 that I was going to do earlier but my Christmas party last night lasted way longer than expected that's just life sometimes let me turn off my phone I would think to do these things after I hit go live like hey I probably have something that's going to send me a bunch of notices and beep a lot let's turn that off I hope everyone's doing well on this Sunday morning it is 11 well 1116 am here eastern standard time morning always nice to get your offsite backup done and find out the next day that the one drive any ZFS raid run pull was ejected due to 1.1 can errors yeah afternoon just ordered some drives they'll be putting my offsite backup down to them and check awesome is an untested back shop actually back up hmm yeah this is one of those things that nobody cares about a backup that works everyone wants to restore that works and if you don't have any tested backups it's just wishful thinking I need to put that on a shirt untested backups are wishful thinking I just don't know what graphic goes on it or does a graphic go on it I think I have a graphic of a nas like done in a sketch that might be what goes on it I'll figure that out maybe that'll be one of my projects today is doing some creative stuff but such as life that's definitely a something to think about is do your backups work yeah no one cares until they go through not being able to restore and recover something painful lesson absolutely you're not wrong at all this is constantly a challenge especially as your company gets bigger this is something we face here at CNWR that the IT side is it's now a big project to go through the tabletop exercise of doing the restores testing your backups auditing everything to make sure you didn't miss something and just making sure we understand where everything is it's it's a scaling thing you know you have a lot of tools and a lot of software that have to manage for all of your security and then the other side of it is managing all the data that's associated with it so that'll be once we were going to be doing a tabletop on that soon and I'll figure out what some of these things I want to get done are two parts there's the business side which will go on our business technicality channel and then there's the tech side of walking through this that will go on this channel I keep this channel tech focused and I keep the business technicality channel well talking about business and it's a great way to engage with people who have the whole you know want to dive into the business side we're curious about how things work we're extremely transparent with that and then I keep the tech side over here that's why I always have that link in these streams and whatnot and I've been promoting it more our business technicality channel I just want to make sure people who are interested going hey what about this what about that we're like I said we're very transparent on that as a topic hey Tommy deploy workstations to manage clients how do you handle transfer customer applications from old workstations new remotely or on site it's we're used tools like Emmy bot and I'll just share the screen with everyone so people know the words I'm using here this is actually in our tooling this is one of the deployment tools we use and have a full integration for I'll throw it in a link in here anyone interested in it not promoted by any bot we just happen to use them Darren the the person came up with any about awesome he is a absolute amazing person in terms of the way they're able to write this stuff to do deployments so this is part of our workflow for doing that for getting things to clients it may have in some software may have to be done on clients but the majority of it we can usually get done at the office where it's just easier to get done I see Travis has found his way here two days to go until the trueness update probably business versus homelab versus home yeah lots to talk about there I'm in I'm in all of those categories I found the fact I found that when a drive fails in an array it is easier to delete and remake the array and then just copy the backup over reversing a failed drive is a tedious affair yes I guess well that guy depends I mean re re-silvering things inside of a ZFS pool the trueness is actually pretty easy I've got a couple of videos on that topic I don't know that this needs its own video but hold on let me find it because I know a lot of people want to probably have some thoughts on it where did this piece of information go there we go we're going to go right to the source on this one and that's the whole Unify thing that happened it's interesting there's been statements from Unify on this and if you aren't in the know on this what happened was their cloud system got messed up security issues cloud site manager presented me your counsel is not mine and people were talking about this so they now fixed it cloud access misinformation dear ubiquity community yesterday thanks for your feedback support we made we were made aware of a small number instances where we received push notifications what happened 216, 1216 ubiquity accounts were improperly associated with a separate group of 1170 ubiquity accounts when this happened on December 13, 647 what does this mean during this time a small number of years from group two received push notifications on their mobile devices from the council assigned to a small number of users from group one additionally during this time group two attempted to log into his or her community account may have been granted temporary more access to group one of the count was the currency as ubiquity has solved the misconfiguration with cloud infrastructure. The problem is solving ubiquity accounts are now properly associated across our infrastructure how many accounts from group one actually improperly access group two we're still investigating but we believe less than a dozen. I didn't know my account was improperly access. We plan to reach out to any accounts group one via email. Now I don't know that this needs the but it does point out a real problem when it comes to how do you deal with cloud security incidents. And people were saying they didn't respond fast enough two days they took to respond but this is obviously probably a bunch of engineers going what allowed these accounts and like they said it's not a big number here for the scale and scope that you know if I operate that is a small number it's not an excuse but it's one of those things of it didn't happen to all their cloud so walk through this as put your engineering hats on and if someone tells you the application that runs your enterprise and all of your cloud connectivity for all of your users suddenly has a couple people that can view each other's things. You have to try to figure out why those couple people and is it only a couple people are are these people correct that stated this on a Reddit and started tagging ubiquity in a post there's a lot going on there and I think ubiquity the best thing you really do this is kind of a good playbook here you investigate immediately which they seem to do but you can't really make a statement other than we're investigating and that's all they said we're looking into it and which is completely what they should be doing. People are saying the response wasn't rapid enough blah blah blah there's always going to be that. I think they got on it relatively quickly. Obviously it's a big issue but this is the broader topic. How do you handle cloud security when there's no CVE's how do you know it was really fixed see when you have local applications I can say hey version number 1.1 had a problem we updated to version 1.2 the problem is gone that is not the same in cloud because you don't see the version numbers they fix things on the back end so how do you know it's not going to happen again sorry you don't you don't get to see the code. How do you know it was fixed because they said it was fixed. So it's a really interesting problem that presents with all cloud companies look at Microsoft who's had one disaster 2023 was rough year for Microsoft in terms of cloud misconfiguration disasters that whole write up that caused them to lose their keys then get a bunch of government accounts access. I mean that was the biggest event they have but there was a series of smaller ones and this is where it's a challenge. I'll assume Microsoft fix these problems because if the person who found the problem is unable to repeat it. Okay, but the ubiquity ones a little bit different because it's only a couple people that were even able to make this happen and then their ability to do that went away which means we assume it's fixed or is there another name collision somewhere that might cause this. It's a real big challenge and it's one of those things where When you're looking at any of the services especially any cloud relay service that you attach to I always think about what's the risk factor for this it's why I'm so careful like cameras there's a reason I'm using Synology and not using their cloud for that I don't want to I do have and I accept the risk because it's on a separate network that I have decided to port forward my Synology. I've talked about this before my setup on there. I accept the risk that come with port forwarding it that has its own risk because now I'm relying on Synology to make a product that doesn't have a security hole in it so you can kind of see That it can be a real challenge. It's just about what risks you're willing to accept. So if you're willing to tie your cameras to a cloud system you have now deferred that risk to the cloud company to do a good job and we hope they continue to do a good job. But it's definitely not an easy answer because we want the convenience of simple apps to have push notifications that let us know when something's happening versus the more complicated way to set it up but then still relying on those companies to hopefully build a secure product if I want to only have it to myself so the risk factor is a little different but they're still a risk factor and these are the balancing points you need to decide when you're setting these up so yeah it's an interesting. I don't know if it needs a dedicated video but I did thought think about making like a cloud security video just as a topic and the fact that there's no CBEs with cloud make it a little bit more challenging. My understanding is they had full access to those other they said it seems to be less than a dozen people that did this but they had access to it. Now here's the difference. If I accidentally get access to something the likelihood that I'm going to do something bad is really low like if you are accidentally handed someone else's car keys do you steal their car. No you try to find the owner. You know what I mean this is what the average person do because the intent of the people was not nefarious it is statistically less likely but but they are still contacting and as it said in that notice from ubiquity. They're so contacting each person because they have a log of what was or was not changed therefore they can tell those people what was accessed. I think I assume I don't know because I'm not one of the people and maybe if one of those people wants to come forward to reach out to me. Neat if they have some information of what the equity interaction looks like I'd be interested in talking to them but maybe they'll talk to one of the news outlets we're kind of curious on the back end what goes on but because this is once again I can't reproduce it so I can't really. Say what level