where I start with it and Kind of has a head scratcher for me for doing some of that It's one of those challenges But I do want because then orchestra realize not everybody knows how everything works inside of it I want to make sure I do a good Overview so people go. Oh, that's how you do this or that's how you build this, you know, what are all these functions? What are these plugins? I did the networking when I just released I Covered something I hadn't covered previously like this software to find networking controller I want to make sure people understand how you can use GRE and VX LAN There's a lot of features in here that are just really cool that they've got built in I want to set up and this is on my to-do list up net box so you can actually have it auto build your net box and Set things up inside there as you build it so you can have a synchronized tie-in with net box and all of your Orchestration all your virtual machine tools in there. So there's a lot of cool things you can do Will Fire up if I want I can well, I won't need to fire this up one right now I was restoring another lab system that I'm setting up inside of here Network is attached yet networking serial so I can start this one whoop Got to fix it. So it'll start on this host This is a Little gotcha that a lot of people don't realize if you assign it more cores than the system has available It will tell you there's no host start on there, but yeah, that's easy enough to fix. Sorry that'll start this I'm gonna do a video what I need some of the things I need to cover is All the little stuff they've changed for example when you go to like your storage They have the different maintenance modes now reclaiming free space. They have if you go to the pools They have all these features like rolling pool reboot and just all this cool stuff about how the patching works These are all things that weren't available then so I kind of want to do a deep dive on all of it But I'm also always listening for feedback from all of you to see what are the aspects you want to see me dive Into the most that's one of the you know things when I have an audience here I like to ask is what are what are the things that seem complicated that maybe I can demystify about how these work? Especially, you know, I want to do a new HA video because the HA video I did was pretty old But it's still once again just as relevant Actually, let's see. Do I have two hosts still running on this? There's the YouTube demo I think I need another host so saying I Think there's one here You can add a host Connect I write about the name maybe. Hey, I found it. I I have a decent memory Because now that we have two hosts we can take the other host We have server one server two, so let's go with the pools YouTube pool and let's uh add a host there we go now we have two of them So we can start an HA project because maybe I'll do an HA video and show you how easy it is to Add a host and I'm doing it in real time here to show you how simple this is to add so there we go and Now we have friends. We have we just doubled the resource pool Well, not really not quite double because they're not the same exact machine But I want to do some of these demos of how easy it is to add something to the resource pool or Eject something from the resource pool It's still syncing so it's gonna take a second before it synchronizes here, but These will merge into one resource pool pretty simple how a lot of it works So I'll be covering that in my upcoming video of it. There's just been What so many little things that are niceties including this one here? I like the way we can Change colors of things so if we say this is a YouTube This is Tom and then we want to say live stream we can actually edit these and Tag them and then change the actually watch this how you this is kind of neat. So if we take this Advance like the tag live stream We can even add colors to the tags now they got kind of neat This is a little neat features. I don't know maybe a yellow for red. We'll do red for live stream. There we go They're live stream now says red When we tag our VMs with this and then you can add some VM notes and this supports markdown so you can This is an example of a feature that wasn't there before That Tom didn't do the markdown properly. I mean, I Let's do it a heading. We'll do is a heading instead. That would actually probably look better So do this There we go You can see that it updates that there's all these little things that were added that I kind of want to cover A new video to give you the new look and eventually later this year They're gonna have the new version coming out of XO that has you know It looks even better because it's got the new dark skin theme It's a big update to it and of course there's XO light that's coming along So those are gonna be some things that happen later this year So that's always those thing about doing it is doing, you know One big video a small video of all the updates, but I want to make the information easy for people to find That's why the advantage is a long video has I think doing one video where you go from blank PC to XTV work be amazing as parts make sense But piecing it together get tricky. Yeah, I think YouTube makes it harder for people to find the components But if I did the long one, that's kind of what I'm leaning towards It's kind of a lot, but I think that might be the best way to go It's where I'm hoping to get more people saying that or agreeing with me on that I'll answer this question is kind of lingering here any news on neckate alternative for squid proxy. Um, I Just don't think you should man in the middle your data. That's my opinion