 And I'm live vlog Thursday, number 339. This is sponsored today by our friend Jack. This is, I am tired and I need a drink. So I also see, because I can see Tom here for more systems and Tom here from CNWR and with the president of CNWR Jason Slagle is joining the chat. The merger has been like the fun part is done, like where we celebrate that we merge now the hard part where we integrate is what we're working on now. And Brett called me, so I answered the Brett phone call. So he I can blame him for being late, but you know, it was good sales questions and things like that. Oh, Matt, we have a Matt too. Yes, you know, we're going to do some talks now you can check all them out please down below there's a link to business technicalities. And you can subscribe to that channel if you want to see some of the business talks we have Matt. I don't know when that video is getting published, but there's definitely a Matt, me and Jason and Brett. We all had a great conversation. I don't know the place of the date that's going to be published but subscribe to business technicalities and we've talked about the merger more on there from a business standpoint. I will probably meet me and Jason or maybe me and Matt will do a technical video where we outline all the tool collision. That's one of the things that's going to be interesting because people always ask hey what's the tools you use well there's more. And there's a lot so that's you know what's your stack is something if you're in the it MSP space what are the tools you use that's a common question, because there's a lot of options out there, and we'll go through and explain the tools Tom's used in the past time the tools that are still going to be used in the future, and how all that meshed out so it's going to be definitely a fun conversation. Let's see here. And I also going to laugh about this because this is your problem now I think I talked to Brett 20 times today. Yes. Yes. Yes. I one of the merger happened. Jason Slagle inherited Brett. So that's fun stuff. Vlog there's the alert systems.com I have one person has an interesting question and it's funny because I had, I was just in Baltimore a couple hours ago, doing a talk for private equity place that was definitely a lot of fun, and insightful I just met some really great people. And this is this is the talk I actually made public on YouTube first. And it's a, it was my talk on security. It was it was kind of fancy because they had iPads everyone got iPads to follow along with the talk and things like that so I thought that was just kind of novel. They had that and then where I don't think I got any pictures of me up on stage there, but I at least have a picture of me standing in the balcony of Boston. I got upgraded to a balcony room for reasons they had a weird power surge and it messed up some of the rooms. So they give me an upgrade of my room for free so I ended up with this like really nice hotel room that I was only in for a couple hours. Yeah. So that that was what I just got back from doing. Oh, let's see. Oh, I like that in employees of mine are in there. So this is kind of fun. But conversations I had, I had a good conversation about someone running, talking about security onion, wazoo, OSAC, a lot of security tools and one of the things and I talked about this before in the merger video is like I want to focus on some of the longer form harder to make videos because they take so much time to put together. But yes, I will be doing a video talking about that. But that's actually a question. It's someone emailed to vlog Thursday at learn systems.com. Grey log versus wazoo. It says I'm looking forward to the security union video when you get get to completing it. I want to ask you about gray log versus wazoo. Both projects which are a bit of overlap in terms of being elastic search centralized logging. Wazoo has some particular features I want such as vulnerability scanning configuration assessment and file integrity monitoring as an existing gray log user. If you were deploying security in wazoo, would you run the side by side with gray log or would you move everything and all your workloads just to wazoo. So this is not a simple answer. And the reason why is because with gray log, it can do way more than elastic. So you can say it's elastic search based, but there's a reason I don't use elastic. You can do all of the logging and gray log, plus all the different rock rules, and then trigger rules. So when I do my gray log video, it my recent one for 2023, I cover extensively all the features you can have in there. wazoo is a fork of OSEC, the both of these are really good tools for helping manage your security, but and this is where the butt comes in. wazoo itself is a nice security tool wazoo is now part of the elastic elastic forked it. But the problem becomes it's really just a security tool now piping all that over to security onions not bad and security onions logging, but it's not the same as gray log, because there's a you can say sure I can consolidate all my sys log and wazoo logs and everything in there. There's then there's that but again, the bud's going to be how do I take an action on all that data inside of security union. Well, security is good, but it doesn't have the same level of triggering and interface and tooling that gray log does. So I would run both. Honestly, like, I would look at security union as here's my source of truth when it comes to sim monitoring. I look at gray log as all my logs like I'm not going to build triggers in security union for things like raid array problems that I do have triggers for inside of gray log. gray log has all these different triggering tools that I've set up and I covered that in my video, where it lets me know different things it can let me know of a raid failure it can let me know dry as a matter of fact I was just doing some problem in troubleshooting which I might make a video on this, but it's kind of minor but it's problem people run into where you can't get a ZFS scrub to work on a pool because there's a drive problem. And going through the drive histories and figuring out is this drive the one that's causing me the problem. I kind of like the way that if you dump all of your true nas logs, you can even put the serial number of the drive, you can grab that serial number of the drive you think is the problem or if you know the drive might be the problem and search through gray log and then say hey trigger if this serial number gives me trouble again and