 Evening evening. That's what this is. It is for me at least it depends on where you're at depends with times when you're in times Those are confusing sometimes so nonetheless, uh It was definitely Like I had to schedule this later because I scheduled this while I was in another state I was in Kentucky and just got drove back today So I'm all discombobulated after being in caves For a day and also in Nashville and all kinds of fun travel stuff. I've been doing not exactly business related this time There's a world with some business on the trip as there always is I always you know as long as I can get back to the internet I can keep communicating with people and moving things forward in projects and whatnot So nothing really stopped other than it's a lot harder Because I don't take my set with me to create any videos So that's why for the last few days because I didn't have the foresight to have something ready to publish or weren't any videos Doesn't mean I wasn't working just means it didn't have time to do that aspect of my job but nonetheless welcome to you vlog Thursday number 333 and First I want to start with where I'm going to be because I'm back But I'm also leaving again soon next week for a few days I will be at it nation secure and Some of you may watch this vlog and know where that is or know what that's about it nation secure is the It nation event specifically a security version of it that's put on by the folks over at connect wise I will be speaking here with my friends Jason slagle and Matt Lee This is their secure event and I'm also going to pretty likely to be at their other event They have later near just is called it nation, but easy enough to find it if you look up it nation secure 2023 You'll find all the event information hope to see some of you there It was actually a lot of fun seeing so many of you at MSP geek on that was really cool too And something I didn't show last time and I was kind of doing a debrief that I got was this cool little coin they gave me for MSP geek on Volunteer it's been it's been really cool. Just all the people to pull that off and put that together If you you know have a chance to kind of put that on your radar I don't have a date because the date has not been set for the 2024 edition of that event But you can always check out a MSP geek on and Or just MSP geek in general great community of IT professionals. So definitely a lot of fun there Um One of the things I like to do is answer the questions first I think I only have one question someone said in but I think it's a good quote. Oh two questions. Oh another one just came in We'll start with the first question and then we'll pop over to the second one that just came in Let me copy that and paste it and bring it over to here where I get to read it in an easier manner. So Should I check that literally just came in perfect timing person who sent that oh, no, I did come on a little bit longer ago All right. Well, we don't want that we want this there All right, the first question is really simple when someone said and you can call me out on this as this person did Hey, Tom, why do so many businesses not bother implementing D mark? It comes down to time and errors that you may get when you start the project go Hey, I'll set up D mark on for my email and then something gets something happens Something doesn't work you get distracted and because there's not been a detriment. There's not a problem. I'm experiencing For not having it done. It's like something. I know I should do this is where it falls off with many businesses And it's funny that we've probably set it up for way more companies, but we just have not set it up for ourselves It's well, yeah, I believe I mentioned it and this person said that as well that if you In my PF sense video where I talk about getting alerts. I talk about using I think as a company called duo circle it's outlined in my PF sense notifications and alerts video and Yeah, I set up D mark for that demo, but still haven't set up for my website. So yeah Yeah, that's pretty much Why it doesn't get set up like a lot of people the best of intentions We're there and if there's not something pushing us along There's always so many things to do D mark somehow falls down below that Let me grab my drink over here. I got my tea So that that's the my little Short rant about D mark you kind of falls, you know if anything's out there that's like hanging out like it's something You should do but doesn't present an immediate problem for you or a security problem hanging out there Those are generally the type of tasks that just kind of get relegated to I'll do that later And I'll focus on all the other things today. I seen someone ask a question. It says Your forums be a good place for true nas help or into a weird problem kind of depends I Would say you can ask it there. Maybe someone has an answer, but there was also the true nas forums So I guess it kind of depends on what that question is There I always go in the forums I am there even when I'm on vacation every day I went into my forums and replied to anyone Who I could answer and sometimes I don't sometimes I suggest people when they have a really weird or overly specific issue Sometimes the forums of whoever made the software it might be a better place to check Of note, I need to update the rules on my forums because this came up as a discussion But I think all of you can feel free to suggest if you think there's more But I kind of have a simple three-step answer for how to do a forum post Properly and I've just not gotten around updating the documentation or the welcome messes I should say but there's just three simple things that you should do when you post in forums The first step is tell me what the goal is Tell me what the error is is number two and then the third one is give a little bit of context But leave only enough context that you think someone might need but don't write me a book I bring it up like this because it's kind of one two three step of how to do a forum post People sometimes start with the error message, but I don't know what they're trying to achieve Other people will maybe I can defer from the error message what they're trying to achieve But the also try to give me the entire history of context of them working with computers now I think that's great for engaging conversation when I have time for it But when you try to reply to lots of forum posts and people have wrote three paragraphs I'm as many other people are kind of hard-pressed to to find the time necessary to read three paragraphs to try to figure out Oh, you just have an error with open VPN or something like that So if you can do any forum post not just my forums really anywhere, you know start with you know My goal is to get this working this I'm trying to get plex working I'm trying to get a permission problem sorted out the error message I get that I think is causing the problem is this It's this system. Here's the os do you need more frequently people who help with support? We don't need much more context matter of fact a lot of times sometimes with the goal and the error message I don't necessarily need to have the rest of the context. I can often figure out Like what you're trying to do and how to get you around to accomplishing it so Um, it's that someone I I commented on a reddit post a while back kind of like that too I Took a little bit of time so I was reading it and um Someone was mad because they had actually posted to my forums I think and the reddit forums that thought it was funny to see the same post twice But there was a complaint when people weren't responding and I'm like, I don't know where to start I think you want advice on hard drives But you literally have four paragraphs about things that I'm not sure what they have to do it Like do you just want to know the best deal on hard drives? I said, yeah, I said then you could probably made this shorter All right, so I read the one email and this is cool greetings from Johanesburg. I like that Uh, I love when people you know from all over that's always which fascinates me about connecting with people online So this is our question someone sent. Um, I won't be able to catch this week's vlog because you're going at 3 a.m apparently in Johanesburg time um So someone had a question. Oh, this was an interesting topic So someone they had a question last week about using a vpn to connect to internal networks and they do have use case Uh, they've considered