of access they actually had. An instant like this is a shy way larger corp customers that have strict IT and controls in place yeah. Needs context around a lot of people miss serious issues you rapidly saw investigate Polish a lot of companies have hidden things like this right. Oh yeah ubiquity did not hide it there that's my biggest takeaway is ubiquity did not hide it that is they were transparent they said for a couple days were investigating which is fair. And then from there they published the details perfect that's what I want transparency. Maybe MFA needs to be at the device so you're back you're back to the convenience argument do you want to have to do MFA every single time you have a push notification that says detected object. Let me go look oh hold on let me put my password in a 2FA each time. You could but this is the balance between usability and security. What you take a unified express I've had the UX for a week now and I have the same little disappointed by a strange compare to you six light. I'm still testing it so I don't have an opinion on it yet but it's a well I'm not really I'm not fully testing it yet it's on it's on my almost tested you with the next few days type thing. I here's a question for the audience here there's 150 people here. So hi Tom tailscale versus to engage what's the difference. So I have not taken but several people have Jeff Geerling. I think I know Jeff and Network Chuck are two people I know have taken sponsorship money from to engage to engage reached out to me and I did not take a sponsorship from them. I didn't I didn't whoops accidentally you know there's there's one I got a back button on my mouse and when I went to grab the mouse I hit the back button. Sorry about that. But the problem with TwinGate is there they want to sponsor me and I don't like their branding. So this is one of the problems I had with TwinGate is I'm not even here let me well let's get some opinions here. And because I've never taken money from them. I can just have opinions that you can't say are shaped by money and by the way sponsorships want to give you a lot of money. I mean a good sponsorship deal 15 $20,000 to do a video for a channel my size if not more and it's a whole lot higher if you're a channel the size of Network Chuck. So here's the question you know knowing not only a video is sponsored but knowing like if a sponsor paid someone $40,000 $50,000 to do a video. How do you feel about that person saying there's no bias and opinion in it of their review of it just asking I'm this is a question I started also in my forums on this exact same topic. But I don't like the way they say it's time to ditch your VPN. I also told them and somewhere in here let's go to the docs was it in the docs architecture lots of words about zero trust. How to engage works connectors resources groups but my problem is and I asked them you know I don't have a they don't have an inner documentation. Our detailed how to engage works peer to peer off to engage right where's the transport layer what level of security are you using they've omitted all of that. So I don't know what they're using they don't document what they're using I don't have trust in random company wanting to pay me lots of money to have sponsorship when I don't know how good their product is. Or when they obscure things you won't find this level obscurity and tail scale so I trust tail scale they're both commercial companies so we can step by the way I've not taken any money from tail scale either so because I've not taken any money from either one of these companies. I'm still leaning towards tail scale because of the level of transparency the offer I don't know if I want to do a video because I'm giving free publicity to twin gate if I do that. When wouldn't the business person me take money hey why not take money from both companies because both I think if I think I've got an offer from the people it's been a while since I talked to them the people at tail scale I think they're still offering sponsor money. I know twin gate is because I got more people doing sponsors with them and they've offered so the the difference to me is there's a level of transparency with tail scale. And there's a lack of transparency with twin gate twin gates close source top to bottom tail scale has open source clients so when I'm comparing the two I'll go with more open source rather than less that's a that's my opinion on it. This sounds like inappropriately is on cloud software splitting them up among groups and don't use you can IDs for their group may push notifications access. Yeah I don't know we don't know the behind the scenes of how cloud software is often written so we there's just a lot of speculation we have without a lot of answers. How do you have a recommendation for a privacy conscious cloud backup provider keeps saying $100 to their life from Diego. I like back plays I encrypt before I send and that's when I don't that I have no sponsors that that's not any way endorsed as a sponsor that's just me using them back plays I encrypt before send if you encrypt before send I don't care about the privacy policy of the cloud company. It is what it is I don't trust any of them I don't have to trust any of them because I encrypt before send when money changes hands bias comes into play. Yeah. So here all encryption is done using standard ciphers great standard ciphers that's fuck that's freaking great. Devolved your sponsorship well this becomes a challenge and some YouTubers in I'm not calling anybody out they can do what they want but there's this is just not rules and force there are rules from the Federal Trade Commission here in the United States but the problem comes down to. The way it's done so if they disclose the sponsorship but they have three sponsors they they followed the compliance this video is sponsored. And they say like hey thanks for so and so but they also seem to have other sponsors or what if they say it in the last 10 seconds of the video thanks for blah blah blah sponsoring this video. Are they compliant but maybe you watch the entire video without noticing that that's a discussion going on in my forums where people were thinking. You the audience that we're participating in this talk in my forums we're saying well I don't think the person was as clear as they could have been. I don't know they they're following the law I try to do it up front and I just close it up front now I take some products sent to me those are fine I do sponsored. Tutorials if you notice any of the sponsored tutorials do not say review and I don't tell you that this is a product that is being reviewed I say this is a walk through demo tutorial that's different than you know it's one of the reasons it matter of fact. When I'm having my negotiations with the companies sometimes they don't like the idea that I say that and it will not pay me to be a sponsor I try to do very few of them. But hey it takes money to run the channel it takes money to do all this and YouTube money sucks from the back end like the amount of money YouTube pays me not much through ads. It's gotten worse I used to make more with less views the ad revenue has gone dramatically down the Amazon affiliate revenue is like half or even a quarter what it used to be. So I'm the only thing I'm going to have to do is get more sponsors is what it is what sponsors are you know what keeps the bills paid. To get competing with the likes of Z Scalar where they can define role based access to device of protocols similar. They that's what their claim is they have a lot of application level control so I mean I get I get what they do as a product I understand it I just don't like their lack of transparency on it. But I it seems to be people that like them they've been around for a minute. Do you trust Tailscale really that's really a PDB detection all secret sword on endpoints or do you trust Tailscale only relay traffic. Well because because it's open source because you can look at the transport layer and how it's working you don't have to trust them. I have to trust if I'm using one of the other products that has a completely closed source system. Tailscale is an open source endpoint that's where trust comes from is the fact that we it's become really popular because of the trust that they have. And if you don't trust them you can swap Tailscale to point at headscale and then look at it yourself so you can self host headscale and manage Tailscale. And now you've solved the problem of wonder what they're doing well you're taking that same open source client pointing it at something you host you can unravel it all at that point. Any good third party backup providers like Veeam for XTP and G or Proxmox. No not that I'm aware of not Proxmox has their backup product and XTP and G has their integrated product product. This is a internal discussion going on at CNWR because we're a Veeam company for all the business and you know he I don't really see the team at Bates spending any time. Maybe a Veeam wants to write something but I don't really see the team at Bates spending a lot of time on Veeam integration. They have their own backup product it's one of the selling points and it decreases your total cost of ownership. This is a selling point for XTP and G going well do you want to pay for you know your servers and to backup or we can combine that into one product. Where it's deeply integrated very automated works really well especially the delta backups are amazing for this you can target difference all the different storage types there's no storage lock in that's the selling point of XTP and G. We use standard yeah but which one yeah I know I don't like I said you can see how vague they are on their site I told them I didn't like how big their site was they still have that was like six months ago that I told them that they didn't they didn't care to fix it I guess. I think it's important to disclose up front beginning of the video if you don't follow DB tech he's a friend of mine great not a good YouTube channel he's got he's got a lot of good Docker videos I've learned somewhere Docker I learned about docket. I think that's how you say it the uptime Kuma person also read another Docker tool but anyways I think it's important to disclose up front the beginning the video not the end another mention at the end is nice but the beginning video is very important I 100% agree with you on that. Twin Gates administration general page I found the security info they seem to support TLS 1.2 and they do list the Cypher's okay so they do have a page where they list it but they're just telling you what Cypher's are using you're not really like those are cool but how are you actually implementing all of it like. Tales scale has a detailed write up with wire guard of how they're using it because they use wire guard because they tell you how the keys work. There's not any questions I have about tales scale how it works their documentation doesn't leave me digging your guessing. So YouTube is fighting ad blockers where it's paying is great. No that there's the problem is it's a it's a different economic problem than that that is definitely the opinion and if you listen to some of the ranty YouTubers. That talk about it they're not really talking about the full economic problem here and it's that companies are buying less ads and with companies are buying less ads how do you support the infrastructure that takes to do video I mean. If you really start looking at how do you run and this is where anyone