then do that. So I would use both. That's pretty much it's kind of it is not it's like so that's kind of my answer is run both is what I would say about that, who people asking about Dynatrace. That's interesting. We'll start with this question here what VMs are good for small business customers, not too many low cost and CRVMS servers. I mean, it's, you know, I'll actually share this right here for my forums. And I someone asked the question and I wanted to be articulate about it, because I had time this morning, I was sitting this morning, and I was like, Okay, I'm going to give a really good answer on this at least I think it's a good answer. I guess I got to look at my postings to do to do. Here we go. Share this tab and I'm going to drop a link to it. It's just in my forums. So you see it's called the future of cloud versus self hosting. And I'm going to throw this in here to answer that question. So what good BMS are good for small business. Well, I wrote a few paragraphs on this. And the reason I did this is because I wanted to clearly explain all the parameters that go into whether or not you want to host something or whether or not you want to push push it out and have it hosted in the cloud. And people think, Oh, you can just take some things out of the cloud. Email quit trying to take that out of the cloud. That's just email lives in the cloud. That's welcome to 2023. Quit trying to run your own servers. You're probably not good at maintaining them. So not email, but there's a lot of other nuance back and forth and it's going to come down to a lot of the factors. I have those factors all outlined in this particular, you know, forum post as a reason I took the time to type it all up to give you that more nuanced answer of it depends on. And here's all the different depends, you know, I talked about payroll platforms, ERP platforms on premise apps that we run for clients. There's not like a silver bullet. It all goes this way or that way. There is always a series of factors of which when you're going to run. So hopefully that helps. How do you feel about Dynatrace? Never heard you talk about it? What are alternatives? Yeah, I don't use Dynatrace. Dynatrace is a big company. It's just if it's not a tool you're using. It's a little bit beast of a tool. It's used by a lot of big companies and fun fact about Dynatrace for those of you that have been following my channel for a long time. Their security engineer was my friend Xavier. So Xavier Johnson was one of their head of security engineers for quite a number of years. I actually am familiar with the product to an extent I never really used it. It's interesting, but it's a little outside the topic on here. Maybe Jason Slagle has some more comments he'll throw some stuff in there. Prefer Dynatrace is a beast. Yeah, that's some of the challenges. I'll see. Going down the list here. I want to certify in certain niches that many people haven't yet. Yeah. Now we're discussing Greylog Elk and other Sims here. Yes, we pivoted right to that. I want to certify in certain niches. I don't have any search, but I don't have anything against people who want to get a lot of search. They definitely can give you a good learning path on things like these are the things you need to know. What would you guys recommend? Unify Omata or just OpenSense? So my feelings on Omata. Fine for home users, I would never run them in a business. Omata is less clear. As bad as Unify is about having clear roadmaps. Omata is less clear. Omata is a copy of Unify with zero innovation. They didn't really do anything to make you go, wow, they said, oh, look, they copied it and lowered the price 20%. And for home users, that's probably enough. But I don't really feel that the Omata product is going to be on top of security. Ubiquity, love them or hate them, whatever your opinion might be, they are really on top of security for things. Their security engineer is good. Their security engineering and their rapid response to problems with bugs and product have been good from that standpoint. So I would definitely go Ubiquity on that. In OpenSense, I run PF Sense on OpenSense and that really comes down to and maybe I don't even know if it's worth doing anymore. I did a video two years ago comparing OpenSense and PF Sense. There's still not anything compelling about OpenSense that would make me use it over PF Sense. As a matter of fact, PF Sense, since the latest version, I would say is even better because they move to the latest free BSD and to my knowledge, OpenSense still has not moved to that. So, yeah. Asking which network tool is never simple is not and is never a simple question. We'll add that there. Certifying networking, seeing less people getting into actual networking. Yeah, you know what? VLANs are just a mystery to people. So your network certifications will cover and hopefully have you understand VLANs. This is something that even people who are good, if you will, they're well off into their career. They're doing well and maybe programming. Even some of the people who are into things like pen testing and stuff like that, VLANs can still trip some of those people up with just the fundamental understanding how to set them up. They may know how to break things. They may know how to pop a box and pivot around through a network, but actually understanding how the VLAN works. It's one of those things. You don't get it at all. And then it all just like, you see the light and then you understand it. I have a video that's done. I have several videos that done really well on explaining VLANs. And I think it's a popular video topic because each person may explain it a little bit different because each person may come to the conclusion to understanding VLANs differently. So watch many videos on it until one of those videos is the one that lines it all up and you go, oh, I get it. That's how VLANs work. So do you have any interns? Would you want more? If you are in the Toledo or Detroit area, feel free to reach out to us remotely interns. I don't think make any sense for us. We can't give you access easily and vet people as well. There's trickiness to doing it. So I'd say, but if you're local to Toledo or Detroit, yeah. That's probably a little bit easier. Matt Clare, all sorts of networking people from CC, yeah. Juniper. Just updating my PSS of two sec to seven, but it broke my USB nut Damian package. Interesting. I have not tested that particular package with 2.7, but I don't see any reason because it's a package in the