That is never a great idea. I don't really understand The need for it as much because there's better tools out there to do filtering and squid proxy is just such a headache I don't have any use. It's a good idea to run squid proxy. So My answer for years has been not to use squid proxy and my current answer is like, hey Just use, you know, I have a whole video about content filtering and how that works And once you realize the difficulty and how it works and Especially with new things like encrypted hello coming out It's going to break all the systems that try to rely on it that don't have certificate management and certificate management Causes problems with lots of security apps that go I don't like when there's extra certificates because That's a bad thing for security generally speaking. So One video and a playlist with everything in the correct order. Yeah, that's a tricky one too So one long video makes a lot easier to get all that info many smaller ones. Yeah, okay. Thank you This is the feedback I love here and thank you. You guys are driving the content of how I do things Like the past year video will be its own dedicated Because that way the titling works where how to do past through an xcp and g so I'll do a past year video But getting started I think is a good is where a lot of people should be and so I can just have a 2024 getting started Because it's still my most popular videos on pfSense aren't my one-off hottest setup of epn, but my longer from blank to this working system and that is a The goals to build videos more like that The longer form they take a lot more time to do and the editing is a lot harder because it's like I got an hour or two is worth of footage. I got to condense and put into some coherent Timeline and structure Fun stuff though. I like doing it. If anyone didn't notice Uh, why did this go off? Did I have anything important? All right, cool Is it true what willy house said about the two terabyte limit? Yeah, they're updating a they're gonna have a Update for that, but also you shouldn't have I have an entire video on storage design You should not be sticking more than two terabytes in your VMs. This is not good storage design And I see people do it The reason I know is because we do can enterprise consulting and we see people who did this I like who set this up. So like yeah, we're getting terrible performance on this I'm like, yeah, once you start virtualizing a hard drive you always sacrifice levels of performance So going well, I have six terabytes of files and I want it in a VM No, that is not how you're going to get a performance six terabyte file system It belongs on a nas at that point. We didn't invent nas technology Just for funsies. It's it has a real use case. So yes, that's true for now They are working on fixing it and there's ways around it by the way too You can switch it to raw and make it bigger, but you're back into this It's not a great idea like even though there's ways we can put band-aids and duct tape together to make it work it's still Not the ideal setup for how you should do things the better ways to do it are either a set up a nas or b If you want to keep everything in the windows ecosystem, for example You can do an ice guzzy attachment to a windows system. So you load windows as the Guest vm and then from there you would attach ice guzzy that has a back end, you know, let's say true nas Orsonology either one of those are fine and that's a better way to handle that So he is correct about that limitation As it sits today, but that is actually something that's going to be updated in the future So the limitation is going away when they finish rewriting some of the storage code, but Honestly, I don't know why people are doing the two terabyte thing there. I haven't seen any good use case for it it's usually less about use case and more about legacy um We had it this way. So we just kept making it bigger and bigger and then realizing the challenges that come with that I I've seen if anyone I've seen a few spikes here in the net data Nothing nothing that high though. I'm assuming this was where I where a bunch of people had come and visited the site On to some other news I'll see What is the Business mistake I learned the most from I don't know. I don't think a lot about those Um, it's not that I'm not haven't made mistakes. That's for sure, but I don't think about what's the business mistake I mean, maybe not hiring a salesperson sooner I mean, these are good questions that you should ask on our business technicality channel where I focus more on business there Um, I bop in and out of that channel from time to time, but a lot of the business stuff. Um You know waiting too long to hire is probably one of the bigger ones out there. So What if theoretically I had a four terabyte data set that I needed high performance local storage on a vm for hpc I don't Know you if you need high performance, you don't stick it in a vm That's your that's the first rule is if you need high performance for your storage Univades local using it you're you're taking and virtualizing a hard drive That is where the problem comes in that is where you're going to take the big performance hit And uh, this is why I recommend either a nas or an ice cozy because if you look at something like true nas And you have it on a smb share you've got it tied to active directory for your authentication Now you're talking about a system that can look at all the files It can understand the architecture. It can cache things in a very fast way You can even add like, you know meta data v devs if you have too many small files and you need a better way to do it It's just