who can be with YouTube has fallen apart. They don't have the money to really keep the infrastructure up to scale at what YouTube scales at and they pay the creators pretty well. In terms of we get a cut of the ad revenue. The problem is when everyone's products are being bought and there's a bigger demand for product than there is supply. The ads slow down because from if you have more leads coming in or more inbound sales coming in than you can produce product. How much do you spend on advertising. That was the problem after the pandemic for a while as companies just dramatically cut their ads. I Cisco completely dropped advertising on YouTube for example Cisco was like one of the pre-roll ads I see all the time on mine. If I open my videos incognito window sometimes because I'd seek so I have YouTube premiums I don't ever see ads but by starting to look at it and like yeah. Wow look at all these Cisco ads and things like that some of the big companies that were in the tech space stopped advertising because they just don't have the need for it and or decided to save the budget. So that's I think where it just dropped down a lot. I snapshot from XPG to a local NAS and then back up to back place from there. Snapshot to a local NAS. I guess you could do that I would probably recommend using their backup tool. Veeam could do adding support for XPG. I mean if Veeam sees enough interest in it yeah they want they want to be where their customers are so there's a chance they could do it. I do KVM to back plays I like it just fine not sure how I do it with XP and G XP and G supports S3 compatible buckets. So in XP and G that's another option. So also hello Veronica other good YouTuber if you don't follow Veronica explains. Haven't. Haven't a test be a performance then progress to mean something like I have not done and I don't know if I will do a direct comparison between Zen and Proxmox. From a product there's someone who actually did a really in depth test that if you dig around it's from a few years ago. They actually compared the hypervisors and actually found that all of them from VMware to XP and G. Well they were testing the Citrix version and they tested KVM and I think they tested Proxbox. They had two versions of KVM like just setting it up in that they actually found them all to be within a percentage of each other. They there were some things like slightly higher but they were not there. Now the one thing that was a little bit different is you can get different IO performance. Zen has some trouble with VDIs like the hard disk access. The reason why though is because of the isolation they use which is for high levels of security. The other people don't do that. There's a write up on the challenges and the risk of not isolating that and caught in some of the problems that can come from it. But it's not like night and day. It just comes down to if you're running single VM and this is the thing that's stupid when I see tests like this. You don't build your hypervisor generally to run a single VM you run multiple. So if you compare single VM performance of Proxbox on the same hardware with single VM performance of XP and G. You're like aha I got faster IO out of my Proxbox but that doesn't hold up at scale. They turn out to be evened out when you have multiple VMs running. And that's a more realistic scenario for how hypervisors use many VMs running and competing for resources. Here's your response. At least it lists some info there but I guess the point we have zero trust with TwinGate. I'll see myself out. I could do an idiot's guide to virtualization covering apps services and Vigy. Why would you want to install it would make a great series. Oh yeah. ESXI and VeeamShop but yeah the future is uncertain with VMware so looking at alternatives like XCB and Proxbox we need to be able to trust the backups haven't tried them. So the Proxbox backups I've not tested but I can tell you XCB and G is from anyone who's watched me do my backup videos told me it is light years ahead of what Proxbox does because they even have full restore testing to do you know your whole backup validation by restoring the VM and booting it up. It's natively built in to the Zen Orchestra backups. So you can actually have a backup and then on a schedule reboot the servers and test them even have them tested on another system that XO is attached to. I've got a whole video I've done recently on that topic so they don't just have all the normal backup features they have all the advanced backup features like that which I think is pretty easy. Yeah. S3 backups the good and bad. I'm not going to lie S3 versus NFS backups not going to be fast. But the way it the way it works in XCB and G what is fast about it is the fact that it does the it's doing delta block differentials. So when you're building it out it's these tiny it's thousands of little blocks and it looks at the differences between those blocks to resize what the differential is between once you did your main backup and then each subsequent delta after that they they got that optimized really well. So once you get your initial seed of your primary backup the incremental backups can go relatively fast over S3 but the initial one does take a long time. The reality is the just nature of the protocol NFS versus S3 is going to be pretty substantially different in terms of performance just the underlying protocols. I know Veronica knows all this. I'm explaining it to the class here. Postcode there's a huge worldwide supply line issue and backlog so advertising hardware made no sense then. Yep. Sorry I stopped what I meant. I back up local NASA analogy and then I analogy cloud sync to sync my folders onto back plays immutability enable on black plays. Should have Veronica in the also doing the NAS. Yes. Veronica's gone full time on YouTube so she's definitely making lots more videos. Thoughts on to NAS core versus scale got a whole video dedicated to it. I still feel the same way as I did when I did the last video on the topic. Core is nice and stable. Scale has more apps. How would you migrate VM from ES6I to XP and G year in luck they have an import tool for that. That is probably the easiest way is use their they do have an import tool up here but they started working on this. This is the actual where it can log into your VMware and import. So this is something new they've done. They have VM import just import or VMware import reaction can point it out there give you use your password. Skip the SSL check connect to your VMware server and start doing imports they've got write up center of how to do this. I mean it's been on my to-do list I just don't do much VMware but we might stand up a VMware system to show how it works. But there's a lot of people that testing it. We tried to do a VMware renewal purchase to some additional license last week but it was blocked with Broadcom start out their plan. Yep. I wonder how much open source companies is really a true thing in terms of and product meaning if companies really sticks the code which they wrote or the implement as they told us. There may be I don't know companies I trust like NetGate or the people at IX systems who produce your NAS I think they do. I think the people at tail scale do that but I don't know that every company does so what percentage of companies have no idea. Yeah there's not a there's not an open source equivalent of like the VMware horizon. So that's a whole different that's a different topic. There's not a there's not an XTP and G or open source version for horizon. So if you have this is where VMware becomes a big word not just a hypervisor VMware encompasses a lot of products. So if you talk about VMware horizon that's a different product than just our hypervisor. I know it all can tie together. That's that's not what I'm talking about but it comes down to your use case. So what about you can switch. So we look at Citrix MS VDI. I don't know man between Horizon and Citrix. Citrix is their whole VDI stuff is just constantly in the news for security flaws. So yeah how do you know if Unify still supports the UAP they made in the new cloud update. I don't understand that question. Oh the first UAP look for the end. They have an end of life page. Look up the Unify end of life and see what's in the life. I never run VPN on my NAS. So I I see people asking about this and don't expect me to do a video on it. I'm just not a I have firewalls that I run VPN on. It's a better place to run the VPN. Now tail scale. They've got tail scale. I think that's pretty cool because it kind of simplifies it. But I yeah running a VPN on my NAS doesn't it's low on my priorities. 99% of the time you're going to you're going to find me running the VPN on the firewall where I believe it belongs. Another thing to think about is leaving SIS is sometimes software providers. I guess you only support ESXi. Oh Hyper-V not sure how they handle that yet. Well support it depends on how you want them to support it. If what happens is people stick it in a hypervisor that aren't skilled at it. So the company says look I can't support every hypervisor out there. But because I know I'm probably going to have to help you walk you through something. I'm only going to support it if you stick it in VMware or Hyper-V. You know I won't I won't support the other ones. And the reason I've seen vendors do that is because the questions are getting are not about their product. It's about how does networking work in VMware and things like that. Matter of fact some of the problems that people reach out to us about. I have nothing to do with the it's yeah it's just silliness as you can see. So you just have to decide that if you have a vendor that says we support virtualizing in VMware. But you put it in something else that your questions can't be about how the networking works in that hypervisor. Or how a setting works in that hypervisor. That's usually where the support line ends. It's not that they usually have a problem with being in another hypervisor. They'll just treat it as bare metal where the hardware is your problem and don't ask us about it. Can a Proxmox container be moved and run some other place like in a bunch of server. I don't use Proxmox so I don't know. Rumor is Bureau Brookham will be offloading their EUC products and Carbon Black. Yeah who knows if it's not profitable they're getting rid of it. I only run TailScale at my TrueNAS scale installed because there's no PF Sense package for it. There's a PF Sense package for TailScale so I'm confused. I love TailScale on PF Sense. One of the other reasons I really like TailScale is because it's built into PF Sense. So I would use TailScale on PF Sense. I've done a video on it so I can guarantee it's in there. SAP are like that. They release the support using VMs and production loads only specific VMware versions. I try to leave the router untouched when it comes to services. I host VPN DNS on my hypervisor. Do you think it's better to just run things on a firewall? I prefer it that way. And it's usually because it's a better configuration experience. Matter of fact I think they're deprecating more features that are... This makes complete sense to me. The people at TrueNAS are moving function not to the core but to the edge where the apps are. This makes a lot of sense because why but I want to have to maintain a VPN because there's an update or security change. TrueNAS is an appliance. So I need to re-spend a new ISO for my appliance. A new installer and an update because they don't do minor