 welcome to vlog there's a number three hundred and twenty two and I'm updating something over here good news is it's not affecting me I'm updating my uh stream deck apparently has an update all right let's get rolling on this right away is I uh gonna be a little bit shorter I don't know if I have the I don't well I have some time I don't have all the time to do all the things over a long time I've been in Chicago the last couple days that's been fun hanging out with some CompTIA people we'll be talking about that momentary oops momentarily great they're glad there's an undo button there we go I was getting all my notes lined up and accidentally hit delete and select all delete you know why not just delete all the notes let's start though and I'm gonna get back on the thing I keep saying I'm gonna do is be organized the first organization is where I'm going to be now I didn't really announce it's gonna be a CompTIA because it's not like a public event but what is a cool event that I'm going to be at and I'm gonna pull the website up because I'm gonna do a little promo video for it because this is completely not sponsored it's me going to be there me just going to have fun and thinking this is something that my audience would really like as well and that's going to be MSP GeekCon so I will be there I'll have a little bit more and you can find other people like John Hammond who has done a promo video on it so there's it's definitely an interesting event 65 days away and it's for people who are wanting to geek out so the MSP GeekCon if you are in the IT services especially the managed services space you can join MSP Geek for free MSP Geek is a nonprofit organization and they are doing an event to level people up so I've been you know letting people know about it people that might be interested it's just a cool event and I think I seen this this morning and we're doing this live in real time if we go to Reddit our MSP and I'll throw you a link here I think did I see that my friends at Huntress are doing something what did they hit post right here so all right Huntress likes educating the community too and I'll throw that out there I'll throw a link there's actually a Reddit post and Reddit RMSP about Huntress sponsoring some passes for this so I mean it does have a cost because as I've learned from the people there's a lot of money it takes to make these big events happen and I see someone said it's too far we do have I believe at least one person coming from the Netherlands so yeah it's it is you know I'm just saying if you're interested in an event like that obviously if you're in Florida it's a really short trip if you're in the United States it's a reasonably short trip if you're a far far away well maybe maybe there will be a European or Australian or New Zealand version of this at some point but here we are and I just thought I mentioned it for those wondering where I will be at any given time if you want to meet me at some places so that's that in I want to jump into the questions because I got some good questions for people I like this format where people more people are reaching out and doing questions it's kind of fun I like the engagement from it so people can be a little bit more in depth when they're asking these questions and you know I should figure exactly how I should handle it like do I display these questions is it read along or is you just fine for me to stare at the screen or read them and some of them are kind of interesting because like this first question this comes up a lot and I haven't done a video on it because it's the answer is null so to speak it's the question about how do you want to do authentication and people are looking for the Linux version of Active Directory and it's not that it doesn't exist it's not that you can't use things like LDAP it's just not Active Directory it doesn't tie in as well so despite my well it doesn't change my love for open source it's just not it's not like central user management is a key Linux based feature so to speak so there's a little bit of you know trickiness there's ways to do it I mean there's ways to do it but there's nothing so to speak that's as well adopted because it comes down to adoption and integration into product so yeah sure we can manage some Linux users but it's usually from the business standpoint a much deeper question of how are we going to tie all these things together so in short the answer that question is SSO through octa is kind of a pretty popular product because of this because it glue a lot of different things together so when you get into the enterprise space you're gonna see a lot of octa AD being the dominant king and just lots of things even the Linux things tie to AD and because so many companies tie to AD and different SSOs related to it that's just gonna be another spot where you'll see a lot of it there's not like this you know thing you're overlooking you're probably wondering well why isn't free radius use more LDAP or some of the other ones out there and none of them are just is integrated and supported you may be able to have support for your project or maybe you build support for your project but when it comes to that there's not any like here's the answer it's kind of unfortunate but just the enterprise it's the same reason the enterprise world especially the enterprise desktop space is not occupied by Linux right now and probably won't be in the near future it's gonna be a while before the Linux support if it ever happens so yeah there's there's not there's not the best easy to integrate director service option but that comes up all the time so maybe it's something I'll do a video about just to kind of have a pointer and be like here here's what you end up seeing in the marketplace here's kind of the why and why I also don't think there's gonna be a replacement soon for it and I think it's because some of the home users to kind of go well I just want to manage the users at home and you can do that something like a Synology does have some integrations be able to do it without having to spend the licensing fees on Microsoft but there's not really that level in the enterprise market now they I know Synology is getting into the identity market and they want to expand that product and it does some AD emulation I really haven't tested to tell you how good it actually is but it's a good question maybe if there's enough interest and I'll make a make that as a video topic as well the next question was I thought kind of funny with your love for Linux why didn't you pursue a career in Linux admin and they said it was it more fun to just repair TVs and struggle with all the fun to be your boss well while I was repairing TVs so this is 2005 and 2006 I owned a TV repair business with a partner which later I switched to having the TV repair business which I subsequently got rid of in 2009 we were repairing TVs all the way up until the price on TVs became extremely low and they weren't we're fixing but the biggest thing is the reason I did that I still I was actually doing a lot of Linux admin back then I was doing mail server admin and there was a big forums that I used to help manage all the servers for so I was doing Linux admin then so it's I did these things adjacent to each other I was not one thing and I also started my business in 2003 I started my business because when I worked in corporate everything going wrong in corporate and that job falling apart because the company went into bankruptcy I just decided why not just run a business myself which I you know sometimes I do things not because they're easy but because I thought they'd be easy so 20 years later I said I still managed to have a business because I didn't really have a plan B after I started the business so yeah it's yeah I don't really have like I did Linux admin I like being an independent contractor to kind of work for me more than anything else because I'm a very self-motivated person and have a lot of connections that I've always curated and continue to curate and expand my connection so I've always had people wanting to hire me for things on the other side of the coin is if I would have went to corporate I would have made a lot more money than I make even though I do well with my business corporate pays really really well but it wouldn't be what I'm happy about I like the diversity of problems that I encounter and diversity of challenges that I get to solve so those are that's what kind of keeps me going on all of that so that's kind of my answer for that one this one I don't really understand I don't do you have any experience troubleshooting clients with duplicate IDs from misconfiguration or malicious use of captive portals no I can't say I mean I can't say we've never done it it's just not a daily task I mean if someone's trying to clone someone's MAC address on a captive portal that's a tricky one there's not an easy answer for that there's not like you know if someone clones that you have to figure out which ones which and start sorting it out I think that's what they're asking but I'm not sure it's not it's not that common of a problem it this is one of those things that especially home users complete is looking at some of these obscure ways you can do things and reading about it from a security reach or standpoint but from a reality standpoint it's a lesser used type of thing it's maybe in you know if you are a very high value target you're gonna really want to lock things down you're gonna want to authenticate with more than a MAC address of course and you're gonna validate people at a very high level but for the average business even some of the larger companies that's not something that's always gonna be the case it really comes down to which what is your risk tolerance because it's it's the question people come up with about the there's so many things