going to be a better architecture because it's purpose built to serve files fast so that's the Answer for that I'm going to be building a new network at some dc rex. I'm planning to use a block storage over the network using infoband Uh cheap high bandwidth and low latency. What's your opinion on idea? Um, I don't really Use any infoband So I don't have any strong opinions one way or another on it But I do have strong opinions on this Because this is a mess And uh, let me zoom it in here. So it's easier to see And let me turn off slack So it's quicks making so much noise Share this tab and so this is what I was ranting about today And I say I'm not really a ranty person But I just said let's be real about the avanti pulse secure vpn security issues The issues with avanti pulse secure vpn that have led to many Security breaches across large companies are not because we don't know how to write good and secure vpn software here in 2024 Is because the only thing modern about avanti pulse secure vpn is its name And kevin bowmont did a great job here. He broke down All the garbage that built avanti now garbage is relative term I say garbage as it has kind of got some old stink on it But this was cutting edge 14 15 years ago when they were using this But you start looking at some of the base they have and you know, I can pull up Kevin's post on this as well You know, here's him breaking down everything that's in the old vpn Software avanti because it's not really new vpn software. It's actually software by funk software And uh juniper acquired them in 2005 then sold them in 2014 then was packaged by this other you know, uh cirrus capital who then created a new company called pulse secure and apparently Didn't bother updating it just kept selling it and never going around there and when this started as someone posted in my forums asking about this and Their concern Which is valid Is I mean where did this go? It's this post right here in my forums And this is because You know people start seeing all these Vulnerabilities and they ask like hey, you know, what should I do to help protect my vpn? So I don't get caught up in some of these problems completely valid question until you understand Modern vpns used in something like pf sense open vpn Or if you're talking about the wire guard modern vpns have been hardened to Protect themselves against this Stuff with kernels that are like 20 years old with a 20 year old software base They haven't really been modernized to protect against modern threats And that's why I was kind of you know ranting about it. So I replied to this person But after I replied to them I you know in reading up on all this Excuse me, uh, then I headed over to linkedin to kind of you know share it and of course When it comes to things like linkedin I'm always you know making memes and sharing it and everything else and it's certainly got some attention like 92 people engaged with it Which is not bad for linkedin Which I thought was still kind of funny but basically kevin bowmont You know pulling the hood off of it avanti pulse to cure vpn really old software packaged with a new name That's all it comes down to You know, it's it's almost things that drive me nuts I am realizing more and more especially working with all the consulting I do that the problems with security have almost everything to do with I hate to say but sometimes just these vc companies They're looking for money and they're trying to figure out how little they can get away with putting in To any of these products like you're modernizing the products No way we can sell the same garbage today that we sold yesterday that we've been selling for the last 10 years I don't want to You know carry and fix all that technical debt that came with it. I just need to keep cashing and making money on it so yeah, it's Been a little bit of my topic to open people's eyes Now part of my reason for posting it is not just to rant or about it and I said this very clearly It's about making sure people have awareness people have better understanding of what's under the hood of these softwares And eventually it starts hurting the credibility of the people that have been recommending it because Once you go well, it's because security is hard because that's the answer of auntie gifts It's not because security is hard Security has its challenges, but it's more challenging when you carry technical debt And the goal is to you know question the credibility of the magic quadrants if you will that seem to recommend these products because that's not a How could you buy things from a company recommending something that clearly they're not betting very well? So this is ultimately where i'm going to keep focusing is questioning the credibility of those that recommend these pieces of software because this is You know ultimately the goal is to have a better security experience for these companies Not just to rant. I don't need to hear myself talk I actually would like to see change happen from a lot of this If you've never had the pleasure of using an avanti product It's always a mess that they just buy it and ignore until it doesn't work anymore. Yep Uh Since apu boards don't know this can be a recommendation for hardware for pfSense open sense. I always recommend nicky hardware Uh linked to the linkedin post, you know, I think I can do that Let me grab the link Copy link to post. I have no idea if this link is going to come through in youtube Or if you can click it or not I tried so I Linkedin does not do shortening of urls very well. So I did put it in my newsletter embedded it in there Personally, I find the practice of vpn companies maddening as a