updates because it's built like an appliance. It's not built like a package manager where you're updating packages. But the applications are. This is why they deprecated R-Sync for example and moved it in as a package because that makes a lot more sense. What's your thoughts on Apple being forced to allow users to install third-party apps to you? I don't know. I don't really have an opinion on it. I didn't really look into what the ruling is or what the details are on it but I don't use Apple devices much so who knows. They don't send me things if you're talking about Unify. I buy everything myself for Unify. They decided I think I was just too harsh on their products so they quit sending me things which is fine. So I see this now removes any even hint of bias because I'm the one buying the products now. Do you have any experience with a good SOX SIM service offer from SP to offer? I, Blumera. And this granted I do have a bias. They are a sponsor so fully disclosing that up front but they're also someone we're using. So that's something worth noting. We actually use them. How will TellScale work mostly Windows-based network? It actually works on Windows and Linux. It actually works fine on my phone too. So Apple phones, Android phones, MacBooks. TellScale's got all the ecosystems covered. So when the Unify Express light views wrap there won't be any fluff or BS. True. They are not sending me things. I bought the Unify Express with my money so because I'm buying all these things with my money there's simply no other opinion on there. To actually get, you must be branded with Omni barcode on either your right hand or wrist because you're getting the wrist out of forehead. What to do when receiving unprompted MFA OTP? Change your password. If you're receiving them someone has your user and password. That is the most likely answer for that. That is, I don't understand when there's, one of the threat problems was MFA fatigue that we seen earlier or late last year, late last year. And I'm like, MFA fatigue, if you're getting prompted a bunch of times probably someone's trying to log in as you and hoping you'll hit yes. Is VMware making a Workstation Pro subscription? I have no idea what they're doing. I do know what they're doing. VMware is going to raise prices. Call me psychic. Or call me someone who read the earnings reports and someone who read the, the announcements that VMware's been doing. They're raising prices. I don't know how much. I don't know where I just know it's raising. DbTech says I did a video a couple of years ago creating a network on zero tier and adding Windows, Synology and a phone. Maybe I should make one using tail scale. I'd recommend it because I've been, I've done a few tail scale videos. I've done some zero tier videos. I really like zero tier, because I've done a bunch for having both an ability to easily self host if you want. So head scale, which I haven't done an updated head scale video. So that's another one if you're looking for a video topic that could be readdressed. When I did the video, there was features that weren't available that are available now including, and I might, I haven't decided for certain yet, but I thought about switching over to head scale because now they support phone. When I did the head scale video, they didn't have the phone support. They were a big thank you to the people at tail scale for this. The reason they didn't support phone is because they couldn't compile their own phone app. So you have to sideload an app was one of the options. Well, the people at tail scale decided to allow the phone app that is from tail scale signed by tail scale. So legit update to point to third party servers. Tail scale actually allows and has submitted code to the people at head scale. So this is one of those things when only can they allow you to switch servers. They've actually contributed code back to the people at head scale instead of a cease and desist because technically if you're using head scale, you're not going to buy the paid version of tail scale. But I think that's great. That shows me good community engagement. One of the reasons I think they're just a good company. Broadcom equal prescription. Two terabyte exterior is the fastest and most solid build. I have no idea. Yeah, unprompted MFA codes. MFA fatigue. You might help with that anytime I can get a hardware key to do OTP codes. I take that option. You know, this is a good I'm angry right now at hover. I have a ticket open with them, but no no response on the ticket. Hover. Has OTP. So I have my OTP. And right now I can't log in because they quit sending emails. I've tried calling their support. You can spend all day on support. They normally would answer their phone support, but this is an annoyance I have because they went from OTP to sending you a link and then asking for OTP. And I'm like, why are they doing this? Why are they trying to send me links to my email? So it's become a real annoyance for me because their email servers not sending emails. So I have to reply to the ticket via email. And I know they're receiving emails because it generates a ticket, but the ticket tells me to log in. But my problem is I can't log in and I can't talk to hover support because they're apparently busy probably with everyone else is trying to log in. So it's just dumb. But yeah, I'm prompted and if he codes definitely I wish more companies, you know, keys. I love the keys. Here we go. It doesn't happen anytime soon. Any opinion, any opinion or insight if if they're going to keep the edge right. I don't know if Unify is going to keep the edge router going. I really don't know. Can you do a video about systems at Taco Bell? Probably not. Why does Wi-Fi 6 not support PPSK SSDs? Have you seen that? The option disappears when you change that option. I don't know. If you're unbound in PFSense while using Pyhole you just point your you don't use both. That wouldn't make any sense. You just point your DNS at Pyhole if you're using Pyhole. I don't use Pyhole. I don't want a separate DNS. I'm fine with using the DNS inside of PFSense. And I've done videos on PF Blocker. PF Blocker can use the same feeds as Pyhole. You never look at. So I just moved to using it inside of PFSense. Would you recommend downloading anything from Pirate Bay? No. I'm considering downloading Final Cut Pro. I mean, it's undoubtedly got this is a common attack factor is pirated software. It's constantly an attack factor. I don't recommend it at all. Yeah, eventually head scale users might convert to PFSense. To be fair, most people using tail scale are homelab users, so it would be better for them to get those nonpaying users off their servers. Yeah. I don't know who Nathan Lane is. Could you build the perfect PFSense box in a 1U configuration? It's been a long time since you did a PFSense build. I do have one coming. What do you think about past keys? More like if you tell me, hey, we're going to tie everything to your phone. Great. How do I back it up so I can copy this to my other phone? You're going to have to do a bunch of resets. Well, then that's annoying. It's about the portability and making sure that I am the one in control of that portability is can't eat a meme. Maybe it should be. I agree with this right here. PFSense plus be a blocker equals great experience. Well, those lists are supposed to be good, but I think they wrap behind snort. Yes. Well, I think tell us might have a DNS list. But yeah, they're usually tell us updates snort. Hi, Tom. We want to replace a UDM pro with a netgate PFSense or would be better if the netgate and UDM pro coexisted. I think replace having two firewalls and double natting things as a headache. None right now. You know, it's one of the funny things that people hire us a lot for. Hey, the Internet's not working properly. Yeah, we got to prune your block list. Well, that's tedious. Yes, it is. Here's our rate. It's it's becoming a problem if you block some things because you'll find it breaks other things. So I don't know of a good block list. I don't. You know, you know, one of the things that you block, I just think it works better. And when it breaks the site, I can just click the button in the browser and fix the site. So I would say I'm leaning way more towards you block than anything else. Oh, I won't lie, the piehole interface is way nicer that that's why I said it's got a nice interface, but yeah, this is what usually happens. Blocks the Akamai CDN it just breaks the Internet. A pretty substantial part of the Internet runs on Akamai and Cloudflare hard drives in bulk. Do I buy new or used on eBay, especially for SAS drives? Tends on your budget. I mean, new drives, you can get a better warranty. You're less likely to have a problem statistically, but they cost double what you can get, like refurb drives for, buying. I've definitely bought refurb, recertified drives. I just bought a box of them. What's that company I bought them from? I gave a shout out last time someone asked the question of where I got them. This company, server part deals. They've had some really good prices on drives. I'll throw them a link. I don't have an affiliate link or anything. I just ordered and set up some drives from them. And I bought specifically recertified drives. I think I got some 14 terabytes, but the price was good. I've had no problems with them 12, 16, 14. These are the ones I bought. I think they were on sale a little bit less than that, but 14 terabytes. I already have a bunch of 14 terabyte drives. One of my other reasons for buying 14 terabytes was to match up with the big 30 other 14 terabytes. I'm doing a bunch of data shuffling. What are some non ubiquity switches that are good? You know, I'm kind of mixed on them, but the Cisco small business ones weren't bad. They were very functional. I did a recent review of them and they seem fine. I have a couple I've been using for a while. They work. No issues. So the Cisco ones are probably the only other ones that I would say are good. I've not had bad luck with the Ruba either. I guess those one work pretty good. But I think the Ruba ones were more money. It's been a while since I priced the Ruba ones, but Cisco, if you're looking for a simple I wanted a switch that works, that's managed. It has some VLANs on it. Those Cisco, if you look at the Cisco reviews I did maybe a month or two ago, I think those are a solid switch and the price was actually really good on them. So you get good product. Now, if you're looking for a dashboard to manage a bunch of switches, you have to go back over to something like Unify. But if you're looking for standalone individual switches, I think those Cisco small business ones are a good fit. Having high availability with one on-prem head scale and one tail scale from the cloud as possible, no. It's not designed that way. Build or buy a PC or laptop for bare metal Linux. I don't know, I build, but I'm not opposed to buying. DB Tech says I buy from Go Hard Drive on eBay. Okay. Hate to be that guy, but I'm about to set up a small production virtualization cluster, looking at obvious contenders, XCP, G and Proxmox. What's the current standing on each? You know, I might do an updated video on Proxmox because I've used it more and I don't hate it, but it's very different than XCP and G. Proxmox is cool for HomeLab because it gives you so many bells and whistles. There are so many extra things because it's Debbie in under the hood. From the standpoint of business and support environments, when you're trying to create very