you can do to high levels of security but it's about budgets and everything else because that becomes it's like the locking every Mac down to every port can you yeah but does that always work any enterprise if they have an IT team with the budget for it that's where things can be very very different is what or not they have the budget for it even you know my friends place they fairly large IT operation they had to get a new CISO because they were only spending like 35 million a year in IT and they said that's way under budget they bumped it up to 60 million the next year and they still think they're under budget on it so that becomes you know the question of can that how much further they can they push it he was able to get 60 million into the budget now and is that enough for the size of enterprise they are that's a tricky negotiation and if they're not doing Mac vlan locking by the way if they were the budget would be higher because they manage so many devices so that's this is yeah it's one of those things that we know a lot of ways to secure things it's just a matter of manageability of those you know because there's there's the argument not to use certain tools or cloud-enabled tools like RMMs because they present a risk but the other side is how do you solve without those tools you throw people at I'm just gonna hire a hundred more people that all make over a hundred thousand dollars a year rather than having a tool that automates something there's options it's just about where's the affordability of those options land so that's a little rant on that one there did you thank you for all you do and awesome I'm never sure if I should say people's names that much most likely I did something wrong probably with the local DNS and yes it's always DNS we know that for faster resolution example GMO components won't load however I logged into wireless AP and around the size PSS worked fine if I when I reconnect things that didn't work appear to be working for the moment perhaps a cash timing I'm kind of missing some issues of what you changed so if you're seeing some DNS delays I don't know what you did wrong by default the DNS and PF sense works wonderful out of the box we change it back to the default settings would be my first suggestion because you didn't really say what I'm not clear and what you did to change it to try to optimize it so if you're having problems with some of the things start at default if you modify things and go from there that's a lot of the consulting sometimes it's just let's put it back at default especially when people don't know what knobs were turned to get them to where you know where they were at let's see another question came in I'll answer real quick here your video and htproxy SSL offloading works well but with traditional htdp hps but doesn't seem to play well with those use of web sockets you can Google go there's a forum post in PF census forums it's more in-depth if you need to set it up with certain there are certain web sockets you can I believe you can make it work with but there's extra things you have to do to make that work so it's not that you can't do it it's probably I need to do an update a video because there's certain things it's just here's the challenge what's in scope in the video how far do I go do I cover web sockets and in how to configure let me find I'm googling it so I can throw it pull it up here I just pulled up a post just to talk about it like there's people who talk about the different things you have to do to get web sockets working in here the one that came to mind is this right up is about bit warden and about getting web sockets working in bit warden here so there's not there's definitely ways to do it you just have to figure out what the details of what needs to be connected to what and there's forum posts that can help you with that and the trick is and maybe I should do a how to Google search like what people will start doing is how to do web sockets with h.a. proxy and p.f. sense with home assistant and you may not get the right answer because it may not exist yet but if you just look for the web sockets part and then you understand what part you need you're like ah okay I need this so I can actually look at this one that's about bit warden and modify the parameters to work with my setup so the load balancing part I'm a little confused how do you what it what do you want for the load balancing that's the part I'm confused I mean look again it's your message here load balancing is a different thing than h.a. proxy h.a. proxy has to works well with traditional h.a.s. but does not play well with those web sockets at homes at h.a. proxy with web sockets pages yeah what's the load balancing part you're asking about that's what I'm I'm not clear on that so hello to the land down under Alexa Alexa Alexa I keep want to say LXC like LXC containers what is your recommendation for a firewall with sim for raspberry pi none I don't have any firewall with sim suggestions for raspberry pi and it wouldn't be fast enough to run them so I'm not aware of anything that exists in that space there if there is something I'm just unaware of it but the sim the sim part is actually intense and I don't think in a little arm processors going to be able to I mean do can do it could you get seracada or something working on a raspberry pi yes but at what traffic rate it would be the question you help me with an issue related pss web felt web filtering you know though it's directly not related to your expertise I have a whole video on it of why we don't do web filtering I have a video titled web filtering where I dive into that as a topic I'm experiencing some problems wondering if you could provide any assistance if you have any issues with pss yeah web filtering when it's installed with start I we don't do web filtering on pss because it sucks whole video about it or so yeah a little balancing would be ht proxy balancing between multiple stream servers for cpu intensive applications yeah but I try to figure out how it applies to home assistant because that I know of home assistant doesn't have a high availability where you can balance it between two home assistant servers maybe I'm wrong me there's a configuration that can be done but I don't yeah I don't understand the load bail I don't know what I would do to the challenge with like how you would load balance something is you have to have a back-end server that supports it as well like that it's not just an ht proxy problem it is a you know how you have to have the servers configured so they're able to provide that it's the same question I think I should have techno Tim on because me and him talked about this before I can't remember if he's got a video on it but it's a frequent request he gets he said he's a developer techno Tim does work in the industry but there's always those questions that people ask and I he gets a lot of people ask this channel like oh so Kubernetes will magically or Docker will magically either one of these will magically make these applications fault tolerant and HA but the reality is it doesn't work like that because the application has to have awareness it's not just about sending requests to more than one place you have to have a system that can handle it now if you're serving up static web pages and I know server a can only handle X number of load per minute X number requests per minute I can split them and say all right I'm gonna get to X per minute and my server can only handle one X per minute so I will load balance between by really simple explanation here by sending half the request to every other server that's great for static web pages what about when there's rights what about when there's data that has to be same now you get a different architectural problem that you have to really take into consideration when you do this that you have to have something that can actually take both of these and process them and that is where the servers have to be not individual servers because if one accepts data that data won't match on the other one now this is where the databases on the back end there's ways to solve this problem but it's an architectural design problem so thoughts on cost effective possibly open source solution for third party patching never used them never found one that worked well so we use Ninja for patching Ninja RMM that's there's a reason we do it there's no way for us to patch all those systems otherwise so there's yeah I don't know I mean maybe there's something out there the problem is there there's been projects in the past like the open source project years ago like the WSUS offline updater I always thought that was a cool project back in the bandwidth limited days and it was awesome but you know keeping packages like that maintained is very tricky and they need a business behind it because patching is a business problem because the open source world solves it if you're just running Linux servers Linux servers patch great unattended upgrades is amazing so yeah I don't know of any cost effect there's a reason we use the products we do we haven't I've never seen anything that would compel me or amaze me in the open source space for patching because you're trying to patch close our system usually like Windows with your mention with your mention DNS do you have a quotable opinion regarding Sony lawsuit in Germany that is that too much of a rabbit hole to go down I don't I made a short video on it so I mean I clearly explained it in the video I don't know what else you're asking for so it's Sony Sony is trying to break DNS because they don't want certain sites that they feel violate their intellectual property to resolve so their idea is to shut up a DNS company I yeah I'm not a legal expert but my answer was fSony and that video so screw you Sony there's my quote if you're looking for