civil service to people that don't need it. Uh, don't know better. I If you're talking about privacy vpns, that's a different topic all together um The trouble with dumb people really believe they have all the answers the reason I know isms Uh The reason I know is I'm smart is the more I watch tons of videos. Uh, the more I realize I don't know No, I mean my goal is to educate people. I'm just dropping knowledge out here to share with people my experience of you know, uh Working into blue team for quite a while here. Uh, man, you know, I see network chuck asked him about that It's it's a harder topic to tackle. He said, uh, never checked tweeted. Um, well, let's pull up his tweet Where did network chuck tweet today? He's he made a good point. He just had a good question and I'll ask people so we got the Well, I guess I am can't find him because I can't spell properly today There we go somewhere There we go share this tab But uh chuck had asked the question about you know, what's good resources for blue team And that's that's a challenging Question right now because I don't know the best for blue team content. I'm you know, I I do it I didn't want to say hey watch some of my videos where I talk about client defense But I do have a defense in depth Video I'm gonna talk about about all the tools we use on the blue team But one of the problems is blue team videos are hard to get traction on hard to get the views on Because it's way sexier to go. Let's hack things and let's be you know, get into the let's hack this It just sounds better and uh, but the reality is there's more jobs in the blue team There's a big demand in a blue team to keep these systems patched and secure. Uh, so it's definitely There's a lot of good reason to be on a blue team It's definitely a good career choice if you work for a lot of these companies Being cis admin or you know msp like we are doing it managers provider Managing all the blue team stuff, but it's harder to say which videos are really good for it and things like that Most people have some suggestions. Um, I didn't want to be self-serving and say hey me and I don't think Learning hack the box or any of that is a bad idea But direct blue team is a little bit different than you know Some of the understanding red team is a piece of blue team is how I'd probably say that For most SMBs who run some on-prem services is having a state or net firewall ZT efficiency means a pastor breaches an MFA I mean Yeah um It depends on what they need it really there's not like this universal answer for that and If you're using something like um open vpn, I think that's fine We have we have a lot of small businesses with open vpn. It works great. There's not anything wrong with it It's a solid solution. Uh, we've got people that like tail scale and you know, I mentioned net bird earlier So there's definitely a lot more of these vpn services out there the overlay network ones And I think that those are really good They kind of solve the problem for people who don't have public IP addresses as well Um, so yeah, there's definitely options out there Uh with broadcom owning vmware. How do you think that'll affect dell and hp hci products? dell I think announced didn't dell drop their vmware accounts Yeah, so dell terminates agreement with vmware after broadcom exists And so yeah, I don't think the relationship is quite as friendly as it used to be When you have an added server, do you change ssh port to stable root password? ash public key only always do public key only Don't expose ssh to the broader internet if you can avoid it Um, I did just ssh into my forums, but my forums have a White list of the only ip's that can ssh in and they only accept Keys they do not accept passwords. So yeah, so those are all good things. Um as well Plus one for the broadcom hate Broadcom Broadcom is just another Venture capital company. I mean, they're not really a tech company They're just a venture capital company working in tech. There is a difference I don't think they care about the tech they care about the money They can make from the tech and when they're done burning it when it serves their purpose They'll sell it off at a loss They're they're gonna buy it. They're gonna melk it and then when it starts going down, they're gonna go We need to write off write off that uh, that dusty old thing that we Gave no love to over the years after we got rid of all the dev team and we quit innovating and we've no one wants To buy licenses. We finally melt the licenses completely out of it. Um It's it's no there's no Real plan outside of it that I can see the people from broadcom have been very clear what their Process was we're gonna raise we're gonna buy it. We're gonna raise the prices The small companies will go away The big companies are too Buried in it to switch They have a good five to ten year horizon of licenses that they can just extort these companies for and they're not going to switch So they they'll lose all the people who actually are probably I think that it was in their sec filing that 90% of their revenue comes from a handful of companies Um in the fortune 500 That's the people they care about it. Certainly not me It's certainly not the smaller companies. So Why not uh You're asking why not to expose ssh to the public internet If you didn't see there have been flaws occasionally found in ssh That is good reason not to just expose it to the public internet. I like ssh. I think it's a wonderful and it's a reasonably well vetted product I see reasonably well because there's always one more bug that seems to be found Um in it but that being said, I still think it should be behind a vpn That