using a vpn to access company servers while internal land Um as an alternative to 802 1x so the ed network is entrusted only authorized devices um Yeah That mean I see what they're trying to do Um, if it may is they wrote a decent amount here, so I'm reading through it. So I don't read at all Uh, hmm never heard of this project. So the project fire zone is a way to do this internally Let's look at it real quick. Why not? Um What is uh wire guard We'll share this tab because I'll Throw it out there. I'm just I we're both looking at this the first time Faster secure access fire zone is an open source remote access platform built on wire guard modern vpn programs 4 to 6 s 4 to 6 times faster than over vpn Okay, so this is just Another there's a few products like this. Um What was that? I know someone will be chatting about it in the forums Um, is it called net maker? Let me pull that one up. I think that's the other one. I'm trying to think of Net makers another one it they remind me that you know connect everything with a wire guard vpn It really comes down to managing it. Um It part of the problem is It's how you think about authentication and this is the You know, what would someone do with their on your network? Or do you work with 802 1x and really implement validating that they're on the network? Or do you really say I don't trust anyone on this network and I validated each point So when you hit the web page that controls your line of business application provided it's web based Is that public basing or do you just lock that down? Uh behind a vpn, but being behind a vpn doesn't automatically grant them access So it just gets them to that thing Bitwarden's an example. I actually run my bitwarden infrastructure without it being public basing I run my zen orchestra infrastructure without it being Public but you don't need if you you know, you have zen orchestra running This is what you get. So if you were on my network, you've gotten this far There's not at the time of me saying this any known vulnerabilities in zen orchestra So this is the next authentication method. So even if you were to get on my network You've you've bypassed any authentication methods that have kept you off of my network This is now the next level. So I don't necessarily um, I mean, unless you're Super super high security worried about it using vpns to attach each thing It's not that it's something you can't do. It's just you're adding a layer of complexity. It is that really the Challenge you're trying to solve. So it's just something to consider. I I guess It's it also makes networking they comment on this that if you run vpn. So if I um VPN to each thing that I'm on you build an overlay network, for example to do it You also now have made a different challenge for any type of anomaly detection Inside of the network because you've now encrypted every bit of traffic for each point So that can then create a new challenge for you essentially trying to do that So just a few more things to consider when you're uh doing that um Like I said, I I don't bother vpn-ing internally like that everything every page you hit inside my network has its own you know Um, if I can pull something up Like even here, here's my bit warden if you go to my bit warden internally You'd have to know a flaw inside of this or have other credentials to get further. Uh, so it's just one of those things like I I I've heard people asking this is the basically the question from last week of hey, can you You know, wouldn't it be a good idea to have um a vpn inside the network? So no one inside the network could see things and I don't know I think each thing in the network shouldn't shouldn't be using your ability beyond the network as the validation That's just not the best way to validate and I know a lot of systems do that They they offer a lot of trust and this is kind of where that zero trust definitions You don't trust based on perimeter. So you don't say, okay, they're outside the network So I don't trust them. They're inside the network that so I trust them. No Bringing inside the network it you know, having a vpn is going to reduce your overall threat surface But you want to have you know, first they get into the network you that's one layer of authentication So you peel back one layer or you got this far Now you have to get further and further still requires you to log into lots of these other applications Um, so that's kind of my thoughts on there Uh, and there was a good topic. I was listening to the two and a half admins podcast and let's pull that up real quick if you haven't heard heard them but Uh, there was a couple things I wanted to mention it they brought up on their podcast because I thought this was really cool And uh, this is the one right here Well, I laughed about this, um The let me let me zoom this in to make it easier for people to read but Windows 11 is so broken even microsoft can't fix it. That's a great article Title for there for sure But I wanted to bring up this because I thought this was just really cool Um open zfs for hp clusters how to best how to best leverage open zfs for your hpc deployment They mentioned here and I didn't really look at it I listened to the podcast. I just finished it before I jumped here Let's see Where did they have they had the whole size of it in here? It was just amazing How many petabytes of storage Frontier the world's first scale, uh, yeah 700 petabyte. There we go. That's that's the number. I was looking for So 700 petabyte zfs file systems impressive nearly 48,000 hard drives 5400 mb me Devices that's there and then 480 mb me for metadata storage. Those are some numbers right there. That's just brilliantly Amazing like if you want to know how well does zfs scale can it handle a larger? You know data. I'm on the data on there. How much how many drives can you put on there? So um, this was kind of cool. It's something I might dive into later some of the details, but uh, Definitely impressive for sure All right, we'll talk about unify here in a second. Let me Pull up something else that's interesting though. I'm just kind of laughing about this one. I'll pull it up in just a second It while laughing in a funny way um That there are more Vulnerabilities have been found in some more enterprise software um And I pulled the youtubes It's a mirror to the chat stop Making sure that something didn't break All right, cool. So it's working. So the uh, the things paused and I wasn't sure if the chat was still going or if anything was on there But I see it is perfect. All right um, the Move it file transfer. So this just kind of broke Uh recently into news move it file transfers your day mass exploited in data theft attacks I thought this was kind of interesting Because of the message I got and this is also if you head over to reddit, you can find this as well the people specifically, you know, it's uh Share this tab my friends over at hunter slabs are quite on top of this. They are often on top of breaking things Yeah I hope you're all still here. That's what I was waiting for something I when I don't see the chat it usually scrolls a lot more Uh Nonetheless the uh What I laughed was, you know, here's all the details of it and I didn't dive deep into it But I've seen another big corporate enterprise um Program with our ability in it But one of my friends is tasked with per well, he works in a very large Enterprise and this is the second time among the Things he has to support where there's a third party vulnerability Uh There's a another third party app that has a vulnerability that has uh affected their enterprise He's like, you know, he's he's like we're we're you know, the first one was the other other file transfer app And I was this one here. Um, I was just kind of laughing Of going yeah, this this is rough and of course this appears to be Um, if I'm not mistaken the one thing I thought was interesting is that it's a Where's let me find the huntress, um In there because this I I did not read details. I have not talked to the people at huntress. I will probably talk to them later, but um It looks like if I'm reading this correctly Uh It you can upload And break out of the system so they don't have proper input sanitization on here Is just my guess and from looking at it really briefly So they're digging into it, but I'm just like, yeah like First anything written in when I see aspx. I'm like, oh, this is this is old I know it might not be old specifically, but just Things