one Sony is behaving poorly that's not news Sony behaves poorly so ridiculous to boy UDM pro with SMB deployment is a PF sentient why would I put a UDM with the PF sense it's either or not both the controller needs to run somewhere put it on a cloud key or put it in the cloud for most of it if it's a managed client we put it in our cloud our controller for Unify if it's an unmanaged client will sell my cloud key and I mean some why take that back some clients do have their own infrastructure or maybe they want to purchase some space from the node you can run a $10 a month linoad instance to run your Unify controller so that some companies opt to go that way as well it kind of depends on the company cloud keys aren't easy sell because it's a one time purchase you know roughly $200 so I believe so so who has some security issues a while back yeah so who's had a I think they've had a couple CVEs I mean they patch this form but everything it's about patching as we mentioned earlier so keep if you have any of these things and you plan to make them public facing please make sure you have a plan by which to patch them that's the biggest thing what's your take on ZFS Linux versus TrueNAS manageability it it comes down to the project and the manageability of the project who am I handing it off to am I handing it off to people that can manage ZFS on Linux or am I handed off someone that's better suited to manage an appliance TrueNAS is a solid appliance approach to it that doesn't require as much Linux knowledge doesn't I would should say more specifically doesn't require a lot of command line knowledge for configuring things so you know I've met some people over time we helped out this college and one of the problems is they don't really really just he was sharp I really liked the guy but he also put himself in a hole he built as this small college needed infrastructure over the years he built it all custom with all custom Linux scripts and he did a nice job then they kept having trouble hiring people because it's hard to hire people that also knew that level of knowledge in a college when they found them couldn't afford the people who had the level of knowledge of building everything like this if you're a good Linux admin you make a lot of money if you are a level one tech TrueNAS is awesome to be able to say go here's I carry day set here's how you share a data set oh wait I don't have to go into the Samba configuration and configure parameters what's the Samba configuration all depends on what level of tech you want to throw at it that's actually might take out a lot of you know the people who say build your own firewall I'm like you can absolutely who's going to manage it is what it comes down to let's see how does one put in a cloud I've got a video on how to set up the controller on Linux follow my video called how to install a unified controller I did like a month or two ago I walk you through the process I'm gonna do a more in-depth video including the DNS part but you just point DNS at the IP address but I'll do a more in-depth video on that coming soon top five open source software for an MSP who I like that I like the click baby title for that I don't know probably gonna be like that we use it's gonna be PF sense it's gonna be true NAS and it's gonna be XC PNG those are the three sorry I'm gonna cut you down the three here because ones that you'll see a lot of usage it's not that there's not other tools that might be used bit warden there we have four we get you to four so bit warden XC PNG true NAS and PF sense yeah those are the big ones that I would say are relatively there may be some other tool you have to solve a niche problem but it's not gonna be as prevalent in the MSP space I assumed you were bringing it up from the video to be honest I figured you watched a video it said too long let me see if I can get time to condense it to one sentence do you think the implementing ideas and IPs the farewells viable solution my answer is no yes but I can't say their name they hire through a third party you apply for enterprise IT jobs they use headhunting companies essentially or however that works I don't know that I don't know that process very well open SSH yeah I mean you could say that open SSH is used in the MSP market I I was thinking tools that people that are bigger like component level at some point you could you could say lots of open source things are used but yeah before I answered I see a few more questions came in but I wanted to answer one of them real quick here that what I was doing at CompTIA yeah gray log is good but I would not say it's all over the place the MSP space it's still that's still niche gray logs a great tool but it's kind of still a niche tool by comparison BSD TCP stack yeah that's all over the place too but I was just at CompTIA and I wanted to mention this before you get too far down the road here Marty 30 minutes in the reason I was at CompTIA was not to talk about network plus or security plus but to talk about some of the bigger things that are going on at CompTIA and why I joined I may do a dedicated video on this but the short version is I many of you may know or may have comments on as I did CompTIA's position that they are greatly wrong about and then changed by the way which was the right to repair things but why does that happen is the real question and how do you bring about change for things like that and how do you get involved it turns out easier than you think I'm now on several committees for the CompTIA stuff I have my badge floating around here somewhere I was going to hold it up but I forgot but I got involved a lot more than CompTIA because instead of trying to complain about things from the outside I went from there to with many of my friends help that are there in a lot of smart people that I know joined them to work inside of CompTIA to be on boards and committees and help state shape and steer how CompTIA looks at policies and those policies and how they may affect the greater IT industry now I'm not specifically at all involved in things like CompTIA's certification programs that's not my field of expertise I'm not a certified person I think those are great and there's other smart people working on that but it's some of the overall influences they have on things if you want to look it up like trust mark and how they will be going forward and working as a community to help shape a lot of things that are coming down the pipe for the IT and MSP business especially here in the United States because undoubtedly at some point regulation may come and CompTIA is probably the best prepared body to help deal with that regulation and perhaps act in best faith of the industry provided that they are staffed well and have a good concise amount of volunteers that are willing to help and understand that work in the industry of what's missing what we need and how do we improve it so I may do a video on that there's an interest leave comments on that of what we did at CompTIA in some of that because there's things we can't talk about because it's you know there are certain levels of this is some stuff we're working on we just can't it'll be all public when it's released nothing secret or shady it's just like you don't want to talk about something that isn't out yet because you don't know how it's going to shape until the policies actually out so we have some things that we're like all working on and then we can finally okay now we've done that way we don't throw anyone like oh we thought we were doing this but we did this over here so nonetheless that's some stuff I did there but there's more interest in that later let me know the you know I'll bring out like my friend Jason Slagle and Matt Lee who were there with me and we can kind of do a recap of some of the things we did and regards the policy security controls it's a lot of interesting discussion about this so you're deploying your first TrueNAS scale box this weekend have watched most of your content on TrueNAS and the last minute gotcha is often overlooked you may have covered in your videos not really last minute gotchas on there I would say though you probably the one of the things that people come up with is like do I need it seems like I have to have a slog device SLOG you probably don't that's pretty specific on workloads and you're probably safe to turn sync rates off if you need better performance that's not a big deal so there's nothing about gotchas I may do an updated video because it's just a couple of things that you can probably turn off and for home users it's just not needed even a lot of businesses don't need it either so nope I don't apply scrum I don't do those frameworks are you and Camtia because you are going to talk about PF Sense Plus no Camtia does like putting the plus at the end of things network plus and security plus and things like that you are you're right I'll see pull up these questions real quick what do we got here actually I'm gonna do it this way all right when you consult the next CPNG installs how often is high availability networking component of the project and how do you accomplish it high availability networking is something that a lot of people ask for but it comes comes down to you have a couple switches if you look up how to set up a high availability switch where you have multiple network ports across multiple switches it's something that absolutely can be done it does unless it's an enterprise grade setup it doesn't come up that often and I think me and Steve talked about this on last vlog Thursday it's like the people who were upset that I didn't have redundant links on my XC PNG servers and I'm like if we go through the tickets if we go through the tickets that come in for XC PNG do you know how rare I'm not saying zero but how rare a switch failure is the problem a cable failure