supportable homogenized systems across your clients, that you can manage where people don't get to tinker with all the underlying infrastructure that supports it, it's easier to set up and easier to maintain an XCP and G system because if people are plugging stuff into DOM 0, they're doing it wrong. That's where XCP and G might be more restrictive. It's more appliance, but this is that whole concept of, you know, when they tell you you don't want to have a server that's harder to set up, you know, what do they call that? Like the treat them like cattle, not like pets or something like that. It's a phrase I've heard used a lot that means you can just eject. Someone asked me about this and I was on the day in the forum. I was like, yeah, you could just eject one of them out if you wanted to race and you just adopt it back into the cluster and wipe it. It doesn't matter. There's no configuration time you have to spend on it. When you join one to the pool, they're called pools, resource pools inside of XANA actually clusters, but when you do that, you use it in there and gets all the settings cumulatively sent across there. It's a very clear system. It scales very well. Proxmox, in the other hand, you can customize quite a few features on it, which means sometimes people do. So now I've had people ask you, how do I back up the hypervisor itself because there's so many config changes I made? Well, you should document those config changes. But yeah, if you if you lose one of your nodes, you're going to have to bring up that configuration on there and set it back up. So both are good. I'm partial tech CPNG because that's what we we do internally. And it's what we support with our customers, but both are good. Yeah, if you're lucky enough to have an e-waste nearby, that is a great thing. You can get really good deals on drives provided they know what they're doing. I've had good luck sometimes walking through. We used to have a couple of them around here. I don't know that we have them in more. So do you think we could just leave the UDM Pro and stick the PF cents on top? I have a video on that. It's I show how it's it can be done. It's just silly to have both of them. If you need the performance, SAS is not bad. SAS can be worth it. The controllers are often better and less cabling. If you have a backplane, yeah. Looking forward to testing the Neckate 4200 in the lab. I'm hoping it's a good upgrade option for a bunch of firewalls. Yes. Thanks. Have you been able to play with in a bit integration for their sand functionality? Oh, Linbit. I've not tested it. I just don't I don't need it that often. People ask a lot about it. And I, you know, we're shuffling a bunch of data right now. If I were to build a different back end than what I have now, I would build I usually build in SEP if I really needed it. Maybe XO Store 2 when it comes out. But I'm for the most part, I'm going to wait. It's just so easy to move things around between the different storage spots. So I don't need this. And the other problem is the real big issue. I always have any time you start talking about these hyperconverged things and SEP has this as well. And this is actually goes back to Proxmox. The number of people with we just had someone recently reached out to us with a broken Proxmox system that doesn't work properly. Why? Because a homeland person said, I can do it and then took on the task of setting up a Proxmox hyperconverged cluster with SEP all running on Proxmox. And they sold this set up to a production company who then is now firing their IT company who did this because it doesn't work right. And this is one of the things you'll learn if you put things in production versus in your lab. Your lab may not have and very likely doesn't have it all the same demands and scaling problems. For example, what happened was the hyperconverged to deal with a production workload with SEP running on the same systems that's running the production workload. If you ask and this is the people I lean on for my SEP knowledge because they are the SEP experts 45 Drives. If you called them and wanted to do that they will say, no, we will not do that. If you say, well, I'd like to get a SEP cluster. They said, our minimum supportable viable SEP cluster is four of our servers tied together and we want a 25 gig network between them. That's where we start before we'll even consider putting this in production and that's the difference because you can does not mean it will hold up to heavy workloads. There is a level of calculation needed to get all of the data synced between the systems. So if you have 10 gigs coming into your SEP cluster to service whatever the storage target is you need 25 gigs. It's kind of an authentication effect here of when I send data down and the SEP controller wants to distribute that data and actually verify the rights that the integrity is valid. That takes a lot of CPU calculation. That takes the OSDs syncing up the data across all of the SEP cluster to go, yes, we have confirmed the data is written. Thank you. Send us the next request. It's a pretty beautiful and elegant process, but it does take a lot of processor power. If you try to do that in cluster, now you have a performance bottleneck that's pretty huge. So, yeah, this is my thoughts on that. Have you heard about the Polish security researchers that hacked trains? Approved at the proofs? Yeah. We locked the train up of bogus error codes at some date. I've seen that. Not shocking. I'm going to ask I got them from my friend Jonathan and I don't know what to do about this question because Jonathan doesn't sell them. Jonathan gives them away when you go to sign up for events in person with Ninja one. So, I don't know where to I'm going to ask Jonathan if I can print his shirts and donate money to him. I don't. I'll ask him about that because a lot of people ask for that shirt. I would, and I don't want to just copy Jonathan's shirts, but I'm friends with Jonathan, who is the person who is in control of the marketing and community engagement over at Ninja one vSAN is great solution and VMware HCI but 2 by 10 is a minimum. Yes. Yeah. Proxmox itself tells you 25 gig is a minimum percept. That's well, and some people have plugged in 25 gig cards and didn't think about the rest of the problem, which is the having enough resources because it takes a lot of it takes a lot of individual processors to calculate all of this. What if those processors are also working the workload? If you run Proxmox in a hyper converge mode, when you build these clusters out cool for high availability, not good for scaling up to heavy workloads that have a lot of I.O. that has to suddenly be synced because having the bandwidth to sync is step one, having the processor power to calculate all of that syncing step two. Is Proxmox good to learn for enterprise or is the C version of ESSI better? That really depends what your goal is. Once you understand all is because I have a good understanding of hypervisors. So I'm able to pivot between them because they all have the same principles they work on. You just have to figure out where the buttons are. And when it comes to ESSI, yeah, you're definitely going to find well, as of today, a lot of ESSI inside of the corporate environments. So is your goal to apply for a job to know ESSI? You should probably get proficient at that if that's what your job's going to be. But I think it's not shocking, but I wonder what other big tech companies are doing. Look, all you got to do is look up the fight with John Deere. And I've covered this. Ah, man, probably back in 2017 we talked about John Deere on our Sunday morning Linux review podcast. I remember being probably 2016 or 2017. We brought it up numerous times because the fight with John Deere has been ongoing for years. They're another company that's just awful to their end users about things like this. So there's lots of companies doing it for sure. My company Health Care with a massive I.O. uses ESSI with the NetApp Storage Raise. I don't love having to think about iNodes though. Yeah, they're running out of them even if storage is good. A lot of carbs are dropping ESSI. The licensing is getting ridiculous. Yeah. I see what's your opinion on container orchestration systems like Kubernetes. I see it's becoming an essential on my job role. Do you think it's going to be an essential skill learning? I don't know about essential. Unless, well, how would we say this? If you work in a job where they're using Kubernetes and that's what one thinks, let's say you work for Reddit, Reddit's infrastructure is built on deployed Kubernetes systems. So if you work and have a job at Reddit, then it's important for your job. It's not something that everybody needs to know, but if you go into areas of IT where it's used, I work in IT, I have a great career and I don't have to know Kubernetes. So my niche doesn't use Kubernetes, but if you're in the niche that does, IT is extremely broad. So you have to figure out where you're going to go and then you have to have the skills to go there. So I can't really, I mean Kubernetes is very popular, there's no doubt about that, but it comes down to the, you know, where you're going to end up. You're going to end up in a tractor. And you'll see enabling jumbo frames in entire land with 10 plus cameras and NBR. No, probably not at all. The cameras generally are not bottlenecked. When you think about how many Netflix streams you can watch on your network and you don't even have, well some people do, but most people don't have, I don't have. I think my internet is only 300 down. We have like four or five people watching 4K Netflix. 4K Netflix has a higher frame rate than a lot of the cameras. And it's doing it on less than a gig. So you don't really need, you're just going to have a giant headache if you enable jumbo frames. Because I don't think the cameras are going to, the cameras may or may not have good support. Who knows what other issues, it's a good learning opportunity. I'll leave it at that. Tractor as a service. That's a way to describe John Deere. As a quote goes, am I working with a customer officer? Nothing runs like a John and nothing dies like a deer. Yeah. I came across a signed copy of Ghosts and Wires at half price books. Well, unless a stranger forged Kevin Mitnick signature. Kubernetes is essential for development companies, not essential for companies that don't do development. I would actually necessarily development because Reddit's not a development house, but Reddit runs on Kubernetes. So I believe lots of the Google systems do as well. It just kind of, if you have a large scale web application that has to be the scale that Reddit operates at, you're probably going to find some Kubernetes underneath of it. That's, it's not, it's a complicated tool because read the Reddit outage that happened earlier in 20, I think it was mid-2023. If you go through the Reddit blog though, they did a debrief on why they went down for two days. It was upgrading Kubernetes and too long didn't read, Kubernetes is hard even when you do it every day. There's some complexity that comes with running a system that reads that. This is actually something I wondered about a lot with hyper-converged solutions out there which run SAN on VMs and not bare metal. If you've ever looked at CoBite or Sim for storage versus stuff. Nope, no, stuff all the way. I don't, there's a few other companies out there, but I'm going to say what, stuff is the most well supported, documented one out there in the