that are built on that just seem to have more vulnerabilities in them. Um, yeah Just I don't know it'll be something I'll dig into later But there's plenty of blogs on it huntress being easy enough to find just go to their blog to sort of latest posts on there But I thought it was interesting Thought it was one of my friend messaged me. He's like, well, he goes huntress is two for two for having The vulnerabilities that I have to deal with having good write-ups on them. I was like, oh you got hit by that too, huh? Yeah, the um The the out it's funny because the discussion always the same, you know You didn't develop the software internally because it should have been better by a third party But these third parties often don't do the best job of vetting their own software or having it properly Uh pen tested so yeah That can be a problem dumb question How does tom split terminals incident single window and linux? Hopefully someone knows when bring to tmux Yes, uh tmux and specifically if you want, um To use the same Setup I have It would be on my github. Uh, it's just github slash laurence systems. If you go to the dot files Here you can have my tmux setup Which actually I should update it because I realize it's been like that for five years But of course it ain't broke. It kind of works. I like the way it looks, you know, but Oh, let's see I love how people who don't want to pay for software but say they're not going to be software. Yeah All right, sometimes some spam comes in you just gotta block it real quick I mean, I I feel like I haven't had a spam run here in a long time It's that's interesting um All right back to more interesting things Zaz well, we'll get to the unify stuff in a moment here but the Zen orchestra there's a couple things we can talk about there So Yeah, feel free to feel free to ban them travis. I think you have permission to do so If not, we'll sort that out later um They released I think I mentioned this before they they got the whole thing Done in terms of the what is your basis for how you design you you come up with essentially like a template And uh, they've got that release. So we're getting closer now They have all the colors picked out light mode and dark mode These are things like you think dark mode just like hey the opposite of light mode, right? Not exactly You you you need all the different colors to pair up in a certain way And so they've done all this design work designing the elements deciding on a standard by which you're going to follow And all this is important because uh, we're going to get a much better looking version of zen 6 so they have In some of these screenshots by the way, uh exo light Has some of this design already. So exo light's coming along. That's going to be the built-in version For zen orchestra and it's actually come a lot further. Maybe I'll do an updated video about how that works It's easy to set up. It's it's completely like alpha right now as a downside. Maybe when it hits beta I'll actually do a video on it But they're going to update the new version 6 of zen orchestra to look like that as well So you're going to have these different treat menus. It's going to be a little bit more modern design But these are some you know stink previews what these dashboard elements are going to look like So I think this is really cool like they're doing some Really neat stuff here. And of course, here's what looks like in dark mode, which hey, definitely cool for sure But yeah, I'm excited about the you know Following along over the last just couple years of development on zen orchestra has been pretty amazing So they're definitely uh, just Coming right along and this the the new ui. I think is it's going to be welcome I don't hate the old ui I know some people are like a little skeptical about it But I think it's actually pretty cool. It's extremely serviceable when you have large volumes of virtual machines Uh firewall thoughts ingress or egress rule filtrings I mean firewalls by default your average firewall is going to Block things in terms of ingress but of egress filtering Most things are going over 443. Um I don't you can do it if you need to I don't know that you'll find some things will break So you just got to figure out what's on your network and then start mapping it. I don't know how beneficial it is um One of the things I recommend to people if they you know want to follow up on security and things like that Is uh go through differ reports look at how hacks happened I am Deal with what you know focus on first dealing with that the real world gets hit with And if you look at a differ report and you go Hey the gap the gap that lets someone in the gap that would have been closed if we did this If that was egress filtering then cool. We know it's something probably important to do I will tell you though That is rarely the case that egress filtering would have stopped These attacks pretty much all of them go in and out over 443 The so egress filtering is just less effective than it used to be thoughts on proxmox for other hyper providers, uh with a consumer grade ssd Proxmox or xcp ng either one of them work fine with consumer ssds They work as good as the consumer ssd works. Um, I don't really think there's a problem with them He had block 443 outbound that'll make it fun They will they are working on the vtpm that'll come out in the on 8.4 version I think that's when that'll all be ready. They are working on it What software do you do vm's on? I do all my stuff in zen orchestra That's my preference. Um, so right now I'm on this is my, uh, community version edition actually pulls Oh, I got some updates to load and patches but Yeah, this is all my uh zen orchestra system. This is where I run all my it's my preference So is to run zen orchestra. I'm running the latest version. I did update zen There's some new features they added and one of them is creating mirrors of your backup This is kind of a new feature. I'm gonna have to explore this a little bit here But they also did a really nice job And let me pull this up something I want to highlight their latest zen orchestra They did a nice graphic here that I think kind of explained the backups really well Let's so share this tab instead And uh, they they've been a lot. There's so much fine-tuning you're doing in the backups I think that's been really cool. So it's definitely Been greatly improved Uh VMware is is shedding users fast the Support has not been as good and I we're we're seeing a lot of people migrating off of vmware over to The other worlds and things like that, especially the xcp ng Do you usually deploy suricata for your customers? No, if the customer needs fully managed IDS system We would sell them as such Uh, you can't manage suricata across a lot of clients easily like on a pf sense So you just sell other solutions if that's needed Do you recommend vm's over lxt containers pros and cons? Security can be the con when you're Having everything under one shared resource like an lxt container and you have everything in there that can be a problem but It kind of depends on each situation I like everything as a separate vm because it's you know, it can be very clean For how you're handling it, but that's not the best use of all your resources So if you have a lot of vm's that Are each running their own operating system that becomes very heavy on the system Maybe you don't have the hardware to support that and that's why containers exist is to say Hey, we have these group of similar services that want that need to talk to each other We want to be able to spend them up and down in a lightweight manner So it's not like there's an answer for it's all this or all that it comes down to the projects you're building When you build xoa from sources can be mainly updated cli or doesn't need to be recompiled do the updates The v6 you just go back in and re you know the video i have on that topic which Maybe i'll do a new one because apparently i get a lot of comments going is this still relevant Well, yes, it's still the same software I mean when you pull it it pulls the latest version So the version in that video is old, but as long as you type in get pull it'll grab the new version So as you go through and pull these uh and use that zen orchestra installer It always grabs the latest version and each time it recompiles it now there is an update option So if you go in there, uh, you run the update and it will update and recompile again So yeah, you just go in