is the problem even power supplies they just watch my last vlog we dove into some of the statistics like hardware problems are a one percent problem now if not less they're just with with one minor exception uh as small as it is once you start slicing out what that one percent of those hardware problems are you'll find hard drives or 80 percent of them so hard drives are still an issue but the rest of the stuff is just so stinking reliable that it's not something that comes up on or needed in every setup I mean as much as people like to hate on unify switches for the volume of switches I think we have a less than one percent failure rate on switches like we've are made of just a couple of switches and we just install tons of these so even with unify but go back over to some of your enterprise like a Cisco 10 gig or some of that top of rack stuff the stuff is you know it's on ebay because it's all pulled out after like it's been turned for the last eight years and it still works fine uh so it's not as big of a not as big of a problem uh let's see what do you think uh that next APF sense can do to improve its position in 2023 firewall landscape has changed features aren't available on pf I don't know why people um well here's if you want to look at the feature landscape it's um figure out how how many features 40 net has and how they baked them all into the firewall and ask if it's a good idea um ask all the companies that got pwned to have 40 nets if it's a great idea to bake all those features in especially with poor code quality 40 net's been in news a lot and it's hard they try stuff a lot of stuff in that firewall and uh it gets broken a lot so I don't see it as a problem I think the next generation firewall is going to save you is way oversold um it's I don't know not really um not I'm not I'm not really buying it as a problem so yeah I got another question here we'll answer I'm trying to answer all the questions we have a lot of questions today uh when you update when you update your unify switch you just turn off all your VMs and accept the downtime yeah yeah I can live with um I think when I updated my 25 gig switch the downtime was three minutes so yeah I had three minutes of downtime won't uh if you have a company that can't have three minutes of downtime then you should go with something more redundant that's if you have a company that can accept three minutes maybe we'll say ten you gotta have a window in case it takes a longer but if you need ten minutes and if your company can't survive with ten minutes of downtime that is a thing you need to know it's so a lot of companies can't I get it so you put in a redundancy level for that that's all uh let's see I don't understand this question oh would you cover why users want to download an image versus installing an ISO Cali has both ISO images but I don't understand why you want one or the other uh I'm not exactly not exactly sure I when I install Cali with an ISO so I'm not I don't understand your question I guess I just don't do a VM import myself I don't know what the advantage would be so I'm confused on your question there because I uh I usually just download the ISO that's uh for things at an IoT device solely accessible by its own wireless SSID uh it can't join on my own Wi-Fi network can I plug in compatible say on pfSense in a route bridge private SSD maybe um you can do that you you have to there's a very limited number of uh Wi-Fi compatible it's listed in pfSense's documentation what Wi-Fi devices are compatible I've done a video on that I believe so yes you could create a one-off IoT device network via your pfSense provided you got one of the cards that pfSense supports for it so it's not just a yes answer it's yes but make sure you get the card that support it on there what's what else are we getting here uh why are permissions so difficult to get right in TrueNAS core I applied ACL one data set in pool now Windows 10 credentials whenever access other data sets within a pool um they're easy if you use active directory so I'm gonna do a video on it because that's what you do in the business world um for home users I don't find them difficult but people well I take that back if you've not done ACLs they may have a higher bar than you expect for challenge by the way the same people who often have problems with TrueNAS ACLs probably haven't done them in Windows where they also will have problems with ACLs so yes um stop picking on 48 yeah no 48's picking on themselves 48 hardcodes passwords their CVEs are all over the place because they have so many hardcoded credentials backdoors they installed in the VPN it just yeah it's just a mess 48's kind of got a bad rep for their own their their own fault have you looked at net foundries open z ziddy cloud nope I have not uh why are permissions so difficult answer that one uh until 2018 I've been working in Cisco environment we're watching your video on pf sense it's probably about a functional pf sense for I for free yes pf sense is like highly highly featured um there's not it's amazing what you get and what you can do on a pf sense and to think it's a project you can download and load yourself I mean you can even get into the bgp stuff and everything else oh let's see images flash sd card isoab install media typically yeah maybe that's I always just download iso says everything I do is virtual so how do you prevent a ransomware attack well prevention is the wrong word you're not stopping the attack you have a mitigation and a plan with Synology I uh I've got a video called I think I use the word ransomware and it Synology snapshots and ransomware but if you find my video on Synology snapshots you can use snapshots so if your data becomes goofed up from human error or uh malicious humans or malicious bots whoever whoever goofs up the data a malicious spot a malicious people malicious people telling the bot to do it or just good old human error the Synology snapshots are the solution to your woes there they are not going to prevent ransomware they're going to give you a methodology to do recovery uh update auto and i oh that's so auto updates enabled by default neat that's going to be fun for people who didn't know that uh the best is when you have to unify switches docks all the others offline they get stuck and fail to adopt and you have to try the opposite cycle everything oh yeah I I always make sure I update them and you know you uh you do them in order when you update them there's a method to this so let me pull up this is my lab I think I have my lab here we'll throw the lab up here but yeah the the first switch um you don't update this switch here be while you're updating this switch you know you can you can work backwards is one easy way to do it so maybe I'll update the one the last one on the chain then I'll update these and then I'll update these but you don't just update them all at once if there if there's dependencies on these now if this was feeding all the other ones I could do all the other ones simultaneously or just do this one and then click update to this one you just got to think about it and be conscious of your strategy for uh doing the switches uh looking for a good solution to access work or not remotely on a budget uh next year 11 100 bad idea or the 2100 um I mean the 2100 is good early start much today yeah a little bit I mean I have somewhere to go today in about an hour so I figured if I start early I can still go longer well less than an hour I gotta leave so uh branch is back to the root because update a switch restarts and adopts the lower switches so hopefully that helps that um let's see someone did have another email in here firewall setup questions I think I probably have a video on this one you're gonna find an easy way to display these maybe I'll use pay spin security is always high in my mind what are your thoughts on setting individual rules for the items you need to use in a firewall and blocking the rest many firewalls haven't any allow rule name by default I do not see disabled are you talking about egress filtering egress filtering welcome to some more fun yes by default pf sense does allow and I'll use pf sense example but many firewalls do because unless you have the time to figure out every other port besides 443 and 53 for DNS of course DNS maybe is answered internally you can do egress filtering you will turn it on and you will discover what breaks and then you can kind of keep working from there um you just got to sit down and figure out what you need you can do egress filtering I've seen people and I think it's oversold and I'm a security person but I still think it's a little oversold for most people to turn that on do you have the time to deal with the outcome the challenges that may come with doing it it's it's not a bad idea it's a good exercise especially a learning process of what is x what's exiting your network so egress filtering is definitely something you can do I from a network engineering standpoint awesome from a I have some servers I want these locked down and I know I'm it's very predictable what these servers need to do so you restrict those down but the other thing of it is it's not the security protection you may think because when we look at things like command and control servers if you look at the modern threat landscape they're not generating random ports that they're going out they're going out the common ports they're blending in the traffic so it's it's a fun exercise but it's not necessarily the giant bolster you need to security and when you debrief this is the best thing you can do is spend a lot of time debriefing on modern you know incidents and read differ reports and just kind of talk to people about the incident and you can then later go back and you get to replay what would have solved this would a egress filter have stopped this