is my personal opinion of ssh and where it is today. So C's open it the Uh port 22 doesn't matter because if you go to show dan and you start searching for things You'll realize it's not look it knows the ports But it also knows the services that are on the odd ports that are not on the standard ports Uh, that's Like I mean that might have been good advice a long time ago And if you move it on to a non standard port, you will get a little bit less Noise in your logs, but that's it. You're gonna get less noise Is it worthwhile setting up a piehole when you have pf blocker on pf cents for me? The answer to that is no Don't expose 33 89. Yeah remote desktop protocol sounds like it should be something remote Uh for management, but I don't recommend that Do you have any experience positive negative using a bigity point-to-point wireless products? Um very positive. I think their point-to-point stuff is really good. We We have a lot of it running in different places for years and it's just It just works. Uh, I I've had a overall Very positive experience with it patchy reverse proxy. Yeah, you can do that or engine x or whatever Whatever reverse proxy makes you happy Um, I like ha proxy. That's the one I've been using for a while Gets a job done Uh, let's see what else. I think I got all the questions. So I'm glad the linkedin work and I'm probably gonna now get a bunch of LinkedIn requests, which is fine. I mean I connected everyone on linkedin as long as you're not sending me those stupid um Oh, they drive me crazy. Uh all the spam I get on linkedin is kind of ridiculous. They're the most low effort Openers of we can help your business do some blah blah blah blah blah. They're they're so bad I never oh sometimes they reply with stupid memes Um, but they never reply Thanks for showing up every week and answering people's test question live awesome And thank you Doug for the donation. It is greatly appreciated because um, I will use that as beer money because that's my Next thing I'm doing when I leave here is going to an it in an event and Grabbing a beer with some friends or whoever's there really Currently uh proof of concept xcpg replace VMware. Are there any other options you would look at? I People seem to like proxmox. I don't have anything against it I just prefer xcp and g because I know it very well. It scales very well We've had customers with very large-scale systems and the support That you get from the team at vates is solid and it has a very nice integrated backup with a ton of features So I'm a huge fan of xcp and g. I double down on that one I mean runner-up. I said, I don't I don't have anything against proxmox And some people seem to really make it sing and dance the way they want They're kind of cool thing but also scary thing about proxmox We've seen a lot of pro we've seen a lot but seen a handful of proxmox disasters and they're because proxmox is built built on devian and They give you a very unrestricted ability to load whatever you want Which also is horrifying when you start seeing what people do to it. So it's not proxmox's fault It's the people who go. Hey, I can apt get my way to disaster and yes, you can you can just start putting everything in there and then Go, why is your proxmox a file server simultaneously with this? That's fine for a home lab But it kind of we've seen some things done in enterprise environments going. Yeah, this wasn't a good idea So it's not it's nothing a dig on proxmox. I actually appreciate that they leave it so open Because I've seen the same thing you can do like they people start assuming because true nas is built on devian that you can just do anything with it No, you will if you start apt get updating True nas it'll start breaking things. It's not made for that A fun day. It's just sitting and doing that with sshing with default passwords. Yep I'll you know, I'm not bothered by the recruiters It's always the people because I because the recruiters aren't after me and probably because I have myself listed as a business owner the people who are after me are People that want to sell me business coaching and people that want to sell me on like sco occasionally and a few Developers, I don't see as many developers of we have inexpensive developers willing to do whatever Uh, so I don't see too many of those I'm not a big fan of hyper v um Is there any time scale for? Uh 8.3. I don't really know that there's an exact time scale for it um, but yeah, I mean They if you follow along like they they're engaged they post this they engage a lot with the community So definitely as the bugs are fixed they get fixed. They don't set exact timelines But I would say probably I'm gonna guess maybe six more months Maybe sooner I don't know I haven't talked I haven't talked to them about this because they just released this today And I didn't ask Oliver and his team the question I just follow along and I don't bug developers about when they're gonna get things done because There's nothing wrong with 8.2. Matter of fact they back ported Uh, you because it's like 8.2 point one or whatever The updated drivers in that so even if you're selling a two All the drivers for a two have been updated the same ones you get an 8.3 Net data seems to be going Yes, lots more videos for xcp and g for 2024 Yeah, if you're in a home lab, definitely run 8.3 if you're running production environments We run the latest 8.2 point whatever it is We're up to date on our for our production environments But for my lab stuff that I've been playing with and what I've been doing here today Like even this one here This system is running 8.3 And it's all patched. So we were fully patched