there from the command line and rebuild it each time Greetings your take on meekertik firewalls um basically My problem meekertik firewalls is bad documentation Is is problem one they everyone complains about like tom do a bunch of meekertik videos. I'm like They're inexpensive, but their documentation is not always that great and they're just kind of quirky the quirkiness can be solved And I seen someone posted my forums. I've kind of quoted it a couple times. These are my forums meekertiks that you know That weird little cheap device that if you can find the right secret Incantation that you copy and paste on the forums it'll work But no one will tell you why you have to type that thing to make the thing work the way you want So my it saves you a few dollars and if you're willing to put the time in it I think the the people who know them really well really swear by them They go it's really great once you figure out that you can't just do this You have to do these other quirky things with it. They can build a good network But that being said do you have the time to learn it? I'm planning a gaming business pondering how to deploy various services services for local hosting Like I said, it comes down to the use cases you have Can you do the networking well in that? Can you have enough networking? Do you need these in separate vms? There's a there's a lot that goes into it You just got to really sit down and think about the architecture of how you're building it and how you want to build that out um Do you have plan on doing more videos on security cameras vms platforms? I only use Synology for the most part, so I don't really have time to check all the other nbr's I don't and also we don't the way I do my reviews is my business my business we deploy But I I don't say it like, you know in a mr. B style Sensational like hey, well 30 thousand dollars of a thing I'm saying we deployed those 30 thousand dollars with the cameras Over a couple years and I can give you the feedback from those particular brands of cameras. We deploy I I wouldn't be able to do and don't really want to sell to my customers a Weird nbr system and one off it So my experience comes from for example tons of the Synology's we deploy a lot now We consult on a lot more than even we deployed so you expand that out We're experienced with it We've been doing it for a number of years and it's kind of cool to have a customer that we deployed One two several years ago calls back on hey, we want to change things or update this and the systems work so good We want to expand it So I can give you good feedback from very real world experiences deploying these out at businesses With Synology, I wouldn't be able to be that in depth with the other platforms Someone was messaging me the other day saying i'm looking for the cheapest platform possible I'm like you're you're not going to get a good quality You're you know, Jeff Gehrling just did a video talking about like the HickVision and how it needed some weird plugin to make it work I don't know what model it was, but I don't trust a lot of those are nbr's Synology has a good reputation to put behind them. So I think the Synology nbr's is a really good choice But I just don't have time to really dive in and actually do what I would consider a thorough test of the other devices Yeah, this is why you need to make a maker take video to give his documentation Yeah, isn't that the challenge? Oh, let's see Oh, yes, the hookups actually got some good videos on there as well Let's see I switched from Synology to a virtualized blue iris instance. Yes windows, but I save money and I have AI that doesn't depend on using expensive cameras And that's there's more than one solution blue iris. Uh, seems to be really popular amongst the homeland people I I don't have a problem with that. I wouldn't want to support it commercially anytime. I've looked at it I I I found it to be kind of cumbersome and runs on windows, but you know, it works for the people that use it. So Have you seen it? I similar to the x-mini is better than the synologies that I have a video to compare the two Together whether you're talking about TrueNAS or Synology. I have a video that breaks those down There's not just an answer of yes or no, which one's better It's about what your use case is and then I if you go in my forums I've got a whole chart detailing out what's supported on Synology and what's supported on TrueNAS. So Speaking of Synology, do you think a ds92 and camera view them very well seems like a two core cpu just wouldn't do the job I would go with a two core cpu is not going to do the job. Um, depending on You know exactly what that job is you can run quite a bit of things on I have a I have my little TrueNAS box one of them that runs several jails and free bsd with only a couple cores They don't know what I need to run. I don't know that two cores will run what you needed to run Uh, you know, unified protect is good. Just hard to get equipment. Uh supply chains are kind of catching up But yeah, so You've tried supporting some instances of blue iris on the mount. I wouldn't want to do that again. Yeah Uh You synology dated and laggy devices. I'm sick for uh, come on. Here's your increase into one Yeah, I've never I haven't looked at blue iris in a long time. So I don't really know Um What I don't know what the version looks like it's been it's been a minute Uh, since I looked at it, I can tell you what the you know latest version of the Uh, Synology looks like because that's this here I mean, I don't know. This is modern enough to me. Oh, look I got spiders This looks modern enough to me But maybe not to you. Um And expensive is a relative term because I don't find this camera too expensive with the ai functions in it, but you know Um, that's what it comes out. I got a spider here too. That's what this is I know this is a spider because it's been driving me nuts. Whoops I didn't have to pull up so spider. Um Yeah, look at it. See it's moving spiders and uh, the camp spiders on this camera Guess what tom's doing today. I just got back. They they they made a they made little spider things on my uh cameras while I was out of town but like I said, I uh I think that I don't find it laggy at all. This is not a particularly high-end Synology. I find it pretty snappy but If you put too many cameras on them or you figure out what the max amount of cameras are you put the absolute max amount of camera and crank the resolution up, you're going to get a slightly laggy um experience on these So that's just kind of what it comes down to But yeah, I click on it. This has got spinning drives in it. By the way, just a pair of them. It plays quite fast We build a lot of these systems and uh, I'm like said, I'm pretty happy with them Wishing the unifier would come up with a cheap pan tilt camera. Yeah Uh Synology is a per camera license Uh, but it's perpetual for one So when you buy the license, it doesn't expire or if you buy the Synology cameras, they don't require a license so it's kind of Like yes, there's a license unless and they give you a couple for free. So I wish Synology was more customizing choosing a bigger CPU like 8 or 16 core typically Uh, wouldn't be a bug thing for normal NAS, but their dsm feels you nice. Yeah Uh Have you heard anything about docker going away in sureness scale? There are whispers, but I haven't I don't know who's whispering net to you because why would they get rid of it? I don't understand So I don't know where you heard a whisper, you know, it's um What it it's The mark twain quote of it's easier to fool someone than convince them they were fooled This is one of those weird things the number of people that think sureness scale costs money That's a really common. I don't know where the bad truth came from like it's Not published on their site. It's never been said by me that sureness scale costs money But man over the last week there's been like five or six people commenting about sureness scale costing money I don't like it doesn't so I don't know where some of these weird rumors come from But they don't seem to be very well founded. So, uh, it just kind of Confirm like talk to the sources like the developers So and and if it's not coming from developers, why would you give like You know credence to someone in a random whispered forum. Oh, I think they're getting rid of it I don't understand like how does that person? um carry weight So that's I don't know Uh dream machine will