 welcome to vlog there is a number three hundred and nine and I forgot my water. I'll make my son bring it down if I need it. I just looked around and I was like do I have everything ready? Of course not. Why would I have everything ready? Thank you all for joining and I have a few things to talk about. I've seen some of the comments in here so we'll start addressing those right away. The people who show up and comment they get the priority. Let's see time zones match up again for Australia. Yeah, I think it's, I don't know, I guess it depends on where you're at. I think there's multiple time zones in Australia but hey awesome that it lined up. Any plans in doing some videos on net box? Not really. I don't use it and if I don't use something it's a lot harder for me to do a video on because I have to sit down and learn it. Most of the videos I do are on tools I use which is one of the reasons I'm able to answer so many questions and easily do a video on it because it's a tool I use on the regular so because I don't use net box it's not like I'll do a video. I think there's a few people who did videos on it already. I'll throw it up on the screen here for those of you wondering what net box is. The premier source of truth and you can find it. It's at docs.netbox.dev but it's just for managing all of your networks and connections and everything else. It's novel. It's novel to play with but I don't really have a, I don't know, maybe I will use it in the future so I won't say never but it's been on my to-do list like to look at it. It didn't seem compelling enough over spreadsheets because of the size of the networks that we're dealing with. Now we do projects on bigger networks all the time but we're not responsible for managing like when we create documentation to get it done they maintain the documentation internally on an ongoing basis. Washington State. What Pbx do you use? We resell, we're a reseller and a partner with OIT VoIP so we don't usually do any on-prem Pbx's anymore. When we did on-prem we were using free Pbx. Remember that Wi-Fi issue last weekend, old net was fine, new net was same settings instead 200. It was the ISP the whole time working fine now. Awesome. Yeah, that's why you don't test the ISP. You have internal IPERF boxes to do your testing. Definitely the way to go for that. Now one of the things I want to start with here because this has been kind of some internal drama. I don't know if this is going to get a dedicated video or not. If it does, I'll be bringing on people who are experts in this particular field. These are my friends over at Huntress, a product we really love. But there was a bunch of drama around connect-wise, specifically connect-wise control. The tool we use for remote management for screen connect is the other name that it often goes by. But there was a security researcher who's making some claims that there was flaws in this. And this is something that drives me a little bit crazy when someone is vague, doesn't provide really good details or has prerequisites that are sometimes either due to complexity or due to the fact that they're not realistic type of vulnerability. The prerequisites are really so challenging to meet that the vulnerability becomes much, much less severe. And that's a lot of what's going on here with this write-up from Huntress. And this is one of those things that Huntress is a great job at. They're very professional when it comes to threat research. So they have a very detailed timeline of their engagement, which started all the way Q4-222, Huntress observes an uptick in social engineering and phishing attempts using control. Connect-wise receives information security researchers suggesting there's a new critical vulnerability that offers execution. So they actually went through from October 16th, October 17th, they go through each iteration and keep detailing out the problems with it. But this person isn't exactly, they have each one of their write-ups that this person had done, but it doesn't give you a clear view. And this person keeps saying, there's a problem, you guys aren't seeing it. And this is that whole back and forth problem. But I think it's worth reading. It's one of those good topics to kind of dive into when it comes to security. Me and Xavier did a video on this when allegedly, and this was a 2019-ish, someone told me there was a major flaw in PF Sense. It was a complete, like you could own a PF Sense if you could get to the management interface. And that sounds bad. As a matter of fact, let me find the CVE, because if I showed you the CVE, you'd probably think this is a really bad PF Sense security flaw. And it sounds atrocious. Let me find the exact one, because this is, this is just silly. But I want to show you how silly it is, because I'll even show you the CVE, because if you don't take the time to read the details of the CVE. We're going to share this to haven't said CVE 2019-16701. And look at this, Basecore 8.8 and PF Sense, the sky is falling. There's one real big hang up here. So while this is a remote code injection here into the PF Sense, look at it, they wrote proof of concept code and everything. You know, people were