Host is up to date. Um, yes, they do have The machine learning anomaly detection. I don't think they really call it AI, but yes, they do have that I'm assuming this little spike is someone because someone asked about it someone uh Someone did a thing No, no, no, it's working I assume Yeah, seems to be working All right, I'm gonna give it a few more minutes here of questions. Uh, so get your last minute questions in here I have no demo setup, but But let's go here. One thing I like about net data Is their blog You can go to their blog they have so they have all kinds of write-ups and use cases and walkthroughs On here, um, how to set it up how it works They have killer documentation. I this is something I will really Uh, it it's not hard. It's so easy to set up net data It's so easy to install but also their documentation really really good Like all the details for how you want to set things what you would do how it works Just all the configuration examples Uh suggestions in here Really good. This is something that I can't sing the praises enough when I see companies With good documentation. Net data is definitely top notch on that Any thoughts for any unified cams over poe adapters? I'm able to run some spots if I got ac power Yeah, poe adapters work fine with the cameras. I haven't really had any issues with it Um, still want to see the net bird step done when you have the time. Yep, that is on my to-do list Uh, do you have a favorite 10 gig ethernet card for xcp and g I always go intel because I know they work I'm sure there's more than intel that works, but I know intel works I know I have no problems with like intel x5 20s. They're inexpensive. You can find them amazon ebay use servers laying around Um, there's really nothing interesting that I that i'm aware of that arista has done It's the same product without like they didn't Make it worse, but they also didn't dramatically change it. It's just kind of the same product with some updates So I don't really it's not high in my priorities list at all The number of people asking about it is zero the the amount of effort it would take because I don't we kind of Migrated people away from it. I only have a handful of clients left on it and um, I they work fine but I don't I don't know. I don't have anything on it that makes me like it more than pf cents intel net courage of the way uh, if you If you are looking for a quick start So you don't Let me just share this here because I mean too much documentation. You don't have to read the documentation You can hit copy Copy this right here and uh It'll it'll kick off and install. That's it. There you go We should do that live, right? Should we install this live on my on a server to show you because that's one of the things that's um Kind of neat about it. So I think I have in somewhere in here So here's this lab server Here's the ip address of this server. So let's do this so lts at This is what we'll do to show you how hard or easy it is to set up net data So there's that server. We're going to go ahead and I'm going to copy this right here. So this is the installer. We're going to use so copy Then we're going to switch I'm going to add a sudo in front of it so it'll have to answer that question There we go We're going to stall it real time right on there and uh, we have to say yes all right And Almost done. Look at this. Oh, it's got a few things to install say yes there we go We've now installed net data. That's all you have to know is if you copy that link and paste it It'll work If you want to do a machine anomaly detection They have documentation But the only thing you need to know to get started with net data is that we've just built net data It's now running on this particular system uh So let's go ahead and View it. Let me close. I have way too many windows open So let me go here and all right. We're going to stop presenting. There's nothing to see in here. So stop Present share screen There we go. This is our freshly installed We just put it in so there's the first amount of data On this server and away we go. That's it. That's all you got to do to install net data Um, it's great. I gotta admit. I just love how easy this to work Uh, let's see people talking about cards Oh, yeah, you can install it everywhere. It's really lightweight Yep, just like sam share didn't takes a couple minutes I don't even know if that took a whole minute or two you can see how quickly that was installed Uh another VMware's killing is saying how you uh on hypervisors to use gns3, you know, I've never used those so I don't know I don't have an answer for that. I've always done all my networking with real equipment So I because I don't use those. I don't know what they do or do not support It's a really nice ui as well Uh, currently set up a free pbx and spectrum enterprise went for fiber fiber dedicated void The problem with power goes out phone goes out looking at setting up a backup phone And I I think this is an answer someone had asked about Um, what phone systems we currently use a company called o it VoIP we use a hosted void solution because I just don't have time to support and deal with free pbx Free pbx will save you a ton of money provided you have the time to manage free pbx. That's the problem uh, the other problem is that Free pbx isn't being the most well updated because they're not putting the love into that open source project that they used to So you've got to kind of deal with that christian cross talk did a really good video on that and talking about the kind of Lack of support we're getting out of the uh project maintainers of free pbx So I don't know that that's a dying project, but it