the unified platform is not just a dream machine a unified platform does not support non-unified cameras Reddit. Oh, yeah Reddit Reddit's definitely a wonderful place full of information. Um, but not all of it's accurate Confirm there's a reason like if you look at reddit And uh, we'll switch this tab real real quick One of the reasons I don't post because I I don't like this. Um, if I'm posting Under a different account An anonymous way that's fine because I'm having an anonymous or pseudo anonymous discussion or whatever Because it's my personal interest, right? But I try to be very You know concise and clear that this is me as a company. You can Follow who I actually am. So if I say something on here, you can ensure it was said by lauren system That's one reason I use my real well What my handle is at least for my social media posts of lauren systems So you be careful if it's some, you know Name random group of numbers person making claims lots of people like to make claims just to make claims To get some attention Uh to tell you that docker is going away inside of shunas, which I don't think is true in any way Um, I don't know if they've improved so have the docker I'm sorry have the doorbell cameras situation improved at all. Unify is just uh, Unified I like to have something on sonology. I don't know. I don't use a doorbell cam So I'm not the most up-to-date person on those Becoming IX partners here in peru. Awesome. Hey, I really like the IX systems. Great. We're an IX systems partner I just use open zfs on a bunch to installed uh cockpit modules when not using cli There's probably more A manual than true nas. Yeah. I mean, it's not you can't that you can't use that. It's just something It it depends you can run everything from the command line. It depends on whether or not You know, that's what you want to do Uh, but let's swing back over here Talk about this briefly I'll do a separate video on this um But I I I feel I don't know how to how to express my feelings on this exactly I mean, everyone's excited is I'm happy that they have open vpn server Open vpn is a vpn server found in teleport sanction. They added open vpn server Let us celebrate the the vpn server to spend around for years and years and years to finally making it to Unify like they would they did everything but they they were just so stubborn about getting around to this and I'm happy to see that the unify applications are finally improving Um, but I am just so puzzled that it took them so long like they tried to do everything different in a way that made no sense to me and I don't get it like it took them so long to just go Oh, I guess that's why all the made all the other open source firewalls and some of the closed source ones and All these companies must build this server in Because it must be what people actually want. Yes, it is it turns out It is what people want So now we have these as options inside of unify. It's just I see it People celebrating that it's finally coming. I'm like, it's been around for years The unify is the only people who didn't think it belonged in a firewall I don't under I don't understand why I took them so long, but I'm happy it's here So that's my excitement from the the people over there Uh, sorry for the question with psychology You might recommend roas back us popo s when bay and doctor is sharing What might you recommend? It comes down to I mean if you're only backing up one machine or two machines, it's not a big deal at all to They have what I don't know the models off the top of my head. They have an nvr selector You tell them what you want to do with it and they'll help you. Uh, well, they have a whole NAS selector tool I should say I said nvr because they have an nvr selector for your cameras as well so, um Yeah, any of the even the base little two bay models If if you don't need to back up all seven concurrently Also, it does not back up linux well So if you are getting your hopes up that the analogy will make a great linux backup machine I'm sorry. You will not it makes a great windows backup machine And for linux use whatever backup utility you want and use astrology as a destination But even the basic two bay model would probably work for that So, yeah, it doesn't because they all have the same features start with you know What's your budget? What's your storage needs the two bay model is nice? But you're only going to get a mirror out of it So maybe go with a four bay model if you want something more than a mirror And how fast do you need it to be? Yes backing up this analogy to uh back place even if you back it up to the Synology uh c2 That's that's actually pretty reasonably priced I think the astrology's done a good job of making some of the service offerings um There's a lot of improvements that i'll do a separate video on I laughed at this one though I don't know why it took so long to do this, but the uh reserving 192 168 1.20 for DTP lease That's uh the fallback address for unifies unless you've leased something else at that IP address So there's actually a lot of cool stuff that's going to be in here I've already loaded it on our system So I'll I'll be doing the review of this and I'll do an updated review of the unified drain machines Because we now have drain machines and let me pull one of those up That actually do what they're supposed to do This one I think this is the right one Log into it real quick There we go Oh So update cube we're going to update this in real time But I will be re-reviewing the unified drain machine here Um because my opinion of it has changed because the software finally caught up With it not sucking as much Yeah, soundly c2 storage is about the same price as blastpikes. Yeah, they're soundly's done a really good job of pricing on their C2 server they they want people to use it apparently and and they're priced it accordingly They didn't price themselves out of the market on there, which is actually pretty impressive So uh hats off soundly for doing that Ooh updating come on How fast will it go? Soon Uh, don't you get like four lights or camera technologies? Failing drive it depends on the model each model has a different number that comes with I think most of them only come with two Some come with more but most come with two Not quite the unified disappointment machine anymore. No No, um, I'm actually gonna say I I can now Feel better about doing this because the the common question people would have would be around the vpn server Or lack thereof I should say now you still don't have tail scale support. Um, but I don't know how necessary that is Uh, have you done videos about the ix servers? Yes, you can find them on my channel Sonality drive client works on Ubuntu for backups. Yes, it's the active backup that doesn't have good linux support I don't know that they'll ever solve that problem. I don't think it's high priority I don't think the demand is there for it. They have some linux tools that'll work I use this analogy just as a share on my linux system. So I'm I'm fine with it. I just don't use their native apps I just got a udm pro and it's quite nice. I thought the unify protect, uh Was still intended only to unify cameras, but heavy airs. No, it unify Protect is only for unify cameras The problem is storage locations you to backup. I don't like stuff going in the us and the only other data center is in germany Well that much I can't help you with Um, so use use wherever you are comfortable storing your data I'm not worried about where I store my data because I encrypt it before I send it So if it's encrypted before it sends I don't have to worry about trusting the end it where it lands Cody here saying ubiquity is really wanting people to use traffic management rules over firewall rules Well, you know, they they finally have surrendered and decided open vpn servers a good thing to have in a firewall Um, who knows what new thing they will try like you're have someone to just try is really hard to be different Instead of just going, you know, we like you for what you're good at not the stuff you keep doing weird Um, someone should maybe tell them that I don't know maybe if they had a hint Like hey that thing you keep doing that doesn't always work right Just stick with the thing we like you for and really focus on making that better uh, oh of note and I Let me uh, I laughed at this one too because technically it didn't go away, but it did Go away in the new ui, which was the ability to where does go? um