sending this to me and really going, Tom, there's a big flaw in PF Sense, panic. And I'm like, there's a problem, the prerequisite to make that flaw happen, you need root. You have to have the root password to the PF Sense to make that happen. Now, there is a flaw that was fixed because what the flaw is, but by the way, please note prerequisite needed root password to the PF Sense was the ability to run commands by pushing them through like PHP through the script at the top. But that's like, in one of my points are, did you know there's a PHP execution you can do right inside of PF Sense? You can actually execute PHP code right inside of PF Sense. So let me just show you this, pull up my PF Sense real quick. I'll switch the screen. Where's that status? Things that are diagnostic. So find it real quick, and I'll pull it up. There we go. So share this tab inside of PF Sense, execute shell command. So if I have the root password in PF Sense, I mean, the hard way to do it would be to use that proof of concept code that pushes something through the web UI, which by the way, they did patch it. So, you know, that actually doesn't work anymore. So you weren't supposed to be able to do it. So someone did find a thing, but it did require your authentication. And if you have root to the PF Sense, why not just go here and just run the code? I mean, so I was like, yeah. And that's kind of how going swinging it back over here. Some of the prerequisites to be able to do this were part of the problem. And the prerequisites are sent. Sure. That seems like the hard way of doing it. So if you already have control, the idea is that you could bounce it to someone else's control instance by doing it this way. And it's just, it's silly. It doesn't make any sense. So this is all well written up. If, leave some comments down in there in comments, or maybe here too. Jason Slagle is a good friend of mine. He's been on a channel before. He understands this better than I do because he's been in debate with the security researcher. And he's good friends with the Huntress people and he's good friends with Connectwise. So this is all like he's well, well versed on it. If you guys like a video on it, let me know because I think it's an interesting topic. But I didn't know if it's really, it's something obviously I care about because we use a tool. The MSP community use a tool is a very popular tool. And I want to make sure we're clearing the air as best we can on the security search that was done. And just so people can think more objectively about how these security problems pop up, like the PSense one that doesn't make any sense. So yeah. Why would the PSense manager be exposed outside management network? Well, I mean, I know you wouldn't do that, Corey, but a quick show dance search will show that there's a lot of people that don't think like me and Corey. So I agree with you and it shouldn't be exposed. The other side of it, too, in often due to misconfiguration, people have it exposed internally, even on their guest networks. I mean, I mentioned that you should do it, but I've watched other people's videos and best practice write ups, not PF census write ups, but other people who have done this, who forget that you need to lock the management interface out on all these subsequent interfaces you create, such as your guest network. So misconfigured PF senses are all over the place, just like any other, just like it's not an exclusive PSense, by the way, misconfigured devices all day long. If you got access, if you ever use a piece, you already have the keys to the kingdom, so don't use root. I've always disliked that in general PF sense requires root user authentication, which for Web UI didn't require, but that doesn't. Yeah, so this is one of those dumb arguments people have about open sense. Open sense started with the goal when they forked it years and years ago, we don't think you should use root. You still use root and open sense because it turns out not using root is really challenging when everything you have to do requires elevator privileges. So we still use root on both open sense and PF sense despite the reason people claim that they forked it. Yeah, they telling us having physical access to servers bad. Same with Proxmox system updates configuration network stack like that require root user and set up a separate admin account to those things. Yes. Does actually allow you to perform system engineering tests without requiring root and password. Nope, XC PNG requires root as well. So I don't know any way around that. Yeah, that's um, yeah, I don't know what else to say about the root thing on there. But if the if the requirements to get your CVE requires like full blown authentication. I don't think it should get such a high score. You know, that's just one of maybe that's just my opinion on some of these things like, I granted it's a problem but the prerequisites are really high. So, or if it's, you know, incredibly complicated. This is one of those things whenever someone and there's I came out of the security researchers name. There's a security researcher that does things just because like proof of concepts like, could I modulate