ransomware attack oh it was a zero-day an outlook oh it was an email oh okay so I guess not you know it was something they clicked on it was a website it was a unpatched exchange server that was public facing it was an unpatched file transfer server with the admin interface explode it was a unpatched beam system with a port internally and they already had a foothold and they were just waiting for something to pivot so you have to kind of look at each of the threat models and especially the modern ones I mean the older attacks yeah maybe but the modern ones generally egress out matter of fact I seen I don't know that this was ever used I thought it was a fun these are sometimes those funds journeys into proof of concept someone had wrote a command and control server that used gmail and so if you allow gmail traffic at all which is you know traffic just going back and forth to gmail you could have a cnc server on there there's cnc stuff that works in azure it looks like azure traffic someone had stuff that was pulling things from Dropbox because a lot of people use Dropbox so unless you're going to block Dropbox but then if you use Dropbox you don't block it and sometimes if there are more advanced threat actor to look at what you're using and because so many people use Office 365 anything threat actors can do to obscure the traffic into Office 365 it doesn't really help you do much so yeah also use caution updating ap that has wireless up links yeah I'll mention too though we'll bring it up real quick whoops let me pull up the other one pull up the lab is there anything running Eric's doing something or is he his servers turned on but I want to just show share this tab instead kind of how you deal with some of the downtime that's super easy to do if we go here to advanced and maybe I'll I don't know if this is a video or not but if I hit enable maintenance mode it'll list all the VMs that are on this connection on my storage server and by doing this I just hit okay it shuts down all those VMs I update the switch and then the switch comes up and I go cool switch works I disable maintenance mode and all the VMs on that storage server start back up so there's easy ways to do some of these updates to switches where they're it's it's not much work on my part it's go here enable maintenance mode update wait till updates done disable maintenance mode have a great day it took I did this already because I was updating switches this morning it was a such a I barely called it inconvenience so uh ever have servers DDoS yeah it sucks does unify support stp why not measure unify switches and depend on stp it does I could I don't want to put two of the aggregation switches in I I'm being lazy in my rack wouldn't look as cool it would have I mean would I just have to double up on everything I don't want to I would have to put more network cards in to facilitate all that and once again I don't really it seems so unnecessary to go drop three thousand more dollars on it it or maybe not three thousand well those are about thousand a little over a thousand each plus the extra cabling and extra wiring I mean it just feels so unnecessary to do I know I could but it doesn't feel needed uh xcp and gvm desktop with the rdp x to go not so smooth like virtual boxing apc with a bunch of I don't know I don't use it that much at all I did it because I know a lot of people I use case so I did a video for it um and this sometimes is problem like I used it for a little while a while ago when I was testing something um I was using the published applications but I kept finding some laggy issues with it it's just it wasn't buttery smooth so but it was more of a x to go problem than anything else I felt um so I don't use it much egress filtering is great for the iot srv networks um when you know the things you want to reach are devian servers and your home assistant yeah I do extensive filtering on public wi-fies 8443 993 995 930 utp number of common bpm ports dns redirect and local servers are allowed yeah it just depends on whether or not you want to deal with any of the trouble that comes in it so uh do you use any type of ad blocker for your business networks yes we use zoros uh so zoros is our filtering tool and it does have some ad blocking options in there so I've done a video on it I might do another video because I did a sponsored video but I might do an unsponsored one just to kind of walk people through like the quick five minutes of it it's a paid commercial product but that's but we're paid to do this for people so downstream we're paying a company for the management tools that make it easy for us to do this and manage it with clients uh I'll you can find zor us is the company you can find the video I did on it uh why don't you like cisco devices I never said I didn't like them with some exceptions I think like the cisco business dashboard is a garbage um cisco and you cisco is going to generally in this is where cisco's marketing is all over the place which cisco are you talking about um the muraki version of cisco the cisco cisco or the cisco small business that feels more like rebranded links this which cisco are you asking about uh so each one of them is a different category of product um although they all carry the cisco badge so generally your enterprise cisco is going to have more features those features are going to come more licenses and now he's like to ask the question because I actually had a discussion on this while I was at kanthia with another it company one of they were like oh no cisco has way more features I'm like it's going into small business are you going to use those features well no I'm like okay I don't understand your argument if you don't need the extra features that is offered by cisco for this small business deployment then why do you need a cisco because they were complaining because cisco's on back order and they can't get the project done I said that's fine I'll bid on it and take it from you I we've done a lot of people where um they couldn't get product for cisco insisted on cisco and then later used us to do it with you know the unify unify substantially less money we we bid on a big project and it's insane because I felt we had a really good margin on a project and I couldn't believe how much more people wanted for the cisco it was it was incredible but cisco also cost that much more but the project is done the client is happy and everything works and they all went with unify so it's yeah there's different ways to do it oh yeah cisco firepower never used it heard lots of stories about it um the cisco dna center um I don't know um regarding bit warden is their per-seat licensing uh a dynamic or fixed process pre-negotiated number of seats they got their prices listed on their site so their prices are their prices I don't understand um the question you buy them a year ahead of time is that the question they're their pricing is public uh so I'm not going to quote their pricing I'm just going to share it there's their pricing there's their business pricing three dollars month seat per user five dollars for enterprise and what's the difference between enterprise you ask they have that listed here too um per month per user this is what we do we use the enterprise one I like it it's cheap for what you get so that's the uh hopefully answers the bit warden pricing question uh yes buying ahead of time I always pre-buy for a year so I don't um I don't know click on buy and it'll tell you I think it can be it maybe they have a monthly option I don't know I buy for a year what about last pass you mean lost pass oh there's so much more to the story um it's interesting it's messy they did they did some dumb things at last pass I did a video on it well the price is pretty much will stop I'm I mean I've seen the demos on it I know it does cool things but the pricing and things like that for it is usually goes well is it worth it some companies say yes some companies hate dealing with the Cisco um legal team I my enterprise friends always have horror stories my favorite one and I wish it could be made public like the details because the emails back and forth were terrible and funny at the same time Cisco to close a deal that was worth like millions of dollars in for one particular product for my friend's company they one component was given with perpetual licensing and they buy a lot of stuff from Cisco this is just one part of the deal and Cisco tried removing the perpetual licenses and setting renewals and they said no we get this perpetual and they said well that isn't what perpetual means is what Cisco said and they're like you can't redefine words this is I don't know if my friend's watching but like the back and forth that I'm going you can't redefine the language of perpetual we will beat you in court if you charge us for this and they go well it was perpetual two years ago but it's not perpetual now well but we bought it with perpetual it was perpetual licensing with some type of like as long as we have this hardware and a hardware wasn't ready or end of life cycle there's a little nuance to it but still perpetual like you can't just redefine terms Cisco but the legal department tried so yes uh no there are no good open source solutions and I say good I'm not saying I I'm completely aware that um squid exists I just you asked the word good so if you asked are there open source solutions for web filtering yes are there good ones no there's pretty and pretty much even the business companies that have solutions all the firewalls are using squid on the back end like the arista firewalls an example of when I've talked about on a channel before they're using squid on the back end they don't call it squid they make squid more manageable and better but squid is a uh it's a good name for it because picture trying to wrestle with a squid