Added an option to move adopted devices to different sites That's not a new feature that feature exists in the old ui It just took a really long time for that feature to come to the new ui and I didn't understand why they kind of You know while they're fluttering around coming up with weird ways to do vpn servers if they would have just like Decided that they wanted to do a new ui But then actually put all the features in a new ui at once. I mean i'm not ahead of development I know it's hard to develop things I've you know, I've worked projects before not quite the scale that they're working at but it's just weird how they do things Uh, it seems very disjointed. So That's the one problem with the way they do things. It's just so odd Since we're on unify, how do I force one ip to a specific mac address? You dhcp reserve to get that is that or are you asking about how to mac filter? I guess I may not understand the question. Generally a dhcp reservation is what you're looking for It's absolutely stupid. The new ui works for you by leaving big features like moving site is out Yeah, you it's weird how you have to switch back and forth between them I don't really understand like you think if you're gonna develop it So let's go back to another probably larger project that people over at zen orchestra like They have an entire plan They have an entire plan of how to do a new ui implementation how they plan to do the migration They've outlined all of this in detail like they've told you how they're going to do it And they've been following their design details for each step of the way That's exactly what we like to see like it's just great. Look they even are telling you this is how we're going to be doing Um, all our new elements in our new version six like this is what a roadmap looks like you share it you Give updates to the community that engages with your product and the community Celebrates their you know and become willing testers of your software and such Unifies a mystery box of what's going to happen next Do we are we going to create another new new ui and maybe we don't know it's not on the roadmap or is on the roadmap We don't have a roadmap. We just we just want to let you know things are happening You find yourself doing things like a dream wall and update your feature sets faster. Yeah, I don't get the dream wall Um, that's a that's a weird one. So but that happened I mean, I don't think I maybe I'm wrong people were asking for a form factor. That's weird. So Can't can set seem a word aesthetic IP. So I thought I would do it in router by mac address since that does not change Uh, you just do a dhcp reservation in there. I don't have Well, actually I do I'm updating it right now the only um I don't have any systems on this. So I think if I go on to the network here There's probably no devices Yeah, there's no devices on here at all So without any clients connected. I can't show that but you can You can look at you can specify and then set the IP address of uh specific devices If you look up how to do it, I I think kody might even have a video on how to do dhcp reservations in unify Love who do you agree with the lot of dumb confused things still avoiding unify routing pfcents has spoiled me Yes, the routing in pfcents is substantially more advanced than uh unify fixed ip uh fixed ip or dhcp Um, is that they call it fixed ip in unify? I I don't like when companies have like new names for things Like I don't want a new way to name it The unify is quite different uh to pfcents, but I'm used to it also make sure you turn off any cell Post to unify controls before turning down new hardware. Uh, yeah, they will fight I don't know the overall reliability of the dream walls. That's gonna be like I think they build a pretty reliable device Um, but when something can mean be hard to acquire that makes me also worry about it, um Putting it in like what if it goes bad? What if I have a problem with it? Actually, see I've got the new app here. Let's look at the Port manager. I think they updated that what can we do? Okay egress free limit Anything else in here? No. Oh traffic restriction. There we go. Hmm Block traffic or allow traffic Interesting so this is one of the new features they added You can restrict the port uh by mac id So if you want to lock a port to a specific mac address That's why I wasn't sure if you were asking about that but that is an option you have Did I why is this not going away? There we go, they move the little they move the little where to close it button I hate that my isp uses cgnat. Yep Well, and this is gonna be a problem for a lot of people It's all the reasons I've talked about tail scale and overlay network so much. Um, I use I use tail scale I think tail scale is great and I readily recommend it for especially if you are stuck behind cgnat Tail scale is a great way to get in and out of your network when you're oh, I don't know traveling down south and You you want to make sure your phone? Is backing up to your Synology and things like that tail scale does a trick for that Uh dream wall only has one gig when to I think if I'm not mistaken dream wall has a 10 gig on it So there's 10 gig if we can pull it up real quick. I imagine where's it at? Where's all the unified stuff I had pulled up Let's start closing all this other stuff Dream walls Are they on the list here? Where is the dream wall? Cloud key and gateways There it is dream wall 10 gig So yes 10 gig on it tail scale is awesome to accept your chair and even the lowest offers a lot of features. Yes, they do Yeah, I can't beat the features of tail scale for the free chair Uh, you got your own derp server. That's awesome. Yes, the uh, the tail scale servers that do some of the connecting are called the derp servers So that is true You don't like the new site. Yeah, I'm indifferent on it. I don't hate it. I don't love it. I don't hate it It's just it's just different As long as I can click on it and buy stuff, I'm happy I care that a site is fast And not difficult to find things uh, so I don't know looks good looks pretty It's they're switching inter access points that they're still the best for like this is that's still the best thing they make And I hope they don't mess that up Did they give up on I think they did give up on the fluorescent lights. Are they still on here somewhere? Installation storage. What are their storage? 8 terabyte unbranded drives Camera switching identity The problem I have with a lot of their identity stuff comes back to what I was mentioning about the roadmap It relies on their cloud. So if you go through something that relies on another third party's cloud I have to know that I'm going to invest and then have support for some ongoing amount of time Companies without roadmaps don't give you the confidence Google being one of the biggest companies out there and they don't always give us the best confidence in that exact thing It's all those problems with any of these businesses is like you you become a laughing joke At some point and google of course killed by google google graveyard. What's the other one? The google cemetery And it's just All these different companies they just keep coming up with different silly things And if you're not going to give us a clear roadmap and google is bad about giving roadmap You you know, you want some level of guaranteed support and this is where one of the problems Comes in with google or any of these companies or unify I mean when it turns to if you're not going to give me a roadmap How am I supposed to trust your cloud dependent solution? Uh zero tier works fine. I use zero tier, you know, I was using zero tier I think that pf sense integrating with tail scale synology integrating with tail scale Both of those things made it really easy Uh to look at tail scale as a good solution But I don't have any problem with zero tier. I think it's good too UI lock has disappeared from ea interesting Microsoft has a monopoly. So they're able to just be terrible company Um It's it's that it's back to that article. I said earlier. Um, we'll pull it up again real quick. So why not? As it kind of points out How bad microsoft is and how they don't care because what were you going to do, you know, uh You know windows 11 is so broken That microsoft can't fix it Uh microsoft admits there's there are windows on problems that just can't fix microsoft has made pretty remarkable admission Essentially conceding that it doesn't have a solution for some