open source world. And I try to avoid the closed source world because it's generally, experience just how terrible a $100,000 experience. It's, you, you pay for pain with three par. I mean, this company spent some money and this thing is awful. The reason they're engaging with us is try to solve some of the awful even though they have a support contract and they're starting to use, they actually found their Synology to perform not quite as good, but pretty good and they're looking at a true ass and actual box from my system and going, how it performs it to, and this three par system sucks. We're like, yep. It kind of blows people away when they learn how bad some of these enterprise companies are and their support. I mean, you're not talking like they bought the low end. I mean, this company bought a support contract and everything. So I just avoid most of these proprietary vendors. I've always found them to be just bad. People seem to like NetApp. I haven't done anything with NetApp and I will admit NetApp might be good because people aren't good apps. So I don't know if they're good, but I can just say that people haven't been calling me about swapping out from NetApp. Maybe that means NetApp makes a decent product. Do you know if they plan to make their own P2V app? No. I don't think so at all. And I'm not sure why you're having trouble booting and it shouldn't matter what system it's on at all. I don't have any problem booting clone Zilla inside of here. So let's find I just downloaded let's see if it boots on this one because this is a completely up to date Zen server. Oh, there's clone Zilla. So we loaded we just loaded clone Zilla go to advanced here change your boot order to be DVD save console run. Let's go ahead doing it live because you asked see if clone Zilla boots. I have a feeling you will make it bigger. Does take a second. I know it sits here on a blank screen. If it's just too long on a blank screen, you go choose the fallback option. There we go. There we go. Clone Zilla. I was just cloning something the other day. We cloned some systems. So I've always had a great look with it. Every time I've tried it, it's worked and I've tried this on lots of different systems. I've tried it on right. Well, this is a rising system rising systems Intel systems. Clone Zilla as a VM simple. So I'm really not sure why you're having a problem with it. When in doubt when it first boots and we'll go ahead and do this will force a reboot. If you're having trouble with clone Zilla, try the safe mode. So if we go here, make it bigger so people can see. I think it's other modes. Yes, fail safe mode. Just go to fail safe mode and do it from there. But they're not going to write a p2v app. They don't. I don't. That's not something that they're going to spend time on. I can pretty much guarantee that. Are there any free encrypted email add-ons to send encrypted email between themselves or sending passwords stuff like that? Nope. I don't believe email is the place to do that either. Bitward and send is your friend. So the reasons I like it. Do you think technology will overtake on-prem IT or IT infrastructure is always going to be forever? Cloud hybrid strictly on-prem. We're seeing people move away from the cloud because compute is cheap and the cloud prices keep going up. With the cloud prices constantly going up, people are going, hmm, it's a cloud the place you really should host this. Best conferences. I'm going to say that it's expensive but the connect-wise conference was good if you're learning a lot of stuff. MSP GeekCon if you're technical is awesome. Good posts from my forums. I can link to the ones I go to. Reddit or MSP is a good place to spend some time. There was a role called DevOps. There's also a growing role called SRE. Both Recovery Knowledge of Containerization Technology. Yeah. NetApp is decent but their support is good which is their popularity easy for a contract a few months ago. Cool. So let me actually force shut this down because I'll forget about it. Fix the boot order. Save. I brought a lot of X and NetApp Drives used took time to reformat them because of the 520K sectors but they are unreliable for the last 12 months. Cool. I worked on a lot of enterprise-grade infrastructure. NetApp is fountable underrated I've been around a long time. The Dell server is Windows and set to UEFI boot. You can use Windows I have another video somewhere but you can Google this Windows makes a P2P tool. They make their own. It's supposed to get you over to Hyper-V but as long as you choose VHD not VHDX I know I've done that video somewhere but if you Google Microsoft has a tool to convert Windows or hopefully you have something you're backing up with you should have a backup tool that you can restore with. For example Veeam will do it. You can use Veeam you can use MSP360 I don't know Synology. There's an example I like Synology backups you can take a Synology backup of a system like that and then restore it on XCPNG I've done that before. My friend used to call his pure storage server pure pain in the ass that was he always disliked it I never really asked why he just said he had to talk to them too much to get little things done because they don't expose things for him to control he had a constant complaint about that but very restricted with expensive licensing and everything every change required him to talk to them that was what he said I only have one person that I know using pure storage and they got rid of it later so I guess he didn't like it other big names out there and good enterprise as well a lot of Veeam Veeam have looked at pure storage and Nutanix support really depends on sourcing good engineers yeah and lots of these companies are all acquisitions also interesting as well they couldn't sustain on their own and so now they're doing more and more acquisitions and wandering in there with like three parts owned by HP and yeah I don't think that's a good thing because HP HP's are products don't see if you get bought by Cisco your product development usually stops but your licensing fees go up if you get bought by HP there's just no support there's no product development and the product eventually gets forgotten about how can I get a job at MIT apply for a help desk disk to VHD yeah that's the Windows tool there we go so you can find this it's pretty pretty easy to find if you google this what's the first result and this is a Microsoft tool for doing this open Q a render software manager and you use it nope never used it and we use Rocky Linux and production for your clients nope we have not we have a lot of I think that all the Linux stuff we support at least a large piece of it's going to be Red Hat we have a particular data center that we support with a big piece of infrastructure and I believe that's 100% Red Hat it might be some CentOS in there I don't manage that side of the business I just know the people that do we have a bunch of employees that manage a whole section of the business that times it was C and WR was doing this before we merged so we have some really skilled people on staff that manage all that but it's not what I don't really do anything day to day with it look at the vulnerability scanning tools Nessus we use Nessus hi Tom first time caller long-time listener first time caller what seller range should help Desk I Treat Enfield that varies a lot if you're in California you're going to get paid a whole lot better than if you're here in Michigan I think in Michigan you might be looking at some where you're working if you're in California you can't live on 50 K a year so it's going to be a lot higher so it's going to vary with where you're working if you're working remote but I don't also I'm not a domain expert on that particular topic because I I've never let's see I applied for a job once 25 years ago I've not applied for a job since and I do hire people I've kind of avoided the actual I've not hired a stranger it's always been a friend reference a friend of a friend is as close as a stranger I've had no people well you know I take that back Joe Joe was one of my only hires that was a stranger but it was literally for working the counter and things like that Joe hasn't worked for me in like 13 years so that's along he worked in the retail store so I'm not I'm far from an expert on career advice don't think rail will be around you underestimate how big rail is and how deeply embedded rail is and things like that looking up something here too yeah like one of our clients we're just I'm looking up because I know what the client is I can't say their name I mean they're running rail they're very profitable company they did 200 over 200 something million last year they don't want any disruption they think it was that run a company don't care about the software that runs it really there that's not they want a lack of disruption so there's no likelihood that we will be swapping it all once you get to these big companies yeah I mean you're right rail is big blue it's IBM but they're not they're not going to be they're not concerned about it that's not their focus I'm a homelab user was a fascinated migrator from a single ESX editor one of the open source solutions I like a clone zilla that's my easy answer but if you have enough hardware you can stand up a XCPNG and import your VMware so XCPNG has an import for VMware we were talking about that earlier in the podcast here I'm not a podcast livestream but there is an option to import from VMware that might be the fastest path to get things done as a VMware import oh yes never under us to make IBM's ability to screw it all up you're right yeah never I mean the cost to them if we gave them a quote to swap their underlying OS it's not that it can't be done it's that why would they pay it you know if all of us have a moral issue with it that's fine they're going hey we make this much money our IT budget is this why would we switch it because you don't like Red Hat anymore they are behaving poorly they are not behaving with the faith of the GPL and I should spend this much money to appease you that's not a real impetus to get a business meeting going of you should spend money and we should spend a lot of time swapping out the underlying OS because Red Hat's stupid I mean it's some companies will do that don't get me wrong and I think Rocky Linux is a great solution just for what I day to day manage we're not it's not on our if we were pitching something new sure we're going to build something new might be on Rocky if we had to go that way I'm partial to everything being under Debian but we're not pitching anything new infrastructure wise to get that done not right now not that I've seen any of our bids change is expensive and status code pay the pay the fee cheaper than replacing yep I don't think there's any way you can use static routes and tail scale with a UDM pro I don't to maybe but I don't think there's other tutorials because I don't even know if it's possible this is one of the reasons I'm always suggesting people if you need things like fancy routing and static routes I just say get away from the unify stuff because maybe they can do it it's not going to be well documented does XC P and G still send to a 70 worry about EOL in June of 2024 nope I don't worry at all because they have their own repositories they are so it's not a concern at all they have an entire write up on it people ask that question a lot that's why they did a nice blog post on it I don't have it at the tip of my fingers but if you search you