um and that's the feeling you'll have if you try to run squid in your environment you'll you'll find it to be a pain um it's not a great it's not a easy solution to manage and that's when you buy these commercial firewalls are using squid that's what you're doing is you're paying them to manage squid and make it all work and by the way one of the problems you're running to if you want to run full tls 1.3 you will break squid um it can't see if especially if you get to esni encrypted sni if you're running all that encrypted the only way to get squid or any filtering by the way is to unravel that and break it uh so you have to man in the middle a lot of things in a in a bad way removed all the crazy for them change all the passwords and password manager replacement yes uh we don't use crowd strike um we use something the one i don't get the impression for my industry um which is being an outside it for companies that crowd strike is the right fit for us my understanding from what i've talked to people a lot is uh they just they want to sell to big kind of enterprise companies they don't want to sell to people like me who sell to uh small businesses mine that's my understanding from uh other vendors i don't have any direct uh usage of it so i don't really know i don't i don't think it's a bad product it's a popular product in the market it's i believe comparable to set in the one which we use so d and i center clients is 80 000 for the smallest one yeah that pricing is um definitely for the big people i've heard a few people say it that the crowd strike uh pricing is not aligned with sent in the one pricing at all um but i don't know i i haven't used it so i heard this from people in the forums oddly crowd strike has never reached out to me um i've never heard from a crowd strike sales rep that's not an offer an invite that i want you to call me i'm just throwing it out there they haven't bothered me other people bother me all the time oddly not crowd strike so i don't think which makes me think they're not targeting me at this moment as a potential customer so i don't know many people in my space that use it i can't actually take that back i don't know people in my space that use it i know people that used to work in corporate that used it yeah so the um definitely uh i feel like said they're more enterprise focused um my my two favorite you know i just did a video on this is uh huntress in sent in the one great tools great people um there's some nuance always would deal with security and that's why i did a recent video on what it looks like dealing with security so hopefully that makes sense we got hit by hive last year they used s1 for containment and cleanup our it brain trust did not want to pay uh so now we have crowd strike not a fine i've heard it called clown strike by a lot of people i don't i i i think they've um there's it's just a great play on words i don't know if it's actually descriptive of the product or just the perfect um one letter switch that makes it people laugh i've definitely heard it called clown strike a lot now my confusion is i've heard it be more expensive a set in the one but then i've heard businesses go with crowd strike because it was cheaper but i i get these weird answers and i don't and i'm in the msp managed service provider space where we're generally like the middleman managing it for smaller businesses so i i think it's just they may be like a very direct approach unless the recent approach uh do you have any many switch enterprise poe tell me your customers that switch must be either really good or just uh it's never in stock we got watches on things so we buy things just to have them in stock as soon as we can get them in stock um there's a lot of people doing that so they that's why like you know the ui notify service exists to let you know when something's in stock it's just a matter of sniping it right off the site um the demand is still exceeding the inventory in some cases uh can snapshot replication going to be sent to the active backup for the microsoft uh be set up for active backup a maybe probably i think so i would say yes i don't see why not and i think that would work that would be a weird there would be a lot of data i don't know that you need it um but probably you could do it as long as you have enough space to do it so what you're if you're doing the active backup and you're pulling in the cloud m365 data or g-suite as well i don't know about why you may want to snapshot it again to have extra copies but i guess you could that way if you're worried about someone taking over your well ah if they took over your synology they're going to let your snapshots by the way so the better idea will be to back that data up to another device that would be the ideal situation where you take your data that you have all of your active backup data and then replicate that to just just replicate it to another synology using hyper backup so that would probably be um the better idea for protection i need to redo my cloudflare tunnel for home assistant recent home assistant update broke the cloudflare add-on uh going to separate i actually recommend instead of cloudflare that you get it's up to you um but if you use the integration from the company that uh is from cloudflare like the people that behind cloudflare offer a uh a relay server that you can it's like i don't know a hundred bucks a year uh it's it's worth it in my opinion what are your recommendations for vpn capable routers and firewalls pf sense and the specifically the netgate ones uh my bit warden question was triggered by my attempt to migrate off of last pass got it good and happy migration to you that's the uh yeah lots of people want to migrate off of it i don't blame them oh let's see here you're good to go with set in the one i work for a large financial issues a fantastic product yeah you know i i still like it the incident i had was a debate with their security people at set the one i had a disagreement i documented it uh thoroughly in a video that is got huntress and something the one in there um but i also state we're still using it and it's it's uh it's still a good product so oh in on my credit card hit during that time period yeah well things were down last past kick last past kits you are down so so how do i delete a virtual hard drive i don't how do you create a virtual hard drive from ass i don't understand that question maybe uh can you purge phishing emails from snell jake to backup can you purge phishing you can purge emails i imagine so i mean if you that's kind of a different problem i mean how do you want to purge them do you want to it's all i guess how do you identify i mean how are you tracking that uh so you can get them out of there i mean i don't understand the question of what you're trying to accomplish so a way to run plex outside your network that will put up any ports like you could build a plex server in cloud it's not you can spin up a linoad entrance and stick stick your plex server in there you can um you will just what you'll run into though is you go oh running a plex server on linoad has some expenses in egress fees and storage fees to get all the things i want inside of plex so yeah you can it's just a matter of um budget you know the reason people usually want to run up for home is one you can put more storage at home cheaper than the cloud and two it's very accessible even if the internet's down so if your internet goes down but you got power you're still watching plex or whatever your media player of choice is uh giving you context do you know anything about sales counts for sentin one sounds like a really good product just curious you want to know what they pay their salespeople i don't understand the question i don't know what they pay their salespeople if that's your question so i i don't know i mean good salespeople selling enterprise products make good money but i don't know uh exactly if that's what your question was about or not uh i'm gonna wind this down to give you guys about 20 more minutes before i uh run out here but the um you know i have in here and i me i don't know if i'll do a video on this or not but the uh that data i have some stuff i'm working on and i found some bugs with one of the true nast i i i don't know if i have the time to dig into this the way i want to but first i've been using graylog to make some of this look better and prettier let me find my which by the way if you haven't heard i'm not graylog sorry saying the wrong thing here um let me go back over here and share this tab instead and bring it up over here net data combined with true nast has been kind of fun to dive into uh some challenges i have and i found some weird encryption problems where i don't understand why i get good write speeds but slow read speeds um in certain circumstances and true nast scale and i'm trying to track that down i may do a video on it because when i do the video i want to demonstrate what i'm seeing and have someone smarter than me watch the video and try to explain if i'm right if i'm wrong or why it's doing what it's doing and essentially if you have and i just had to do a migration for all my video stuff because it was causing problems with my video editing i found a bug where the first time i read a file even though and yes the file is in arc the first time i read the file out of arc it goes into pinning a single cpu and giving me really really slow transfer speeds but if i read that file again the problem goes away this problem only occurs when reading and when it's encrypted and i just by default encrypt everything so i migrated my data all my videos to an unencrypted data store and the problem went away now the weird thing is the right speed is consistently great so why is it only reading even though it's in cash it has a slow read speed and i can't figure that