windows 11 problems um And microsoft's health page regarding the issue microsoft notes that windows search and universal search apps might not work Aspected issues opening in a recent update blah blah blah Basically, they're breaking things But what are you going to do not use windows if you're in the enterprise space? And that's what all of your clients are running You can't just drop linux in some large enterprise businesses or even small businesses The interdependency they have is too great as a home user sure you can go windows sucks. Ha ha don't use microsoft The real world that has to deal with a lot of businesses like well My company does and all of my team of people Means we have to deal with windows and because microsoft knows they're a monopoly and you can't not deal with them They don't really spend a lot of time fixing software Um because they only do it enough And that's it that in not not an inch more Uh, so yeah Yeah, a door lock should last you a long time We don't like their access cards. Uh, don't work between sites. So We tunnel back one network on one side access uh to access more interesting Uh, yes, all the abandoned portal mess. Yes Which one has the most security the one you know how to set up? Uh, when in terms of you know zero tier versus tail scale versus wire guard The one you know because the one you don't know is when you're going to have a harder time setting up and getting set up securely The the service you know, you'll set up more securely right as you know it better You can there's people setting up pf sense wrong because they don't know it very well It comes really down to there's there's not any known flaws in any of the protocols So it comes down to your knowledge of how you want to configure the network Obviously because it doesn't work part of the year Yeah office 364 Recently migrated unified controller to vulture linux instance per your and chris cross extractions now on seven three three how to keep unified releases If you if you want to use apt update, I don't Um, you can you can you can add the repository so you can apt update your unify application But I prefer just to grab the uh Grab the file each time that's my preference and I just download and run the update So comes down to how you want to do it see Office three five seven. Yeah Tom has taught us so many uses of so many things just a quick things. I try I like doing these live streams Yeah, you can use apt update. I mean I just don't because I like to manually update it But that's just I because I want to manually update it. It's it. I'm not going to say it's like the best way It's just my preferred way I also have the system with unattended upgrades on so because it's doing unintended linux upgrades in the background Um, I have it doing that and then when I want I implicitly will have it update the unified controller software Uh, what's for dinner? I well, it's 10. It's 10 p.m. At night. So it is past dinner Um, I had a burger earlier today. I a lot of times will eat once a day. I don't necessarily need to eat again um, but I will share this with with some people for my uh, I I did unpack a little bit from Adventures says one of these will be my evening snack. I haven't had this I don't like peanut butter whiskey, but I have friends that do so we got that These are the things I pick out. Of course, this is interesting too. I don't do you consider this a hot sauce It is a mango habanero wine. Is that a hot sauce? I'm asking Uh, I like the linux server unified container updates. Um Simply changing the version number an entire install is portable The problem I have with the container updates is they're not from unify So I That means you have now placed your trust in the person who maintains them. I don't know who that person is I've never looked. I mean, maybe I do know him and I just never looked But the problem I've had with docker containers or when you You know rely on a third party is you've added that third party to your trust circle Are they a good third party? I know it's a popular repository Is it got a back door that gets slipped in there sometimes? You know, I don't know. Um, I don't trust it. So I don't use it That's my problem when everyone's like, oh, just you and they've asked why I don't do videos on the docker eyes One I'm like because I don't use it because I don't know the maintainer of it or how good their security is Mango habanero wine sounds rough. Yeah, maybe a little Have I set up? Uh after repository not for unify. That's what I we were talking about earlier Also, if you oh if using a docker container, uh, they'll not offer support probably that sounds Typical Their support's not that great. I um, we'd get a lot of people hire us, uh, which I'm fine Unify you don't have to worry about support. Just hire us instead. It's uh, you know, that's my solution to unify support hire my company The cloud keys are fine too. I think the cloud key, you know, the gen ones were rough The gen twos are nice. The gen twos have proven to be much more Reliable than the gen ones Do you have any insights to protect since? Uh water since that's the center site that's supposed to come in the three pack of sensors never seen it become available Uh, that makes two of us. So no, I I remember them talking about it I I don't think I don't know what happened. I don't know what happened to it That that once again, we don't have a roadmap When you don't have a roadmap, you don't know when that stuff's ever gonna come out or if it's gonna come out So yeah, I I can't speak to it at all Oh, you had one die gen two, uh, cloud key died I don't think we see we seen plenty of gen ones die. Um, they they weren't They weren't the greatest Uh, you want to hire us for your home business network? Well, you just tell her to lordsystems.com click that hires button at the top Uh, we are in detroit. So we are an eastern standard time But yeah, absolutely anyone who wants to hire us, uh, you know It's it's really weird the number of people that comment um Comments on videos of how do I hire you? I always like I think that's a weird comment because I say in my videos that we have a website And it's not hard to find my website if you search And also the website has a thing I say click that hires button at the top and it shows up with a little, you know bar It's I out of the 1700 videos. It's gotta be on at least 11 or 1200 of them that I've said it And it's usually on a video that implicitly the comment will come on a video I said of how do I hear you guys? I'm like go to our website I get dms like that too. Um, I'm discordant. How do I hire you? Well, I don't know Few issues with the cloud hgm2 all related to the hard drive failing those things get hot If you try to run protect it 4k cameras, it gets messy. Yeah that's definitely true the um systems are Not really robust enough to run a strong camera system. The matter of fact, the unify nbr itself works well But the nbr packed into a cloud key or the unify dream machine is just not as good Once you have a bunch of cameras. I mean you're only a couple cameras. Sure, but once you get a few more Well, not quite as good Most common home user. I'm assuming you mean question Um, they're all over the place. There's not a single common home user question There's many many matter of fact the questions are more uncommon from home users Because when you're getting started, you just have different questions Some questions may not be worded properly But me and my team have become good at reading some of those questions including in the forums because we're trying to figure out What your goal is and sometimes that might be the the question we ask is what are you trying to do? And they just don't know the right Terminology so we always help people. Oh, you're just asking about setting up this or that to guide people along the way so Videos even Have fires. Yeah Maybe they skipped that part probably Uh, why is it we're coming just have to be sitting in the live stream last question that popped my head But oh, no, no, no not you who thinks it's uh weird for asking It's a number of comments that I get or people don't know that we have a website. That's it's not you Um, I'm saying about it at all It is the the the comments that are on my videos that are like, how do I hire you? How do I contact you like those are stranger? Um Comments that I get so it's not no not in any way directed at you. It's just the uh Unusual number of comments that I get that or that