repository. So it should work the same as it does in PSS 2305. And I don't know of any problems in 23051. So I don't imagine because it's not a it's not a different package for 2.7 as it is for 2305. Brett. Brett. No, we are absolutely actively hiring for salespeople. So if you want to work in technical sales and you would like to work for CNWR and, you know, the whole conglomerate we have here going on. So yes, that's we are actively hiring for that. Do you visit Cedar Point? You know, I personally because roller coasters, when I was probably when I was young, I went to Cedar Point when I got older roller coasters made me really sick. And I just quit going. So I haven't been to Cedar Point in 20 years, because I don't know. I have no idea. I used to get really sick on planes, and I don't get sick on planes anymore. So maybe I don't get sick on roller coasters anymore. I have no idea. So I've been there. It's not far. It's even closer to the CNWR office. Do you guys want to laugh? I've never played with your NAS. One of your PSense boxes you managed had a shared library error package, so we use package text. Oh, hmm. You guys are breaking things already at CNWR. Anyways, let's go over to the other topics I was going to talk about. Where is the VATES thing? There we go. This, and because I know he's listening, so I can throw this on here, because we got to we got to actually do that. Don't break things, Jason. Well, I guess if you break it, it's your problem. Jason's a BSD guy, so I'm really not too worried about him breaking BSD. So if the free BSD stuff breaks, I feel confident that Jason is also able to unbreak it in the same way. Greetings from Mexico. Awesome. International here. That's Mexico. Cool. I've not been to Mexico. Maybe one day. I finally got a passport. You know, I'm almost 15. I decided I guess maybe I'll leave the country at some point, so I got a passport. But I will start with a minor announcement, but this leads into something a lot bigger. I've talked a lot about XTP and G and it's used commercially across many, many, many companies. I just the, the, the speaking Gage and I was just out, which is for a bunch of large companies basically that are pretty well funded and have a lot of SAS applications. Some of them run their own data centers and I learned the they watched my videos and we're excited. It's kind of just how it came around. They watched my videos and we're excited to see me as a speaker because they had been following my videos and built their infrastructure that runs this large. I won't say the name of the company. I don't know if I'm allowed to, but it's a pretty big successful SAS app and the entirety of it runs on XTP and G. And they used to be a VMware house and apparently we convinced them otherwise. So now they're moving. They still have some stuff to move over, but they've been really happy with how it performs related to that. VATES is the company behind XTP and G. They have a partner program that they are opening up and this is all, you know, something we're definitely going to be participating in. And we're signed up for this to get it all started. There's some stuff and I'll be roping in Jason with CNWR to put this all together, but we're going to be one of the US resellers for the XTP and G system. So they're working on a whole maturity of the reseller and a partner and everything else. Now, the part that people usually care about and I need to do some updated videos on this is all the new features that Zen is rolling out. So Oliver Lambert and his team have been really, really busy just not only with a partner program, but still keeping up with monthly, really good updates to the releases. And they do their live stream that covers it more in depth that I'm going to cover here, but they even added some really cool config backup systems for automation. They've really been working a lot with the REST API for those of you that want to build more orchestrated systems. So as much as I love the Zen Orchestra system for doing automation and being easy to use and I think looking cool, the new version will be out within later this year. It's going to have dark mode. So sorry for those of you that are seeing the white version of all this, but it's definitely I like that that you can just put all the icons in there. That makes me happy. You know, it looks cool. I mean, if you're going to do your logging server stuff, you just, you know, you want to put logs on your log server. Here's my gray log server. You got to get both of them on there. But the back to the functional things. I don't know. Maybe I'll do a separate video on there, but their project K8s for those of you might have missed their project. Is it? I don't know how to say that. Pyrogross. They've got Kubernetes orchestration that they're really building into this. And for some of these clients I'm talking to, they're really invested in some of this to keep expanding and making this even more automated, larger, and it's just outstanding. The XO light system is coming along. So for those of you that complain, the home users that are going, but Tom XC PNG, I got to run this VM to runs an orchestra that seems like a waste of resources. I get it. They're offering the more basic, it's called XO light. It's a not as full featured as the X XO system, but it's going to be very functional because it'll be built in. So that is really coming along well. They also added, I think this is a neat one here. This is a feature I wish they had sooner. I always W get the ISO to put it on to my storage box to then, you know, install something. Now you can import the ISO from your URL. So when you're setting stuff up, you can actually just grab it and have it drop it through the import. So you'll be able to do that right inside of Zen Orchestra itself. So that's actually pretty cool. They done some enhancements to the raw VDI import export, some performance graphs, you know, the all little basic stuff on there. Some various performance improvements. We'll go back to those I haven't talked about in a couple of months. They also have with the 5.83 version. The new backup stuff is really cool because they can do these mirrored backups. So they're kind of doing it. So the problem before like you could select multiple backup destinations in the backup system, but they ran at the speed of the slowest backup because they were simultaneous. Now they can do the backup and a separate job that mirrors the backup repositories. So if you you can still do the other way or