one out um so that's been a challenge and i was using um this to do it but i just really love net data it's just it's so cool look at all this stuff you know i had some anomalies earlier and i could uh find them i could look at my elastic search database um then we let's go back because i was updating this about a couple hours ago wait when was it oh look this is when we are doing it so hey look this is tom rebooting so we got some downtime this is uh when restarted something and restarted elastics or let's dive in deeper and uh yeah there we go so now we're gonna filter that metric and let's correlate this data with everything else we can what was going on during these times and what were the loads like and everything else it's just kind of cool the way you can do this with uh and get all that data i i've done a video on this already but the product still amazes me it's still i love net data it's free uh they have an article on uh how to use this with windows and i'm gonna eventually do an updated video on how to use this windows as well so it's funny just how cool of a product that is for free this is a great open source tool that probably i should have mentioned there's your fifth one for that msp question earlier uh you're trying to get an industry care enterprise sales i mean i know enterprise sales people that make two hundred fifty three hundred thousand dollars a year so uh i don't know i guess we need way more context for you know it depends on your position and what your sales on there uh docker sun setting free team subscriptions i don't really have an opinion on that this time uh let's see tail scale broke things that's fun that's because it encrypts after it's been written to disk it does not encrypt in memory well this is what's confusing if i create a random file um and grab random files so dev random i make a five gig file that file will copy really really slow with a single threaded process copy the file second time it copies really really fast with all the all the threads but if you write to the disk it writes fast all the time and that's what's got me so confused on it so yeah uh is the installation to have standard net data install no not exactly let's pull let's that's a good question i should answer right away um let's log in and we'll we'll talk about how this works and i'm gonna i have too many tabs open there we go less tabs go to apps go to the web portal continue share this tab instead and here is it running on here now by the way you install this as an app inside of here and to the apps in true nest scale it's not available on true nest core at the moment i don't know if it will maybe it is i don't know it's too much i don't think it is someone can correct me if i'm wrong but you install the app as a docker container and uh yeah it works great you get all the you even get all the zfs data in here so i like it it's uh slick matter of fact it even has all the k8 information um you have all the things in here it just it's cool so when i'm doing any of these tests um i can do these tests and get granular data in here about what is or is not in the zfs cache and it puzzles me why it does it maybe i'll do a video just to explain more in depth and uh what are you using it's a problem in e 200 series 4 did not and the md or other than processors yes the problem exists on all processors but is exasperated on this one and this one is a and we'll pull up the dashboard here this is the real problem right here and it's someone's going to go of course this is the intel adam cpu 3758 2.2 gigahertz so definitely the adam processor is greatly affected by this so it's not that the problem is non-existent it's just so fast and the other processors it's pretty much a non-issue um so that is a uh definite issue so tool suggestion for my sequel i'm not am i i'm not a microsoft sequel person so i am i am the wrong person to ask um so that's not not a question i can easily answer but yeah it's it's just a weird weird bug that just kind of drives me a little bit crazy i could probably simulate it um by copying some files back and forth because wait i'm trying to think do i have an encrypted location anymore hmm yes i do i do have an encrypted location so i can definitely find a way to make this happen so we'll get we'll make some data move hey look i'm transferring at um a really fast rate here it doesn't zoom into these very well they scale so maybe yeah there's no easy way to display those but you can see i'm able to get really i mean three gig transfer no problem um transfer in here so it's a reasonably fast system even though it's got an adam processor in here i'm able to move the data at a relatively fast speed it's moving the data back that always uh creates the problem so let me go new folder test and now we'll test this again and this is now writing to encrypt it's gonna be a little bit slower um go back to here now i'm moving it back it's moving it back at once again almost four gigs writing so my rate speed is really fast so awesome so is it would it peek out at here zoom in enhance is that how we do it enhance gotta click the mouse properly there we go enhance so yeah we've seen it peak um four gigs so awesome definitely moving you know moving some data here copied um three files that's what these three peaks are now i mean delete the files beat i think if i do this it will go down to an incredibly so speed yep there we go now you're seeing it copying something back from encrypted now please note the lack of disc reading going on here we're not seeing disc reads it's pulling it out of cash because it's cash it got copied over there but this is what happens and news they're barely being used or it's not stretching it so here is um yeah here's two cpu's being used but the other one's not so where's it at this great wrong ones cpu where's the breakdown of each processor oh here we go yeah core utilization it used all the cores here but you notice it's not using the cores here it's using a core here's a single core cpu six is just getting hammered and my transfer speeds are abysmal i'm getting point six like it's just so slow so it's a weird problem i i mean it's easy problem to simulate um because the first test we're not done with an encrypted one but if i copy these files again and once again they're reading from cash it will bring them to me incredibly fast just a i don't know it's such a weird bug um what makes it decided only should use one cpu when clearly it should be using all the cpu's yep there's yep there's one core carrying all the work but at the same time no disk right look i mean disc reads disc reads are just nothing we're not pulling this from disk we're pulling this completely out of memory that seems bad oh weird one of my lights decided to turn off for no reason then it turned back on i don't know strange time to buy new likes so we copied them now we're going to do it one more time we're just going to copy the same files again which of course they're cached once they're cached again so delete them and paste and ram we're back up to fast speeds again we're still no disc reads but you know i'm i'm getting files copied back at like five gigs now five point five gigs mystery so uh uh vpn speed is listed on the site for decade it's not going to be fast um that's will it work yes will it be fast no so that's that's going to be your big challenge uh with that it's just not going to be fast fun stuff for sure yeah the cpu load when i'm moving it's funny because the cpu load here is a steady 17 16 percent over here the cpu load is about the same but we're moving you know up to five gigs worth the data here we're all those files copied back like immediately so such a weird bug and by the way if we go back over here to cpus while that was happening um it still peeked out this cpu a little bit so it didn't spread it evenly but there's still more of a spread than there was here i don't know maybe i'll sit down and do a bug report i wonder if it decrypts the data i think my guess is it stores it encrypted i guess that's my answer um i don't know uh what you know let me look what does he let's look with the atom supports i think it supports aes and i let's find out it is an older cpu yeah supports qat um i don't see aes on here though so it doesn't appear to have aes support maybe that's why oh until aes instructions right here i was just um overlooking it so it does it does support it in yeah i don't know maybe it's not engaging on read and that's probably what it is i think there's a bug in there but for sure to have scale people running encryption on it the thing is i'm trying to figure out if it's worth my time do i load a system up with your next core do this test load it with your next scale do the test and see if it's a core problem and a scale problem or just a scale problem and being that it's a scale problem and we're because they're pushing scale um i may do a video just because it's it was a vexing problem for me to have my video software stutter and not know why my video software was stuttering my video stuttering i kept thinking it was something to do with what i was doing it turns out my video stuttering problem went away by moving my videos to an unencrypted data set and then my videos stopped stuttering now i went and did this research before time but i assume maybe i was running into some issues this is where net data was invaluable and scratching my head and going oh wait look you know i can start breaking down these different types of transfers and figuring out what's going on in each situation i mean when you look at um this section here and you're going wait you're only getting this tiny little bit of data but when you play it back for this you're like but the system is clearly capable of substantially more data so how is it read so fast and why is it only in certain situations matter of