so that's that's what I think is actually an unusual comment Maybe people using a sponsor block if people mark that intro or not But yeah, either way should be able to find the hire us button I mean, I have on my main youtube page my website linked. I it's pretty clear I think and maybe i'm wrong and please let me know if I am uh that I've in some way obscured the way you would contact us so Definitely, um It is yeah, yeah, I something I don't know if I'm ever I wish I'd make sure I'm being as concise as possible And I'm always relying on all of you because you're the people I'm trying to be concise to Uh, I'm running 15 cameras in a udmsc. No problems on the highest setting motion capture. Okay I think the sc handle isn't the sc a little bit faster or is it have the same processor? Burbage is hard it is for me sometimes i'm just word saluting things together percentage of home users versus business or probably 90 percent business there's There's not a ton of home users. I So it's a majority Most all the work we do as as a business is going to be the business customers part of it's just pricing so Um, we we aren't cheap So it doesn't lend itself to getting as many of the home users and there's not we will service stuff if people need it But um, sometimes the pricing will be You know just beyond what some home users may want to pay I also have an msp. So I skipped that part. Yeah. Yeah skip the hires part We we service So we got to probably Lay it out. So from my msp perspective. No, we don't do msp for home users Um, or it services, but when someone just wants to buy consulting time to set up a network We'll sell them consulting time to set up a network and consult with them on it. Um, so that's usually how that's going on there Uh, if you were to see I would hire you people here want to charge me 250 uh per drop. Well, guess how much we charge per drop Uh, that's that's not on 250 per drop is not an unreasonable price Most of our home clients are the owner of corporate clients. Yeah, I mean we have those clients as well that the We'll we'll do the homes of the people that own the businesses and things like that Yeah, 250 not unreasonable. That's uh Wiring is uh in the labor involves, you know what? It's harder. We'll go we'll go a step further It's harder to do residential residential is higher than commercial office to do wiring in Not everybody realizes that but that's definitely Just one of those things it's harder to get into walls. It's harder to deal with the Residential construction for your average home and here in the united states your standard stick built homes But in the business world, you're going to have easier access to the walls You're going to have easier drops because it's usually the drop ceiling the walls are not necessarily Supported and the drop ceilings are going to be able to pop a tile and just you know Drill a hole or or if it's a non supporting wall The wall isn't any much higher than the drop ceiling So you can just like drill a hole in the header board and drop the wires right down That makes it a lot easier to go through there and and put those wires in And especially if you have a flat roofed commercial building the trusses are easy to Mount all of your rigging to that holds and supports all the cabling You know that is something else on my list I have to do is um Do some videos on wiring I actually have Where did it go Somewhere But we did some wiring cleanup And uh, I need to do the videos for this here. So that there's some stuff that's going to Be coming out soon is you know, I'm gonna talk again about how we bid these how we put these jobs together Some before and after pictures. This is a during picture. I took of rewiring So these would be some more topics that I want to cover Um a lot more in depth because there's always some confusion about how to do the cleanups cleanups are you know, definitely I have a picture Here this is before it was cleaned up be well, this is part way into the cleanup. So yes Defined drop we need ladder's equipment At then they 250 could be a deal Uh, no, so 250 is just the drop price not the get us their price 250 per drop, but there's also Set up and cabling and uh All of the other things Related to it that we also charge for so it's not just doing The drop that's the drop price, but yeah, there still could be a destination fee and everything else I want to shake the hand of the guy that hired Hired 18 years ago to install that landline around my house and use cat 5e to wrap rg 11. Yeah Ha ha ha ha Tech horror stories. Yeah I do have an older video about drops. I mean, I think before we're charging like 160 180 It's just increased over time. Um It's just in there's even then that wasn't a final price that was that was the price for the drop There's still all the other price for the set it set up or Setting up the rigging or you're buying all the you know the infrastructure that goes around it too Like you know if you need a patch panel and things like that Didn't really guys the low voltage also in the msp space with some nation clients in the area have been using Incas stalls, but uh, yeah hit us up if you you know if you want us to quote one of those jobs just reach out to us We can look at it if they're into the trade area Absolutely Word about this the best advertising. Yes, that is for sure All right. Well, I'm winding this down. I've been going for an hour and a half You know if there seems to be a lot of people on here. I don't mind doing these live streams later Um, maybe I should do that. We got pretty good turnout for this Maybe I'll do sometimes I'll do something in a morning sometimes in the night Maybe maybe the midday is not the best time to do it I know next week because I'll be at it nation and I'm not flying in until Thursday um the The uh Trying to figure out what time I'll be in but I know it'll be a late night blog I'm just trying to put all the times in my head. I looked I looked up like this because I'm like Because if there's this virtual calendar about me, there's not it's it's me staring off in the space on there If it was for wiring, we don't do residential wiring. That's that's a no Um, we don't do that. So if you asked about residential wiring, you would have got a response of we don't do residential wiring And if you ask us to support something we don't support like I get a lot of people ask me to set up one off weird Um projects that like it's a homey. It's really weird So we'll get a home user to ask us. Oh, I really want help setting up this and it's just not something we do Like they're like, oh, I want, you know, they'll find some github project and message us and go can you help me set this github project up? I'm like Not really it's outside of our scope of doing that and yeah So those are uh, sometimes you get a response from the team like that But if it's a residential wiring, no, we don't do residential wiring Happy to catch us looking forward to the wiring rehab video. Yes Yeah, that's those are always just interesting This the mess that's made with it and things like that the uh There's some of it being done I think you look on the ground Because that's where all the extra went. I'll close that. All right. I don't know if any of the noise came through Yeah, the churn December zima board video that's kitten that I've been testing it. Um Yeah, that I gotta I got a lot to get done before I go to it nation once I'm back from it nation I'm back to cranking out videos So I'm gonna get some rest tonight. Hopefully make some more videos tomorrow and saturday and Get all that going. So thank you everyone who joined awesome seeing all of you here I will be doing this for sure on thursday. Maybe I'll do a sunday stream All that fun stuff in a short term. I have a few other things I'll be doing Um, you know in between I have a unified video and a few I've got a lot of things in the works It's just a matter of trying to find the time to get them all done By far the best, uh, it focused on youtube Awesome. Thanks. You have gotten a ton of xdb g and migration projects. That is awesome I love seeing a lot of people switch over to it. It's just such a solid platform My company just redid our server in the way 200 bought all new switches from palo Alto Palo Alto makes very reliable switches. I don't think you're going wrong there But hey, thanks everyone for joining. I will see you next week and uh, or or sometime within within the next seven days Maybe sooner. All right. Thanks