you can select multiple destinations, but now instead or also I should say you can do these mirror backups where you have it back up to one location and then mirror it to another location secondary as another job. So it's just really impressive all the stuff they're doing on that. You never use TrueNAS, you just use Linux. Okay. Roost to deploy VMs would be an interesting use case. Oh, actually can Roost do. Yeah, I mean, it's API driven. So you could do I guess as long as Roost has an agent because I don't publicly expose my XCPNG. I mean, there's people who do, but my preference is not to do that. So yeah, do I recommend it as a Proxmox alternative? Absolutely. I think it's far better than Proxmox in terms of scalability. I don't think Proxmox is in any way a bad system. It comes down to, I think home users are perfectly fine with either one of these. For the companies that I've worked with that have really grown and are doing this at scale with several thousand VMs with multiple, and this is an example right here. Having multiple data centers where you manage this with one interface to manage data center level work. Zen scales better than Proxmox. Zen will scale to a larger, more manageable system at very high levels. This is something where Proxmox can, but go back to your home user question. If you're a home user, are you going to scale to do data centers? Maybe I've seen some pretty extensive home labs, but statistically not likely. Oh, Veeam support. Yeah, yeah, yeah. I'm sure we can get them to code Veeam. I'm friends with the people. If we need to build Veeam in, I'm sure we can make a connector that gets everybody happy. But honestly, it's not going to be a priority because their backups are so damn good. You don't need Veeam when you have their backup system. As a matter of fact, save the Veeam license, Jason. Just back it up and manage it all through XO. David's question. Hey, Lauren, she makes some awesome content. It's truly helped me kickstart my skills regarding VLANs. Do you know if Kotam supports built-in VLANs like the SG-1100, what are my managed switches broke? Yeah, the quote, if you use any of these Kotam boxes, you can still do VLANs with them. It's a function of like if you load PF Sense on a Kotam or one of these other small boxes, yes, you can do VLANs. It does not have a built-in switch. Each port is an individual port and you can then assign and add VLANs to that port if needed. Love the talks on business decalities, but y'all really got to drop the whistle at the end of the videos. Oh, we got to get rid of the whistle. What whistle? You know, I don't do the editing. So you move from bare metal to proxmox. Hey, compared to bare metal proxmox, definitely a big upgrade there. There's a way to proxy API traffic through RMM or screen corrector. Okay, yes. Yeah, that would be a way to do that. Do you think working with local small doctors office is a good place to start a business? There's a better option looking to start something soon. Me and Jason on business decalities did a video called I Hate My Job is Not a Business Plan. And we walk you through a lot of the steps to think about a business plan specifically related to running a tech company. So I recommend watching that video because there's a lot of answers we give in there to talk about that aspect of it. Yes, I would still recommend getting a switch. Jesse said about HomeLab server that I'm setting this up, this Arvo. That's getting it. Okay, I don't know what Arvo is. Does XE, no, you, LXC containers are a cool feature. And if that is your use case, proxmox is something you should stay with because the LXC containers are Lex, I've heard them called Lexi or LXC. Someone leave a comment and flame me on what the right way to say that is, but the, that is not natively supported in proxmox. You're saying no to the doctor question. Yeah, doctors are needed and cheap past experience. Yeah, doctors are challenging. Don't, don't start with HIPAA. If you were to hyper focus a skill or cert, where would you go? I'm not the best person to ask for career advice. My career is a very winding path. I'm actually going to do now that I've merged with CNWR. That's like one more life event to throw on my list. And I'm going to do a video on how I got where I'm at, but you can't really copy paste someone else's career path. You have to kind of find your own way. And because I, I kind of joke before now I hadn't had a job in 20 years. So I'm kind of not the best person to ask on that. But if you want to know what career path to go into, you can just look at who's hiring and what they're hiring for and go, all right, maybe I should go into that, you know, they're hiring for cybersecurity right now a lot. So cybersecurity is not a bad place to learn things. Do you know there's any quote time trickery to add a switch locally or is that something hard coded in a chip set sort of? Yeah, you don't want to. Technically PF sense can bridge ports together to function as a switch. There's a million forum posts of why that's a bad idea and why you'll probably have problems. Switches are inexpensive. Unified switches are reasonably priced and not hard to manage. There's other if you go a level cheaper and you're willing to do the learning curve of the quirkiness of their software. Mikrotik switches are pretty good too. Functionally, once you learn them, they're great. It's the it's that steeper learning curve. But Mikrotik is out there and there's plenty of others. Cisco small business switches are not horrible, but they're still more than unified. So I don't know if they're the best recommendation, but they do have local management. Why can't why can I migrate from one host to another, but not back that? There's probably an error message I would need to have you get the post on the forums with the error messages are. What is relevant these days? I think career path talk is something worth talking about. There's a lot of people to ask about it. So I think Jason, that's probably a this channel talk. You know, real world career path from people working in the industry. You probably have more insight into it than I do. So yes, well, I will add that I'll go in a slack channel and I'll put be Tom and Jason talk about career path. It'll work for sure just CPU switch pieces. Yeah, totally agree with the separate switch and the firewall. I'm running a dealing DGS 11 1100-08. Yeah, the unified switches I I tell people to use them a lot because there's just so cheap and the store switching. They read their site. So I got to find it. I mean, these little flex mini switches like 29 bucks. 