the fans on a system to break an air gap so I can use fan modulation to send signals. Can I use the computer speaker to send signals. Now, while all those things are true, and you can use them, the data rate is the problem. Well, when you start talking about exfiltrating data, and there's a reason that even with a coupled modem. Think about how slow a modem is with a purpose built system like the old days of dial up sending sounds, the bit rate due to the bandwidth and the narrowness of the bands that the audio works in. You have limitations on how fast those things work. If you further restrict those by some type of research, that's why those researchers are interesting to do those type of things, but they're not necessarily the most practical ways to exfiltrate data, if you have a larger amount of data to move so you know security is a complicated topic, but a lot to think about there should have worn your I am root shirt you are correct I absolutely should have actually do have my hunter shirt on it says neighborhood watch program. This is from Huntress so Nyquist, which you are referring to Nyquist frequency. I'm assuming at least see yep single product night, our phone first name after hearing Nyquist is a character sampler which converts a continuous function signal to a discrete sequence. So yes. Yes, yes, yes, lots of fun interesting. Yeah, exfiltrate data bit by bit with flashing status lights. Yes. Oh, you're thinking of Ryan Nyquist. That's a different kind of Nyquist. So this is a Ryan Nyquist was the BMX person. But yes, the other Nyquist. Oh, let's see. Oh, that's skateboard visit. I don't know. I know the name. I'm not. I don't follow sports. Yeah, no, Ryan Nyquist is a American BMX rider with 16 X game metals. So, yes, dedicated PF sensor virtual PF sense. Oh, I'm all in on hardware based PF sense, especially for new people. And it's almost, if you're asking the question, I'm not picking on anyone particular here, but people who are asking the question are usually less experienced. Therefore, are most likely the encounter the most problem. I would say you should be experienced with how PF sense works natively before you attempt virtualizing it and start running into a lot of common problems. An age of CRTs with all the electromagnetic missions to give out. There was a proven concept that a van parking lot could duplicate the screens with sensor receivers. Yes, that was called the Tempest project, the Tempest. Let's see. This was, I think this is the right one. Let's share it. Let's read this again. Coding Tempest is an NSA NATO certification referring to spying information systems to leaking emanations. So, this was, yes, this is all part of the early Tempest stuff. I don't just kind of novel piece of history. I remember reading about it a long time ago. This is obviously from years and years ago, but Corey is right. There were projects studying that. At one point, Ethernet data transistors used to blink and transmit, say, you could use a photo transistor to snoop on their data. You had to, you're missing the context, though, again. The context of doing it was required replacing the firmware on the card first to allow it to do that because it doesn't blink directly in relation to the data it's going on there in terms of the type of data. So, yes, I went the forbidden router way. Yeah, watch a Wendell from Level One Tech. He's got the forbidden router. Definitely a great video on there talking about that. So, what else do we have? High-tech Morse code. Yeah, but also it's going to be really low, really low data rates to do it that way. That's going to be one of the challenges. I don't know that the LED is not optimal for sending data. It's not like a laser or a fiber optic type thing where it's really high performance with really good characteristics that allow it to send data. Let's see. We can update this. We'll install updates. There we go. I did a video on these servers. This is the 45 Drive server. It's about, it's about ready to, we'll reboot it later, but it's about ready to go and get shipped to the client. Oh, it wants to reboot, doesn't it? It oops. There we go. I did this video, though. This thing is really nice. I'm really, I'm really liking it though, the whole 45 Drive setup on there. I can tell you this, I have an 8200. So, yes, I do have one already for review. Yes, it's already in our lab for testing. I don't know when the embargo is lifted or if there's an embargo. I'm a little fuzzy on that, but I will find out soon when I can post my review of it. We do have an 8200. They've announced it, so I had it, I had it before they announced it. I'll let you know that. We talked to Netgate and they said, hey, would you like to check this out? We said yes. A UDM Pro got 2423 and beta today. There will be two or three more days to get them online with their latest software. But no ETA. That's, I'm glad you added it on there, because that would have been my reply to that as well. No ETA. A question was asked of this, let me think. Oh, I will share this tab. The Aruba Instant On. I did a video on it. People said, hey, Tom, can you do a new video? And I kind of said, why? It hasn't changed. It's