doesn't feel like it's a project that's um being well secured So that's a whole other problem So I don't I don't know what the what the life expectancy of free pbx is it's a scary thought It's been project around for a long time. I don't know what will replace it Um, I don't know if there's enough Legacy on demand for phone systems to find a company that really wants to put their time into it But uh, san goma is the current people I haven't really kept up with if there's been any changes, but to my knowledge san goma still hasn't put a lot of love into it and Not sure if they will so Uh, this becomes a whole another topic. Isn't there a legal requirement for us phones to be operational during a power outage? Yes, but yes, but it kind of depends on the company putting it in and where those regulations fall um companies in skirt a lot of these and if the company has shows to do things like put it in free pbx Then the company has shows to it and if they're not under If they're not encumbered on any special legal requirements Then no, they actually don't have to provide phone service and a power outage But if they're an emergency facility, they're going to be dictated and mandated by law Depending on we we had this with one of our clients that had to keep certain amount of regular old phone lines because of the Regulations that they were in I think it was some of the maritime regulations because of where they are so It's and this is where a lot of people suggest like hey fork it. Well, let's make fork pbx Um, the challenge really and I don't know this to be 100 true with free pbx But I know with a lot of open source projects They don't have enough developers That is the big hang up there are people like oh, we're gonna fork it because those people aren't doing a good job Well, why don't you contribute back to them? Oh, I don't know how to code I thought I thought if I forked it developers would fall from the sky that know how to do complicated things and start You know punching code and we need developers to maintain these projects. That's a huge thing. So Uh, what does white white prices look like I can contact cnwr and run white pricing between several states It's expensive. Uh, it's not it's not going to be the dirt cheapest solution I can tell you that because it's a fully managed system But I honestly don't know how much it sells for because I don't sell like cnwr sells it That's a salesperson question. It is not a tom question. Tom does not sell that We have a team of sales people that sell things The core of asterisk isn't that hard to learn that's subjective If you're not familiar with it, it's a lot to learn. So definitely subjective there Uh net box is on my uh to-do list not on my done list I don't know. I don't use windows. So I don't have any opinions on My well, I do have opinions on windows. That's why I don't use it. I have I have lots of opinions on windows Um, yeah, I'm not a windows user. So I don't really know I actually realized I've been running linux since I'm at desktop since around 2008 Uh, I think right around 2008 or nine's when I started running linux on a desktop So it's it's been a minute since I uh Since I've had to I mean I manage windows. Well, I don't really do that as much anymore. Most of my my Time spent on any blue team thing is a lot less uh on windows right now. I'm usually architecting things storage or virtualization networking uh, not really Setting up windows as much Windows is a dumpster fire Windows is a dumpster fire. Yes You're hoping microsoft gets something half decent by then? I they've never had anything half decent. So I do use windows for the studio recording. That is true. Um I it boots up it starts up obs And uh, my favorite thing it tells me is that my computer is not eligible for windows 11. Oh, no Whatever will I do with that information? It doesn't bother me that it it's like, yeah, you know Uh, I've been using pop o s for a number of years now. I probably four or five years of pop o s. Um, I love pop o s It just works that in it. I'm not a distro hopper. I know some people get really into Passionate about their desktop environment and I'm not Uh, I guess I've been using linux too long Yeah, and that's the whole challenge the stream deck right here This does not work good with linux. Um, and there seems to be more buggy-ness and capturing with linux, but You can I just don't feel like fighting with any problems. So the dedicated computer that I have that just records media Um, is running windows Every year is the year of the linux desktop. Yes Every year is the year of the linux desktop. Yes Yes, we are slowly getting there for sure. Um, one day will will be the popular people All right, well, this is why I'm gonna end it because I'm gonna head over to the it and the event These are some local tech events that we have here in the detroit area run by some friends of mine Uh, so yeah, I'm gonna go head over to that event hang out with some Of my tech friends and say hi and have a drink and all that fun stuff So thank you for everyone who joined forums.loren systems.com is definitely a place where you can find me That's where I like to engage with everyone It's easy to have a conversation where you can actually post links and things And since they upgraded the forums are a whole lot faster now. Is there uh Let's see what else we have do to do to do all right Uh, have you ever used companion instead? What is this? I know I haven't tried that Um, but yep, thanks everyone and uh, yes, here's the linux desktop 2024 We're all gonna go to linux because windows 11 or 12 or whatever version if we want to hate on so Thanks everyone. Take care