199 for the 16 port POE model. So there's definitely there you go 48 port. They said they have a few different models, but the utility. Well, I forgot the flex 10. I don't I don't think I have one of these laying around. That's a cheap price for a 10 gig switch. But 199 for their light 16. That's not a bad price. And then you have some of these little minis and where their in walls go. I like their I guess it's probably under Wi-Fi. I kind of like them because they're a switch and their Wi-Fi at the same time. So those are kind of cool too. Yeah, 29 bucks. I mean, they're just not that expensive for a switch. I don't know what your needs are. By the way, you do have to run the controller. So you have to have a place to run the unified controller because these do not have a Web interface on them. But to get the basics done, they're not bad. So definitely look in the unified stuff. All right. Let me wrap up on the XP and G stuff too. What else was I think that's really it. It was all the backup stuff that they done. I think it's just really cool. The backups. This is more walking through how to script things. This is they added to their rest API so you can script your updates and things like that. I never had a need right now to do this. But it's because in the system itself, when there's updates to the pools, there's no updates right now. But when you have multiple servers in there, there's a patching option. It'll automatically, if you just click a button, it just rolls the patches and it'll automatically balance everything. So they have such a nice job they do. I haven't really taken the time to use the rest API to do it because the Web interface is easy. And I like to do it. I'm like a controlled. Hey, I'm now going to go do this. What was using all the CPU? Something is. Is it the Blue Marrow one? Nope. Oh, it's probably Greylog. Greylog uses more. A little bit. All right. Catching up a 2x from a little late. But actually, Alpha has been fantastic. Oh, it's in beta now, by the way. And they moved from Alpha to beta one as of, it's probably small to read. Let me zoom it in. As of June 22nd, they are now on the beta version, which is, I can't help but make this joke. I went to press the button. I've now officially lost control. My control key just popped off. Stupid. There we go. Tom has lost control. I wonder if I can get this to go back on my keyword. Well, that's broken. Oh well. Such as life. There are boxes, extra broadcast, switch modules, and I'm unsure if the PF sense can figure out. But, um, Cumulus Linux can. Yeah. Um, PF sense cannot, to my knowledge, configure those boxes. The only ones PF sense can control the switches on is the one that are specifically the PF sense hardware, like the neck gate hardware. They have the extra support for it. It doesn't recognize. It recognizes, I should say, in any of the other devices. Taking an opportunity to do an upgrade network for my church. Do you think I should go with the quad Tom or neck gate? Remember you had a video about the build quality for neck gate. A neck gates build quality is really good. And for businesses, that's what we deploy. I don't go co Tom on the business stuff. Um, I've had a few of the protect tele devices die over the time. They died several years in. So technically they, they kind of ran a life cycle, but they were only died after four years. That's, I mean, if the firewalls fast enough to date, that doesn't really bode well with me dying after four years. So I've had a couple of them that had problems versus neck gate devices. I find them to be very trouble free. So I just, I just like, like with them, I never worry about there wasn't update this granted. I'm biased. This happened a few years ago. A few years ago, there was an BSD update that caused problems that had to have me come and do a firmware update on some of the protect tele boxes. Awesome. Protect tele had a firmware update for it. Not awesome. Had to go on site to do a firmware update. I don't worry about that with the neck gate boxes. So I don't mind spending that little bit of extra for the neck gate boxes. So I'm trying to convince upper management that XMG is a viable solution for our new isolated physical security, even though most of the company is being raised. My concern is support. They have, if you go to, and this is why I mentioned early here is the partner program. They're going to be redoing this too to for clarification. They have full SLA agreements. I mean, that you can buy incident support. They have this information on here and you'll be able to buy this through us and we do support for this. So we offer support. They do support. I mean, they go not just, you know, one hour response time on critical issues. This is your standard support agreements that you're going to expect and enterprise. So will you need support? They're making a bundled support package. So I think it's not on their website yet, but they will have that available as a bundle package so you can get both. It depends on how you want the support and what you want to support for. 1804 is EOL. I just want to say thanks for helping me do my first structure cabling project job for a client. Awesome. Congratulations on that. Neck gate all day. Why would unify controllers? Self-hosted on Deviant Docker image. Prodigy should keep running out of disk space. If the logs are known to do this, search doesn't seem to help. I have never, I have a recent video I've done in 2023 here on building it. And I've never had a problem with it running out of disk space. That's not a problem I run into. So I don't know what you're doing that would cause it to run out of disk space. I got my first job in 1995. I just went everywhere and knocked on doors and say, will you hire me? I'm a brute force approach. So, yes. There's no easy answer for how to get your network job to start applying. Apply everywhere. Get some skills. I did just have a force of staff member to either upgrade their personal phone to start carrying a second phone to get them off Android. They didn't receive the patch. Yeah, that's a different problem. Okay, they're asking, yeah, I mean, I could log in to my Unify system, but I don't have the problem. So I'm not going to be able to do it. But I mean, crap, again, something I solved real quick. Don't trouble typing. This is a problem. My passwords are so damn long. I'm going to share a different screen with you. Jason's