the same. They've done, like Aruba got it to where they have it. And I don't think they've really done much more. And I think I did the video like two years ago now. So I don't really have a lot to say. Do I think it's reliable? Oh yeah, it works great. It works the same as it did in my video two years ago. It's not a company that's really pushing innovation there. But as long as it works, then, away we go. Drive capacity, these, let's click on one of the drives here. 14.55 terabytes. So let's see, there is going to be, let's go to our ZFS. That gives us 232 raw terabytes or a usable. I think it's under status. Where's that at? Usable 160 terabytes available right there. So not bad. 160. We have two of these. So yeah, this is, this is a nice setup. I like this thing. It works actually quite well. We have a pair of them at my office. Show them real quick. Actually, here's something you guys might find cool. See if this plays. What we sticker paper 3D printed. We just like this shimmery sticker stuff on there. We just put a sticker trimmed it out and we stuck our logo on it. That's just a 3D printed version of our logo. What we sticker paper 3D printed. Yeah, so that's, I think I can try to zoom it in on this one. That's what it looks like up close. We do like stickers here. Have to replace a Cloud Key Gen 2 with a UMBR. Can you just do a backup restore? You need to readop the cameras. I don't know. I think you can export the settings, but I don't know for sure. I haven't done it. So I don't know if there's cross compatibility between the UMBR and the Cloud Key. It's a maybe. And it's not hard. The good news is I really happy about this. It's not hard to readop the cameras. At least it made that easy. Will you have those up in the store? All the stickers aren't mine. All the stickers on here are random stickers from everywhere else. Like there's stickers from Bishop Fox. I don't know where I got some of these. Just conferences. We have a whole bunch more stickers. I know where this sticker came from. That came from White Castle. We like White Castle. MSP Geek. I do have MSP Geek stickers. I've got some Hunter stickers. I got a Gurcon. I love the Hacker Hunter one from Huntress right there. So my Cyber Matt Lee, my friend, he's got his sticker on there. So yeah, I don't know. I mean, we'll figure out. I need to put more merch on the merch store. You're not wrong about that though. Oh, 3D printed shiny logo. Oh, yeah, I guess I could do those. I guess how many people want them? When people want my logo 3D printed, I have 3D printer. Can print logo. I just don't know who wants them. If people want them, DM me on Twitter, leave a comment on a YouTube video. As I see the comments and I'll see. I mean, I just don't really have the facility. I mean, I have to come up with a cost because it costs money to ship them. But I don't mind printing them and shipping them. I just have to figure out how to make more. If people want them, I can actually probably just do a bulk order of 3D printed logos. So if people want them, let me know. Have logo, have logo will travel. What else was I going to talk about? I do have a shortened one today because I have a few things I have to do. I got too many tabs open now. Let me go back. I'll share this. This is what it looked like before when we just 3D printed. If you want a kind of deal for scale, there's me holding it. Totally buy one. These are sticking wreck. Sure. I mean, I'll see what I can do to get those on there. Maybe get some. You know what? I should make some stickers for the Home Lab show. That one might be kind of cool. I do like our logo for the Home Lab show. Maybe put some of these stickers on there. I know it's kind of small up there. Can I pull up? Is it on our website? I don't think we've ever done stickers for that. So maybe that's another thing we can do. Definitely need a banana for scale. Oh yeah. I can absolutely get you guys. I'll put the STL on my GitHub. That I can do. I don't mind that at all. So I know some of you already have 3D printers. So I have no problem with that. Actually, I didn't take a picture of it. We just printed some new Raspberry Pi things. You know, I'll talk about some of the Raspberry Pi cases that we are using 3D printed. And I'll link to the STL files for them. Absolutely. What else was I going to talk about? I've already forgot. Oh, true nasty. So let me go ahead and shut down this server. It doesn't need to be on anymore. I got more stuff to do, but I don't need to do it today. There we go. That one's off. Now let's go over here, to here, to here, to here. Because I did a video on this today. So this is going well. This is going well. Because it's actually doing the ZFS cache thing better. This was one of the things I brought up in a video that it wasn't using all the cache properly. Now it is. I think I, because it's not officially from TrueNAS or IX systems, I wasn't sure if I did it right. Basically, you can do a set it and forget it when you're using TrueNAS core when it comes to the cache. You don't have to do anything. It just works. It's just set up. But when you do it in TrueNAS scale, this is something they're still working on. So