know moving from CentOS or Rocky the team at XC P and G is very on top of that I don't know how fast the edge router X is hey thanks for doing this what would you recommend for a small XC P I have one of the what is that one the write I don't look at the ones I've reviewed I've done them in the last 30 days those are inexpensive and they definitely run XC P and G just fine any backup recommendations for system old backups bare metal when I'm not using Synology I'm currently starting to find the good provider a Cronus Veeam seem to be too expensive I don't know I've only used Synology I've used Veeam we use MSP 360 but when it comes to like home user stuff I have no idea I don't know who's out there that does cheap software for that I mean a Cronus has been around a while I don't know what their licensing looks like but a Cronus makes a good product for backups we don't use it we've definitely used the Cronus imaging tools before but not anymore like years ago I used them and I always thought they always worked well so I don't really have any complaints about them yeah one of the reasons in fact it's probably worth noting this if we look up the two you know I should probably do this as just a discussion on cost yes spending a thousand dollars plus buying hard drives is going to be pricey but on the other side of that this also is a place to store the backups so it solves the problem of where do I put the backups and where do I get the license for the backups they will cover both of these issues for you with one box so and it has a lot of other features I mean this is only one feature so it's you can't just base the price on that but it's something to think about that instead of paying some recurring license you could pay no recurring license and have a place to store it at the same time so I don't know I don't know the easy answer I know my easy answer for all of my home stuff I'm using Synology to back it up because it just works it works great I don't have any problems with it log into my Synology system here we have some more at work but I only have a couple of systems here but yeah here's the systems that it's doing the backups for and it just it works wonderful this stew is my studio computer and it you can see it backed up 1217 so when I booted up the studio computer today to start this live stream no problem there's my 11 versions if I need any files off of it so if we go to restore here's all the data on there if I need to look at this there's there's probably nothing on here I don't really save much on here at all but it always gets updates system anything in downloads probably not oh yeah updated some of this I'm always updating different things on here but yeah the it just works that's why I like the Synology backup so much let's see Bates is also working on moving away from sent to us I believe it's part of the plan it's under roadmap you can also back up your Google workspace and yes I do that as well I work at a help desk at MSP there's been some discussion about billable utilization not being a good metric for determine officially was a metric for ticket resolution that works for you that's probably a good question that we'll answer on business technicalities but it's it's challenging there's no easy answer for that question there's not like this or that so there's we measure the text spent on ticket we measure response times whether or not the escalated ticket if they're level one to the escalate to level two et cetera it's a big complicated topic maybe we'll do it on business technicalities isn't 45 drives using Rocky Linux for Houston OS they use a few different ones you can I've loaded Houston on a bunch it works fine but you can run it on Rocky as well suggestions for a CPU for a Proxmox server I don't know I I don't test Proxmox so I don't know if there's as far as I know it should work with most systems so whatever processors I don't know I have a whole Ryzen build with my XCPNG I like it I'm assuming it'll work with Proxmox but I've never loaded it so I don't know thanks Tom that's true as I stated a small MSP company I might stick to Synology for all my customers missing that so Veeam there's a reason with Veeam MSP360 still a good one too both of those are good it's one of the things you can get the customers to have to cough up backups cost money do you use Synology backup in an enterprise environment we don't as a company we do as a consultant so if I'm going to put who's this is what comes down to here's a question needs to be answered first who's going to manage these backups to have them internally their internal staff team of IT people are managing the backups that was the goal from the beginning so we consulted with them and sold them a Synology so they can backup all their internal systems they manage the backups not me if you want me to manage the backups me Tom Lawrence who works at CNWR we are going to say no problem I'm not going to babysit a bunch of Synologies because they don't that's that's where the split is I don't have time to run around sticking Synologies everywhere and logging into them because Synology doesn't have a good way to do that so they don't have a good multi-tenant system maybe one day they will but they definitely don't today so managing all their backup some beams so we can tie it into our systems and integrate it works better nope I don't really use their site Acronis Cybert Cloud works good for central administration or backups and remediation yeah that's I some people seem to like it I don't know any problems with the Acronis stuff they are really a popular company I know Acronis is trying to get into all other aspects but they're obviously known for their backups that's kind of where they built their reputation but you know it works what else was I going to show here not hyper where is it at now I got to see what I can show before I pull this up on a screen so we just to show this no that doesn't give I thought I had a better it does I'm looking for a report that doesn't have a bunch of people's emails on it but either way I can at least state this if you're wondering y'all close these extra windows because this was brought up about the Synology this is a thing I do use Synology for because this is mine it's weird with the calendars once in a while this is the Synology backup for my Google so we have 140 gigs of my Google data backed up it's actually smaller than I thought but this is really nice feature Synology is being able to back up either Office 365 or your Google G Suite account what do they call Google Workspace account so I have no problem I back up all my Google Workspaces pull it all the data backed up it's been a solid system for that the only errors it seems to have is if someone attaches something to an email sometimes it has a problem with the email attachment attached to the calendar event so it won't grab something that may have been attached to the calendar invites kind of a weird it also does tell you they couldn't back up the attachment it backed up the event because you can actually restore calendars no problem with it this is not a nice feature of Synology I need to probably do an updated video maybe people are interested in what Tom's running on his Synology so yeah that's why we've been moving from TrueNAS with True Command paired with Veeam away from Synology yeah for yeah we never use Synology other than from a consulting standpoint where we're not the ones managing the backups Synology again so I guess we're just on a Synology whatever your question is Synology might be the answer but yes the I like the Synology NVRs they support a wide array of different cameras so definitely a solid I've been using we sell a lot of those they work really well they'll tail scale on PF Sense bypass the firewall rules and other rules if so what are good practices we use I have a video where I dive into that I'm not going to it's covered in my video tail scale of PF Sense so it's all it's detailed out that video is not but I break down how the firewall rules work with it there's things that work there's things that don't any experience running Synology directly server on a small domain no well I take that back someone paid us to set it up for them we wouldn't it's not what we recommended it's what they wanted so we'll do what people want sometimes they have a use case for it we wouldn't run that any of our clients almost all of our clients are running Office 365 or G Suite the problem with trying to replace a domain server with a Synology is it's not going to have all the features and then you run into some line of business application that expects an active directory connector then what do you do if you sold the client a product that won't now support their line of business app that they want later do you sell them now again and reset everything up it's not worth the risk in my opinion I would say it's a home user thing it's not something I would use in business as someone I don't know I don't know but I don't know it's so much depends on the person I've bounced around and done lots of things in my life mainly tech related some things not tech related but it depends on a person it's not something I can answer for you I mean is it possible yeah I've known people who my friend within the last eight years went from automotive factory to working for very very large cybersecurity company almost two hundred thousand dollars a year can it be done yes it doesn't depend on the person yes nope I don't care about IPv6 I can listen to all the hate and the comments on it whenever I say that but I'm really having an opinion like I can I can turn it on I can turn it off I'm fine with it off it turns out even though people will try to share statistics and go ooh don't put Tom some percentage of the internet watch everything break I feel because it's been the year of IPv6 for over 20 years now that it's going to be coming soon for 20 years that I can keep struggling my shoulders about it I've got 20 years of evidence behind me that it's more likely something else will replace IPv4 before IPv6 becomes popular the cost of dealing with replacement that just don't have the features most of the time yep I understand that nostalgia is meant for business but I wish there were more server options dual replaceable power supplies more nick options they have those they I've reviewed those models so I I'm not sure if you're unaware of them I'm matter of fact if you look at the one I'm using this is a rack station and if you go to there I've reviewed a few of these but hey look dual hot swap power supplies so I understand that nostalgia is meant for business but I wish they had more server options so I don't they do have them you don't care until Crossec Blacklist the content network behind you yeah nostalgia server the SA32 34 3600 yep those ones as well they got some good products for this recently I've got there on my channel if you just type in rack station on my channel you'll find them I don't think that hinders it all honestly it's been much less of an issue they've expanded what drives are on that list and they're they're actually a good set of drives so it makes home users unhappy but most of the business users they roll it in as total cost of ownership because when you get the drives with Synology they come with five-year warranties so you're gonna have more than just the Synology drives now and they just roll it in and we've sold a few of these with the Synology drives in them it's all just part of the five-year total cost of ownership is going