fact some of my stuttering would go away because once you've read the file once into the video editor it had cached it and it would then the first time it would deliver it slow and then it would deliver it faster later so it was just some weird quirkiness i was running into and then if you have like i do you have a lot of project files in your video it swaps out which ones may be in cash and then sometimes you would get one of the elements coming in really slow again and you'd have a stuttering problem back in my video editing so it's um it's a lot but it's it's a fun learning exercise because it's what it really is about is understanding like how are you going to troubleshoot that problem and i want to come at the video from that point to educate people like here's all the steps so you have now the tools in your hand to be able to troubleshoot this that's the the biggest thing is because you may not have a video editing need like i do but you may have some other need that will get pushed that goes oh yeah i am having this problem i am running into a slow problem moving these files whatever those files might be i'm just really curious that this problem exists in core um like i said it clearly exists in scale i'm less clear if it i'm less clear if it exists in uh core or not all right well i have now rambled on for an hour and a half is there any last minute questions over i answered them all um because now i'm going to get back to um a couple things i got to do and might go to next meeting if it's not stored encrypted in cash yeah there's a question that i kind of want to learn from the um some smart zfs engineer like i think i have a forum post let's pull up the xc um true nas forums i posted in the true nas forum i don't think anyone replied to me i asked this question oh someone replied let's go look let's read this together this is a new post i was out of town for a couple days so um let's read this together as you can imagine our standard QA process test for function operation announced a performance testing in different use cases links encryption is very different from free bsd so several issues be resolved more improvements are coming in scale later this year uh with my confidence there's also viability qlc rate speeds the timing size different cash we try to use higher performances b-side performance it's more reliable yeah but it's because it's caching this is completely answered in this part here so um well they're aware there's performance issues on there Linux encryption is very different the bsd okay so there are several use cases to be resolved more improvements are coming uh and i am excited because this is happening later this month so maybe i won't even do the video until later this month um when the new version's out because maybe it fixes that uh can you show your xo back at rote saying some rote server uh on the same uh on the same vlan as xo a yes it's well i have a storage it's on the storage network so you put that on the storage network that's the solution for that you can put it on the same or you can put it on a storage network as long as it's reachable by xo a can you get mvme over fiber i don't know is linux unified controller setup is up today's medium chart um don't use the i don't ever you recommend using windows definitely use the linux one they're the same the linux one is kind of the same as what's on the udm uh question about xcpg and pass through the backups include pass you configs in case the full restore pass no pass through is um that i know of not backed up so encryption on ss well and it's it's kind of a weird performance problem i i think they're gonna sort through it and it's like we just did another server for i just did that star nato server and the reason we went with cores because the enterprise market is still using core free bsd is solid reliable predictable um so yes uh you should do a full general intro to principles of it yes i plan to do some of that stuff more news on that coming soon i will probably i don't know i don't know if i'll go all the way to offer courses but i may do some in-person events um for training and things like that so that's definitely a possibility uh that's an eb owner you seeing public infrastructure cross creep or skyrocket upwards um public infrastructure costs not really but i mean energy costs are pretty steady here in michigan but different states have different um costs and there's reasons lots of them that the energy rates are higher now in europe than they were so um if that but that's a geopolitical problem um it's i mean it's all technology in the base of it here uh but there's a little thing going on over in the ukraine that seems to be driving uh prices up a little bit of electricity so that's definitely a um a thing tom the trainer i mean i you know before youtube i did public speaking and i still continue to do public speaking and advisory roles and things like that matter of fact one of the emails it has got is also me uh advising a school on how to uh one of the local um universities and guiding them i do things like this this is my reference to kanthia earlier and me wanting to with my other peers participate as a large peer group and in this industry of how do we get things better so yes um how do you simulate a cable disconnect you just disconnect it so um let me share this tab instead it i mean if you've ever used it you could probably use this button here that says connect or disconnect use click it so i'm not going to kick it on out i don't know if they're using it let me or something i'm not using uh yeah you you just uh hit connect or disconnect on on that and and it'll disconnect it so you click boop yes i should have Veronica come on here i want to Veronica is such an expert on a lot of the um intricacies of some of the classic car we're far more than me and i think it's a fun topic where we do classic vlog thursday where we dive into that um by the way subscribe to Veronica explains if you haven't already a great channel lots of knowledge uh those you know the people i see what i watch on youtube and a lot of times it can be some of the esoteric knowledge things that as a easy way to describe that category um it's always a lot of fun uh Veronica's got a wealth of knowledge that she's been sharing on her channel so uh your recommendation of vpn to transfer files over churnass don't use vpn to transfer files but if you have to use something like web dev it's probably faster to use it that way cobalt thursday's here we go oh i'm just going to um uh where's that i'll i'll share where i'm going i want to i'm wondering how many people are going there's a local event here called um it in the d so it's the um the network people one beer at a time that's the um casual networking for social information technology prevention of the metro area no agenda no speakers no cover charge ever just networking with it professionals um uh 48 people going so yeah that's i can be late this goes all the way till 8 p.m well no it goes after 8 p.m the event's over but the event's not over until the people leave so if you're in the detroit area you may find me here in ferndale at that address oh let's see yeah the events don't you leave yeah the um the we it's kind of a fun event uh my friend let's go all my friends put this together they've been doing it for like 10 years now um they're like you know once a month let's get the it nerds together and they specifically do not have sponsored or pitching or anything like that it's very casual just come on we're all in the it industry let's hang out together so it's pretty way i mean there's some people there that are i call it adjacent but they're everybody's welcome it's a social thing it's focused on it nerds but it adjacent we have people with some of that ever worked a lot of hr stuff actually um it's interesting because uh policy things became are intertwined very much with it now so there's a few people that i mean they're just policy writers they're not technically the traditional sense of it but writing policy and controls for policy at the enterprise level is an it department thing to some extent uh so there's there's a lot of interesting thing on on there so it's a lot of fun that's why go go hang out with people and um do fun things like that so all right so hopefully you've all subscribed to Veronica's channel i am going to bounce now because um from where i live this is roughly a 25 minute drive um i'm surprised there's not something like that in Grand Rapids i'm assuming gr is Grand Rapids so um yeah i don't know the uh there's not many of these type of events and because too many events get very vendor sponsored and that always bothers me because it just becomes like a sales pitch to buy stuff from them i don't want to listen to that i want to go in just and there's not there's no agenda that's actually what makes it fun it's like we're going to put all of you in the room there we go that's the agenda that so i can't say no agenda the agenda is everyone show up in this room and get a beer and if you don't want to be you're gonna water we're fine with that here's here's a beer maybe some tacos because i think there's tacos at this place so all right everyone wonderful as always send those questions in to vlog Thursday i like answering them they're a lot of fun participate in my forums that's a lot of fun too um so yeah 15 hour drive that'd be far uh 25 minutes using a tesla yes the tesla will drive me there that's um that's my usual way of going i don't you know i don't drive as much anywhere my office is really close to where i live um i have my studio at home and my office is like a mile away um so i don't drive much i actually walk for the good exercise but you know i'll drive i'll drive to this one because even driving it's a 25 minute drive all right thanks again everyone and take care