here's my TrueNAS core system. And you can see I'm using ZFS cache has 108 gigs of cache. So 12 gigs of services running in 108 gigs of cache and five gigs free. That is ideal. But over here, it was using a lot less and now it's using more. Ideally, any free memory should be used for caching if there's caching to be done. And that's where Linux works different than BSD. Yes. Yes, smash the like button. But it's one of those things I mentioned in my TrueNAS video. I tuned it. I don't know if that's correct, but I'm now using more cache than it was before. So I don't like seeing memory that's free. I like to see memory that's used for things like caching. So that's going to be, that's how all that's going now. It seems to be doing better. Matter of fact, when I did the video, because I had rebooted it, but I didn't do a video yet and I recorded the video to the TrueNAS server, edited the video on the TrueNAS server, then the cache got used up, which ideally that's what it should be doing because I have a bunch of video files. They should all be loaded up in cache, so I'm never pulling them back from the drives. Anyone still running it on a flash drive? Don't do that. Have you tested and put special VDev using MVME in your home lab or professional installs? Not yet. I just haven't had a client that has that need. I need to test it. I need to create some files to test it. And what you need to test the special VDev is thousands of little files, and then it will hold on to those, that metadata cache on these special ones. And the only person who's done a video on this, and I'm aware of it all, and there's very little documentation. Wendell did one, and 45 Drives has a video on it where they talk about it. It's not that everyone has a use case for it, so it won't accelerate every workload. But if you have a workload that is special, you would need one of these special ones. So unless you're doing something, well, like Wendell is, Wendell's had a few hundred thousand small files, because I don't know why. I think they're all, he said lots of small images and lots of sound bites and lots of small clips of things. Yes, you're going to need something like that to index it faster. So there are, you know, that whole argument about that you would need it for that use case, but it's not for everybody's use case. That was all the security things that I expected discussion. I knew tools, toys you found, or wanted to touch on. You know, I don't know. Maybe I should do a video on that. We did have, and I'm thinking about doing it at least right up when there's a better debrief of what happened. We actually, and, you know, we dealt with a security incident recently with one of our clients that is not managed. So it is, we have clients that we manage fully and we have clients that are unmanaged that we just resell tools to. And one of the clients that we resell hunters to got popped. And the good news is we were able to stop things before they got out of hand. So we will offer assistance or remediation. They're internal IT team because this is a co-managed type thing. Well, not even co-managed because we're not managing them at all. We just resold the tools to them, but then we notified them like, hey, you need to get on top of this because your server just got hit. The write-ups from hunters of how to remediate things are so really good. Like being, getting hit sucks, but having a partner like Hunter's made it great. So I may do some type of write-up on there. Sometimes I'm not sure how much people want to know about that stuff. Like, is it interesting on my channel? Will it cause people to leave my channel? I don't know. It's more the tedium of talking about the security. As far as new tools, we're still using the same tools we've been using. We use Huntress and Sentinel-1. On clients, we managed this particular client, only had Huntress to not have Sentinel-1 on there. But yeah, it's a, I don't know. Let me know in the comments or reach out to me on Twitter and let me know or post in my forums about some of the security topics or some of the things that I do for a living you would like to know more about. I'm more than willing to talk about them as subjects. How do you approach hiring? Are we looking for good channel of people more business than you can handle? Ebs and flows. I hire carefully and methodically. We don't just willy-nilly hire because I don't want to lay people off ever. So when we hire, it's because we have a need to fill and I've carefully evaluated that we need that person and I say, all right, we need that person and I want to keep them on payroll. So that's the process, I guess, if you will, for that. Mute. Mute my phone. There we go. Have you started on FiberChannel and TrueNAS Scale yet? I don't use FiberChannel so I can't answer that. What do you think about multiple locations for your MSP? Maybe. It's possible. Special VDev for metadata. Yep, we kind of mentioned that. Yep, echo drop caches. If they enable FiberChannel and TrueNAS Scale, they'll be nice if you want to use it in core that's an enterprise feature. Yeah, I haven't really used the FiberChannel so would you recommend using encryption on TrueNAS? Always