to be this here's your quote and then we sell them yeah I'm one of the things I'm puzzled by with Synology is just how stupidly stable they made the product it's actually kind of weird the number of failures we've had out in the field with Synology is absolutely incredibly low like shockingly low and yeah I got no complaints like they're able to do it it's just awesome well it's not just their prices you know when they first released them yeah there was a big price discrepancy now there's not and some people even look at it an advantage going oh cool I can just contact Synology they make the product they sold me the drive and Synology's not actually making the drives they're certifying and labeling their drives from other companies so you get this kind of nice all of this to get a five year warranty on the device and the drives so recent struggles migrating data and apps from 2012 production servers before end of year everyone does every client that put the job off until now is struggling with it I hate all printers I have no opinions I have no positive things to say about any printer company part of the Synology's stability is restricting third-party hardware it probably doesn't hurt especially because the hard drive I understand from a storage standpoint why is because if you have companies that are doing shenanigans on a performance or drives and being inconsistent how do you build a NASA and guarantee consistent performance so that being said there's no doubt in my mind that Synology doing this is just a response to you know partnering with certain companies that aren't going to do shenanigans yeah WD there's a lot of companies that are doing shenanigans it's a it's a challenge I do I haven't seen a Kioser printer in a while I don't look I don't you know I don't really look at printers so I can't say I don't know what the market saturation looks like for anyone particular printer I do have a brother printer and it works well my wife has a brother printer and it works I don't print things I print almost nothing you know if you could look around looking in a form because sometimes this is annoying sometimes I can't DocuSign something it's the only time I ever got a print I just had to do an update from our 401k plan they don't have DocuSign I don't know why it's freaking 2023 and the firm that does the 401k plan required me to print in sign because they don't do DocuSign so I've had to print a couple times this I'm not going to find hotspot power supplies in home user products the engineering cost that takes to build the system is going to drive the price then the home users don't want to buy it but there's nothing stopping the home user from buying the dual power supply one so I there's you know home users can buy these matter of fact I mean technically this is this is in my studio my studio is at my home so that makes me a home user of the Synology I like this box this box has been great I've had it for a few years now I think I've had it for three years but it it does everything I wanted to do it's an it's just a silly little AMD Ryzen V1500 it's really not a fast one but it's also not drawn much power and it's not giving me any headaches I printed with my 3D printer then then printer like the 3D printer gets way more use than the paper printer print science scan then email seems to be the rare condition I need a printer yeah it's the only time my wife actually because she works in finance she has to print a bunch of garbage so she uses it all the time but that's the nature of her job and if they can't figure out how to send us something encrypted as in they being the previous IT company will work with them to figure out something we're using mimecast so we have the ability to send secure emails to your mimecast we can also recommend they use bitward and send to send us things but usually when we're getting the passwords handed off sometimes it's just we're gonna roll them anyways I'm not even dealing with really amateur inexperienced IT people we're like just however you want to get it to us send it in signal send it in some format you know if you have to worst case but not recommended we're gonna roll all the passwords read them to us over the phone if they need to but most of the time when we're taking over we find a lack of passwords which is pretty common it's so much stuff ends up getting reset because the other IT people vanished so we have to dig around and see what they left behind maybe a book and like one of them we took over their book was so wrong so many like just bad information IP addresses it didn't match servers that I don't know where these imagined servers were but they didn't line up with the company yeah just send me some smoke signals put them in little you can do binary smoke signals right how many how many bits per second is a smoke signal not a lot I can tell you that yeah if at least you're getting passwords that's that's the truth here yeah it's always if we're getting passwords you know however we I don't know we off-ported the client recently we gave them gave them their passwords so which is funny they haven't opened them yet we we do a fire a client once in a while I've talked about that before sometimes you just gotta make these people go away like we don't want you you have too many problems bye bye smoke signals there you go thanks for all the info it helps a couple of projects I'm working on is directly related to the channel so this live stream is going on for an hour and 49 minutes the problem is I've wandered around with my colleagues what I'm going to do and I'm trying to find a company that does this well is I have a list of them to try I'm trying to find a company that will index my videos and redo the time stamps on there and it's it's kind of cool there's some AI tools for this this is one of them that I'm testing next because the other one didn't work out so well which is called Taja how and so this is one of the things I'm going to be testing a lot of people have asked me to do better summaries of the videos this is if you want to know where that sponsorship money I take goes besides buying gear these all have costs associated with them but it seems this one seems pretty cool this is another one I'm looking at but it is my goal I'm starting to work on ways I can level up the channel and add some more context to it these are if someone knows a good tool to build because the problem I have is some of the ones that have been recommended so far haven't worked and it's been kind of a pain to try to find one that works properly I know most of you are probably not in a YouTube space like I am but it's this is on my to do list is to have more data indexed have all the transcripts done and eventually I'm building I'm going to build a whole large language model trained on all my videos and all my forums you can ask it questions and get responses that's my bigger goal where I can now create another version of me based on 1800 videos that I've produced and then see how it answers questions that's how you document things you start changing the passwords and see what breaks it's unfortunately sometimes the way you have to do it trick question should you have the passwords or should they be secured historically look if the outgoing IT company yeah there's all kinds of problems that you know when companies lose you know databases not having the passwords for it and things like that yep and another year those ATLs work better oh they work good now I am blown away with some of the testing I've done I'm just trying to find one of the problems I have is they don't like to do live streams so that one's got me puzzled they won't take a live stream after it's over and do it well these are the ones I have to do because I think they have that option that's these are the fun things I have to explore to try and figure out which ones do or do not allow that I use a lot of AI stuff because it just makes my life easier for automation so that's going to be that's when some of my focus is how to automate my work flows even better and optimize this is the same thing I do with any systems you try to come up with the most efficient way to do it the most optimized and automated with my channel is how can I dump my videos right into these systems do better summaries index all the data create really nice summary of all the information with time indexes then link all that into my forums so you have if you don't want to watch the video like this one for an hour and 52 minutes in there but maybe something was interesting to you you could jump right through and go hey I'm looking for the talk on this topic if I can have that system pull all the other videos I referenced that would be amazing okay index my site and as I ask for these videos as a topic find it and respond and throw it in here at the at the different time stamps well I don't know maybe so the your question is with the little Lenovo think pad Wi-Fi networking I think Wendell mentioned this before I don't do much hardware like that I don't spend much time loading I usually look at the systems compatible ahead of time but I think it was Wendell that mentioned that the Lenovo and I don't know for this all of them one of the problems was if you tried swapping the card the system would tell you as a misconfiguration because that card was not the one that shipped with it I don't know if they're still doing that but that was a problem that was mentioned a couple times by people where Lenovo started restricting your system I don't have an answer for that that's a forum search because this is one of the things I look up before I buy the laptops is does it have the Intel Wi-Fi card is the Wi-Fi card they ship in this device supported those are the questions I asked prior to starting with the system that way I have you know I'm like okay I know that this works yeah Intel for Wi-Fi that's one of my things I avoid real tech and media tech I look for Intel chips you know I even have many PCs I've reviewed is first things first let's see what chips are in these because they're not gonna run they're not even worth my time to try to load stuff on there if they don't have supported chips in them like people ask hey will this make a good firewall I'm like does it have Intel chips in there because if you buy something that has you know Broadcom or real tech chips you're probably not gonna have the experience you were hoping for but with that I have a few things I want to test and I might chill out I might I want to read a book today too I just need to chill out today so yeah even if you're using any of the PF sense always recommends the Intel chips so thanks everyone for joining it's been awesome talking everyone my voice is starting to get a little hoarse between all the people I had over yesterday at the party and all the fun just to for a wander off just that person gets their answer there's lists on the web a bunch who even has lists of like I think a bunch who still maintains some list of recommended laptops that work fine with their stuff so that is definitely it's like it's generally speaking before I buy a laptop I go look up the compatibility I search like that laptop model with Linux to make sure it's supported or you can go right to system laptop because they specialize in that so there's an option but thanks everyone for hanging out and I'll see you next time I am I'm going to go chill out for my voice I don't want to lose my voice I need it for tomorrow maybe it's a good time to read a book it's a nice rainy quiet day alright later