suggestion works. My suggestion works better than Jason's. And Jason's a Linux guy, but I think you'll see what I did here. Because this is how I'm going to do it. Where did that stupid screen go? A window. There we go. You can run, now where did it go? Hold on. All right. You can run NCDU as a command. And that will also give you that information you're looking for. So it's NC. You can still have to get installed through most systems. But this will go through and give you breakdowns of your drive and how much data is in each one. Holy shit. I got a lot of stuff in here. I got to purge this. 139 gigs and caching. And a bunch in there too. All right. I didn't realize I had this much garbage in here. This is my memes folder. It's probably not as big. It doesn't take up much space. NCDU is a graphical tool for doing this. But you can run this on your computer and be able to go through and see what space is being used. This is back to answer the question of, hey, how much space is used on my Unify controller and what is doing it? So I wonder if the Unify controller would run on Pi Zero? No. Run probably not. It would be terrible. I think it's a horrible idea. I don't think it'd be functional. Time used to red team tactics is hired. Yes. That does work. First job found. Open a port. Yes. I just asked everybody. Arbitrary code execution. Get a job. Yes. Someone's going to say yes. I think some of my people realize that you have some tech shops. Yeah. I think they don't realize that all those letters after your name aren't a Windows product key. It looks like one because I see your VMware. But no, you got, I know you got some red hat, a puppet and something else certs. I know Jason's got quite the collection of certifications. So Jason's been doing some Linux stuff in his way. Jason is way more BSD than me, despite me being, you know, PF sense and true NAS on all that. So. Late greetings from Seattle. Glad to see your salon. Cause got back from DOL Seattle equivalent of the DMV. Okay. Yeah. Wunder stat, whiz tree, whiz file. It's by the way, there's similar ones for Linux as well. That look the same. Hello. First time catching a stream. I find many of you is very helpful, informative, entertaining and keep me interested. Thank you for your hard work. Yeah. Me unscripted. I don't know. So I kind of have a problem. Sometimes I lose subscribers. I think people realize that I'm very random when I don't script out a video. But I don't know. I still like doing the live streams. I get to interact with everybody. I think doing a network job before getting to cyber would be helpful. It is. If you understand networking, it's going to make your cyber job helpful. Yes. I still, you got to remember the people who are on YouTube, which many of them are my friends. And we are greatly concerned about Red Hat. But, but the businesses, the concern is like, we'll wait till the dust settles before we actually have concerns. So yes, it's, I wouldn't worry about it too much. And Jason completely agrees here. Security is easier with networking knowledge. It is. So FIPS, I don't believe there's, FIPS is a stupid, I, yeah, I don't know that PF Sense will get FIPS, full FIPS compliance. It's just, I don't know. FIPS is BS to me. I was just looking it up to see if there's any information on that. The fact that it's like, cool, you have the cryptographic libraries enabled that we care about. You are now government certified. Oh, by the way, ignore all the CVEs that got the government poised. At some point, this is my calling BS on so many of these compliance things that just aren't aligned with security. Because 40, 48th in the news again yesterday, again, like, I don't care about FIPS clients, but I know if I worked in the government world, I would have to do it. So you might be stuck with 48. I'm sorry. I don't think you can do FIPS, the PF Sense though. No, I didn't, I didn't feel like supporting free PBX anymore. So I did move off of that. I mean, free PBX is cool. But yeah, I not using anymore. I got to put something cool on the screen though. There. Oh, hold on. I'll do it this way. People always ask what's running on the back of my screen when I have this up. There we go. Now it looks like I'm hacking stuff in the background. All right. So yeah, we're not, we kind of moved away from free PBX. It was too much trouble to support it. It's just, there's one of those things I surrendered to the cloud because it's easier. It's in my friend's cloud. So I guess that makes it easier. First job, late 80s working on a word processing temp office manager for the interest in learning computers. You said yes. It's downhill from there, buddy. Once you say yes, you're into this world. Seems any pivot from networking to cyber, at least from the outside, it's my plan. It's having a, you know, cyber is easier because for me to some extent, because I've got such an extensive tech career. So I can think about things and all the different aspects of tech that I worked in from database to some coding work I did all the way to a lot of networking and storage design. And so when I think about cybersecurity, I have all of those other facets I've worked with. So yeah, the more broad knowledge you have in tech, it's always helpful going into cyber. Interacting with Tom is why I'm here. Use enterprise servers versus level one techs. Ooh. I don't know low power. The problem with old enterprise servers is they're usually high powered. That's one of the reasons I, even myself, I said, you know, these things are kind of like small room heaters. And that's why we built the Ryzen server. So I'm kind of like, I would go for that level one techs, low power build. That's exactly, Jason nailed it. It's too expensive to certify for FIPS. It's a big cost. I don't think there's enough demand that they have that would justify the cost for it. FreePBX is owned by Sangoma and they are out for money. Well, I mean, they're a business. I don't recommend the controller on Docker because I don't know who maintains the Docker. I've complained about this before, and I've talked a few times about the security problems with Docker when you don't know where your stuff comes from. And Unify has no official Docker. So the question isn't Unify on Docker. The question is, do you trust the person who's producing Unify on Docker? I have Greylog on Docker. It's maintained by Greylog. So people like, well, you use Docker for Greylog. And I'm like, yeah, because it's maintained by Greylog. I use Bitwarden on Docker because