use encryption. The overhead is so minimal on a system that was built in the last probably six or seven years that I wouldn't worry about it. Always use encryption. That's my answer. Have you received a sample 923 plus? I tried the MVME search so I can use Synology for proprietary for MVME. I don't have one of those. We have different name. You can only be used as cache. That's interesting. Travis, if you want to test this, there are two MVMEs in our... Travis can test this internally but let's go ahead and log into it. I heard that since they switched it let's find out that we can do... Let me see if there's still any MVMEs in this. Hey, look. Currently there are cache devices in here. If you want to take them out as cache devices and try to use them, I don't think that they're MVME but they're currently listed as cache. If you want to remove those and turn them into normal drives, Travis, go ahead. Let me know how that works and we'll talk about it because I know they changed it so you're supposed to be able to swap those around. And by the way, this is a... I forget what model this is. Let me look real quick. This is a DS1621XS Plus. So I don't know if that model supports it or not. I still have a freelance installation that boots off of flash drives, a very small office client that booted off of 365. That's what's expected, migrating everything to SharePoint and OneDrive. Yeah. Should be in there. Connect... remote tail scale exit node, run open speed test, work swell, get the full capacity through the ISP. Do you run reverse proxy, local services? Well, SSL search should just use IPs to connect. Kind of depends. So if I'm doing something like on the regular, let's pull up like my Zen Orchestra. Zen Orchestra is running with... there's a way I can share. Hold on. Let's do it this way because you can't see this unless I do it this way. Present, share screen, an entire screen. All right. So Zen Orchestra, I have set up with that. If I go to... I'll do an incognito window so I'm not... make sure I'm not logged in anything like Bitwarden. You need an SSL to get Bitwarden working, right? So yes, we have reverse proxies on like the main business things we use, but we do not have reverse proxies on everything we use because there's so much kind of random stuff in the lab that I just don't care about adding a reverse proxy. It doesn't add any value for me to do it that way. Other than, hey, cool, I don't have to click the... what do you call it? You know, the little agree SSL thing on there. I don't understand your question. Got any word on the 25-1 switch that's coming soon at eBay Earth Vessing? Actually, if you go to... they just reviewed one, present, share screen... and this is one of those things like this is cheap. So this is the Mikrotik... let me Google a quick price check on it. I guess I... cheap is a relative term, but this has a... let me find the MSRP on it. I'm looking at another page. Does Mikrotik list their MSRP? Nope. Not there, at least. Who has this? Someone must have it. Well, just... can I find it on Amazon? There we go. So it looks like this one's in the $1,400 range roughly. You know, $1,400. That's not bad for two 100 gigs and 16 25 gigs. So that's... these Mikrotiks, like if you... they... on some of these type of switches, they just have some great pricing on them. So, yeah, $1,500. I mean... $1,595. $1,600. I think this MSRP was $1,600, but there's places that have it for a little bit less. PSU and fan included, I imagine. Matter of fact, it has dual power supplies in it. I thought that was kind of clever. So, yeah, watch Serve the Homes. I can drop a link to it in here, but it's Serve the Home. Look at their newest Mikrotik one. Yeah, Patrick just reviewed this. And yeah, it's a great little device. I'm going to review some more network hardware soon. I've got to get back into it. I'm trying to catch up on a lot of other things on there. Do advertise that. You're going to kill availability. You're careful. Yeah. As a Switch, I think the Mikrotik are pretty good. But they're just goofy. Like, you have to deal with the goofiness of them. VLANs, I found no problem on the Mikrotiks. And, you know, to this day, if you're looking for a cheap 10-gig Switch, I don't think anyone has beat their price on 10-gig Switches. They have some, like, for $129 that are still going. So, yeah. You can never just choose a Switch and buy it. You have to order it from a shady reseller, online at Markup, and the links from Mikrotik never go to the product. Oh, yeah, yeah. They're not the most well-documented and organized place. I always wait until they show up on Amazon. That's like their best bet for Mikrotiks. At least I've, generally speaking, if you can find them, because that's also a hit and miss. Like, right here on Amazon, 225 gets you a 410-gig ports, 5 1-gig ports and 1 gigabit. Some other ones on here. You're right, though. They're not as easy to hunt down deals on. Here we go. 794 would get you one that has... What are these? How many ports are on this? That's a European one, anyways. But you're right about that. They're not as easy to get as some of the other companies. We'll leave it at that. I've never tested them well enough in industrial environments to know if they're trusted or not. We ordered a 2 Mikrotik 4100-gig switch for data center migration to be here in a few months. Yeah. Baltic networks are an official reseller of Mikrotik and Ubiquiti based in Chicago on Mikrotik for the moment. So he said Baltic networks, cool. Oh, and someone said... Where did it go? Awesome. I'm glad you were able to get DocuWiki up and running. So that's good to hear. Share this tab instead. This is the... And we have this, so I'm going to be doing a video soon. But yes, NetGig 8200 10-gig firewall. Someone said, and I thought this was weird, they said, oh, PFSense doesn't support 2.5gig. And I'm like, where'd you get that information? They're the ones who wrote the driver for it. So, let's see. Is there a good Homeland PFSense firewall, a new 2.5gig software or premium, Pentium Intel network? Sounds pretty good for there. We're looking for the cheap budget homelab stuff, probably not bad. For businesses, we always go with the actual NetGate hardware. So, but for home, yeah. The... Serve the Home has a whole listing of those that are all, you know, different deals you can get on and things like that. They review a lot of them. My PFSense is doing 2.5gig. Awesome. Yeah, those little boxes, they get the job done. Start closing all the things they have open. We've got a few more minutes because then it's pizza time. I can't do a three-hour live stream today. I did that last week. I probably will do a weekend stream again, though. Oh, let's see. PFSense plus Unify Switching. Yeah, Unify Switching just works. We just, I don't know. I don't have any problems with it. Like, it's all things like it just works so well. Pull up. But Willie and me got in a debate. Let me pull up the Twitter debate on this. Pull this up last. I think Willie posted it. Hmm-hmm-hmm-hmm. Where's Willie how? Toot-toot-toot. So, this is a debate I had with the people over there. And this is one of the reasons I like them. So, what's VLAN only called in a new ubiquity vernacular? You know, it's called this. And my answer was this. You know, why can't you be normal? Because ubiquity just is like, let's do something different. And they were calling it VLAN only. And then they've now gone, and let me show all the replies. You know, ubiquity believes everyone should be able to use and understand network devices, not just certified professional network engineers, the way ubiquity handles network team is for everyone, not just for experts. But my point is, I love the goal. But VLAN only was less confusing and still has great SEO when using Google. So, I do disagree with some of their things that ubiquity changes around for whatever reason they do it. Because that adds to confusion. But as far as like ease of use, they are hands down with the easiest switches to set up. So, shopping switches and Cisco, Rubik's Uniper don't list prices on their pages and you have no buy now option. Yeah, you got to buy all that through third parties. They are channel partner friendly, as they always call it, which means they don't want to sell direct to anyone. Well, they'll sell direct as long as you sign up to be a channel partner and go through the rigmarore of doing that. And you have to meet volumes and blah, blah, blah. Marcus, can't type. Channel partner sales are normal in business. They're a headache, though. Most of them are just crap. Channel partner programs are so often bad. Hey, it's my other child. She has joined the chat. Both of my children, and chat now. Hey, other child, you want to go to pizza with us? We're leaving for pizza in a few minutes. If it's not meant for end users, it's meant for the channel partner. Yeah, allegedly. They won't give you a price until after an hour-long sales pitch. That one. That's probably true, too. Not unheard of. But, yeah, we have a lot of unified devices in my network. I like them. They get the job done. Okay. You already had Subway? Subway. But five more minutes, and then I got to go do things. Hello, Joe's Kranz. I just like it because you have Kranz in your name there. In other news... I've been playing with the beta, but they just posted this in the chat. I don't know what it is. I don't know what it is. I don't know what it is. But they just posted this today, for those of you that don't know. PF Sense Plus Software 2301 beta version now available. Call for testing. So this is... Yes. Absolutely. Let's test this. Back up your configuration. I'll make... Maybe I'll upgrade my home to this. Maybe that'll be my weekend project. But I have, in Zen Orchestra, I've been running this for a little while, so I can fire it up again. But I've been running the beta version of this for, as a VM, for testing. It's worked. It hasn't exploded. Sorry. BetaBuck or E5 Sense, you said it was easier to start from scratch, found that it was not on install Java 8, install Java 11. Upgrade fine worked. I found it easy to install from scratch, but I also, I've seen all the other people's problems and I don't mind installing it. It's arbitrarily easy to install and just restore the backup. So... What is this backup they mention? Oh, I know people