it's maintained by Bitwarden. If it was maintained by Joe, and I don't know who Joe is, I would have concerns over using it in an environment unless I was friends with Joe. Technically, you are doing free PBX. Yeah, there's still some of it floating around. Yeah, there's a couple of them still. So in the merger, we've learned that there's a couple free PBX clients floating around. SSO deployment do you use? Duo or Microsoft? Duo and Microsoft. There's some Duo stuff in the CNWR. Most of these are Microsoft, which I'm not the biggest fan of. As I complain about it. I bitch about Microsoft at least. I try to keep it down to once a week that I complain about Microsoft. Everyone has to use it. I have an account on Outlook now. Wow, I'm on late today. Yes, that is because this is where I was. I had to switch it. I don't care about switching it now. I was in Baltimore just a couple of hours ago. Doing a speaking event. We talked about the ongoing troubles of the move-it file transfer. I mean, there's not much more. I mean, it's broken. It's still broken. It was broken before. It's broken now. You can pretty much bet money that Clop Ransomware is looking at every one of these stupid file transfer programs that are probably written horribly bad with no real security testing. So it's just a matter of time before what's the next one. Last year was Excellion. Oh, by the way, here. Hold on, I'll find it real quick. Someone's going to laugh. So while we're on that topic here, let me find it. Here we go. Let's drag this into a window. Let me stop sharing that. Hold on. Stop. Then we're going to present, share screen. Not that screen. Cancel. This screen. I have too many tabs open in my head. Chrome tab. Look. Citrix didn't want to be left out of the file transfer disaster bandwagon. So Citrix is like, oh, by the way, share file zone storage controller security update. Look at this. 9.1. 9.1. I mean, if you bang your head on the keyboard enough, you could exploit this. Nicky being the smaller vendor in the firewall space, how do you think to compare with the larger players like Cisco and Palo in terms of features? It depends what feature you're asking about. I don't deal well with a vague question. You have to ask a specific question. What feature would you ask? Obviously, Cisco has more features. But what feature is it that you are asking about? Is it the web filtering? That's where they suck. They're on par with other stuff, but they suck at web filtering. I don't think web filtering should be done at the firewall. That's why we use Zoros. I try to complain about Microsoft once an hour. Yeah, but then you're just complaining a lot. Managed file transfer is a huge money grab because managing file transfer is hard. Turns out managing file transfer is hard and people get pleased. Yes. Yes. There's a lot of opportunity here. I don't know. Maybe there's still an opportunity. Maybe companies are just going to start trusting Google and Microsoft to be their file transfer. I don't know. It's a garbage industry right now. There's no good players in it that I'm aware of. So it's always a mess. I had so many login issues with my company. Migrated from Azure to the local cloud. Took them about three weeks to clear it all up. I don't even want to see .omni Microsoft again. Do you make your own beef jerky or simply own briskets? Briskets and ribs and all those fun things. Absolutely. I don't. I've not made beef jerky in a long time. Laziness. You never speak about Peplink. Why would I? They're not a sponsor of this channel. Actually, I have. I've talked about it on a dozen live streams. Peplink is, they work. People using them. I've consulted. People seem happy with them. I don't have a reason not to use them. So. Yes. Kevin. You know, if I can find a picture of Kevin, I don't think somewhere. But our friend Kevin makes really good beef jerky. He shows up at the events with bags and bags of beef jerky. I look forward every time I see Kevin at an event. He shows up at a lot of the MSP events. He's a just a fun tech guy. He's got a great hat. I do not see this. This is a debate I have all the time with people of I could see NextCloud getting popular and I could see NextCloud getting pwned. I don't know how well audited the security is for NextCloud. I'll be honest. And what I do see is a lot of people with really old NextCloud instances. So the fact that people want to set things up and they want to this is how we reach people reach out to us for consulting. They go, hey, I have no idea how NextCloud works. I want to hire you to set it up and my first reply is the same all the time. What's your plan to keep it up to date? Oh, well, once it works, I don't want to touch it. Well, that's that's a terrible idea. You're going to end up with a security vulnerability and you know, if it ever got big enough it would then be in the news just like move it and all those. I don't know what level of code auditing they go through if someone knows and wants to email me at blogthursday.com and say Tom, didn't you know they have insert name of company doing code audits? Hey, I hope that's true email blogthursdayalarchsystems.com but but I don't know that to be true. So I don't recommend even publicly exposing it until that's you know been code audited and vetted. That's that's a thing I harp on with people when they talk about exposing these I think she had happy my friend Christian Lemp on I might do a similar video. He did a great job talking about problems and securing home labs and how people want to publicly expose everything and I'm like stop doing that. You know use VPNs all my stuff's behind VPNs and yours should be too Yes file transfer via guest accounts to identity tenant like SharePoint despite your feelings of Microsoft is the way I I'll agree with that I believe Microsoft and Google I'm gonna throw both of them in there are better stewards of this I you know share files using either one of those and I feel comfortable doing so I think that's going to be where the feature goes Microsoft and Google will go I guess this is something we're gonna be able to do you're gonna stick the file in our cloud we're gonna manage the security of it we're gonna manage the sharing of it yeah so definitely apply conditional access policies and such absolutely I haven't had dear jerky in a while my dad lives in a very rural part of middle of nowhere Michigan so yes he makes dear jerky I'm just lazy and I don't make it I wouldn't see the enterprises using Synology files here but I do