in their fancy backups. Who needs to do any of these fancy backups? Let's go ahead and... By the way, if you notice when it was booting here, I think it's too small to see. It said PHP 8.1. So the new one does have PHP 8.1. Go, computer, go. This is a login. It's going to want to update anyway, so I don't think I can really show much. But hey, whatever, it's getting closer. It's getting closer to release, folks. I don't think we're getting it before Christmas, but whatever. Is that all we want for it? We at least got a beta for Christmas. At least we're getting a beta for Christmas. There we go. So share this instead. It doesn't look much different, by the way. Ah, currently DS910 can do NVMe as storage even with the FDA DSM, so that's annoying. Really takes more drives to back up all your data than it takes to store your data to begin with. I was to promote tech illiterate clients ponying up for expensive commercial gear when they think the ISP proud router is giving them trouble. You just don't sell it to them that way. Oh, by the way, we've got more stuff on business technicalities where we dive into some of those topics, but just don't go overly technical. You just tell them what they need, because it's insecure. And they usually don't ask, if you sell that you're selling a better secure system, then you can usually get them sold on it. If you go overly technical, they don't understand that you're just talking over their head and that doesn't help anyone. Let's update to the latest version here. Stable pre-version. All right, confirm. Let's see if it... I don't know what's going to happen. Let's see how fast it downloads it. Talking Unify EA may finally add an update to UDN Pro. I want to try it out. Yeah, I mean, I might test it out. Honestly, you know, I said earlier in the stream, when are we getting the 3.0? Cool that you're incrementally moving forward, but you can increment. There's a lot of increments between 2 and 3. So I know it's in the EA is the latest 2, I think it's 243, but that's still not 3. It brings us closer to it. I don't care much for the edge routers. I kind of feel like it's a slightly abandoned product. They aren't really adding new features to it, but then again, maybe it does everything that people want it to do. I used them in the beginning, but I wasn't really a big fan of them. So I don't even... Do they even sell them on their site anymore? The answer is I can't. Do they sell them in stock? That's something you don't always get to see, but yeah, they still sell edge routers. So they still exist. Trying to find out when the last firmware was. They did have an update this year. They had some updates this year for the edge router. This was in July. I mean, it may not need other updates. I don't know. Maybe it has all the features, but you know, we don't see a lot updates usually because they're not adding any new features to it. And for the basic routing function, if you just need what it ships with, I mean, they were good for that. But they're not the easiest to configure. I mean, I wouldn't go out on my way to buy one, but they are pretty cheap. But PF Sense is generally my go-to because the flexibility and everything else. Thoughts on Unify Phone System? I don't trust it. I don't know without a clear commitment, I guarantee that they will give us at least six or seven years to support on a phone, if not longer. I need that guarantee that there's going to be updates and support for a phone system before I trust it. So that's my feelings on it. Good topic for a HomeLab show, Power Management PDU's UPS Solution Roundup Monitoring Management? Yeah, maybe. Thoughts on our Door Access Control System? Same answer. What's your long-term support look like on it? Multi-Wan IP setup? I don't know. I don't know how good the edge routers are for Multi-Wan IP. No idea. I know they have support for it. I don't know how good they are at it. Yeah, four minutes. Actually, I'm going to wind it down here because I got to do a couple things and shut everything off and go get pizza. Is the ER range targeted more for the wireless ISP business? Yeah, probably. That's probably used a little bit more in that world. I would love to talk if it supported sit properly unlikely and it was open enough to know. Yeah, probably not. So thank you everyone for joining and thank you everyone for hitting that like button. There's 128 people here and that's amazing to me. Wow. That's a lot of people that came and showed up to watch this. That's awesome. So thank you everyone. I will probably do another Sunday stream. I had a lot of fun doing that Sunday one. I'll post ahead of time if I do a Sunday one. Leave your comments and your thoughts on the security stuff if you were here for the beginning of it. Let me know what are some of the other topics around that you want me to cover or if you want me to bring my friend Jason on and dive into some of those topics. We certainly like talking about them. We have a few videos about those. Those videos never have done really, really well. That's why I'm always, you know, wondering how much we should do those videos. But let me know in the comments and love hearing from all of you