use it I think it's a good product I think Synology's been a pretty good track record of staying on top of security I've talked to some of their team there they really seem with it like they're put together when it comes to the engineers I've talked to there so they give me a pretty good confidence in our product I don't think you're gonna see them necessarily in the enterprise space but I know they're shooting for the stars and go in there so hahaha on-prem file chancellors garbage because patching policies are garbage at most companies yeah we can go with that oh did you guys go to the beef jerky store off Luna in Luna Pier so when it so Matt and Jason when you're traveling back and forth between the Toledo office and the Detroit office uh Luna Pier there's a uh is one of the exits in between and they've got good beef jerky there so alpacas though I don't think I've had alpacas jerky I see someone else talking about nut quit for me when I have to get 2.7 definitely post in the forums post in the forums get some feedback open a red mine ticket or see if there's an existing red mine ticket for 2.7 and not for pf sets I was looking at backing up my on raid to offsite on raid box with twin gate instead of vpn any thoughts on twin gate uh why wouldn't you use I mean twin gates a commercial product why don't you use an open source product like um uh twin uh hold on tail scale uh my preference is for tail scale so because it's a uh let's see here we get it oh I just got this comment from Jason he's right he messes me he's like we're like ADHD fuel I'm like yes between that Tom being tired and Tom I've been drinking before I got on the before I got on the show here so but uh tail scale I would recommend tail scale over twin gate uh twin gates a commercial proprietary product tail scale is an open source product built on wire guard and if you don't want to use their control plane you can also use head scale uh to manage it so definitely uh something I would prefer over that by the way tail scale is built into pf sense I use tail scale pf sense I think it's great uh when I travel I have tail scale on my phone and I could just flip the switch and turn it on and it's just it's so convenient I'm gonna do a follow-up videos I've been using it a lot more and I'm like here may turn it on real quick show you starting network and there we go you've completely connected my VPN here see if that works there you go and it just my pixel seven pro gives it an IP address and uh attaches to my network with all my things like immediately it just it works so well I love it as a uh tool I want to do some more follow-up videos because I think it's so nice now I lost where I was in comments oh let's see so much stuff here you could tell that the add problem probably hahaha how similar our VMware is as I don't work in compared to xc b and g I've heard it's quite a bit different yeah I mean they work they have similar features but yes they they have a different implementation so the concepts are the same so if you understand the concept of how virtualization servers handle networking I don't think it's a hard pivot you just got to learn the nuance of the interface of how those things get deployed I was going to make a joke about Tom's Tesla driving a home tonight that I realized uh he is in his home studio yes yeah and my my wife is my designated driver uh do you like more than open VPN my switch on VPN has been causing me annoyances I think tail scale has I did a video explaining I've done a more recent one here in 2023 about overlay networks versus VPN they work fundamentally differently so you can't just say which one is better comes down to your use case and what your needs are um but I don't use zero tier as much but I think zero tier is fine I just like tail scale because the app works so well on my phone and and head scale is pretty easy to set up if you want to manage it yourself with the head scale system the Pixel 7 Pro identifies as a Chromebook no I have a Chromebook I was testing how it works on a Chromebook so uh yes oh I didn't know head scale got a UI maybe I need to revisit head scale head scale is a cool project I love head scale but you can tell you started drinking on it yes a pack a pack of seems too much like horse I'll agree with that uh Brett loves tail scale hahaha yeah the uh I've got Brett using it it works so I loaded it on my Synology natively so I set it up on a few different things I'm like this is just neat it just works everywhere so well uh that I'm like okay I just like this I've got a few clients um consulting clients some of our managed clients I know up there using it but I had some consulting clients using it and they just sing its praises um I've all my testing has always gone well so I'm like might put it in production use because I've been traveling a lot and I just turn tail scale on when I travel so I have access to all my things at home and I'm like this is so smooth it just anywhere I've went it just has no problems and it's I I don't know I really like it I'm gonna I like it more than when I reviewed it instead I liked it so hahaha uh well I am out of whiskey and at some point I will run out of energy I don't know when that point is but since I gotta leave for whiskey I think I'm gonna wind this video down here as much fun as it is chatting with everybody hahaha okay so it's a separate project called headscale UI that's awesome uh cat 6 or cat 6a only a few dollars more um cat 6a is harder to work with just go with cat 6 unless there's some needs you have it cat 6a will do longer distances um for 10 gig but if those distances aren't being met that doesn't you're wasting money and dealing with harder to deal with cable so well I'm yawning so I guess that means I am out of energy I mean I it's been a long day I woke up I woke up at five I did a public event I was up on the stage speaking and doing my thing um and you know flying back talking to everybody um I'm also 14,000 steps according to my watch and of all the walking I did so hahaha uh the tail skill server is really easy to set up on it's even more yeah I'm sold my hip through the headscale thing because I like opens or stuff sounds like a midnight project yeah great great project um I knew people would ask about twin gate they've reached out to me I haven't decided if I'll do a video on twin gate they they want to sponsor a video and this is the thing like they did a sponsor video with network chuck so they paid him to do a video so everyone keeps asking about it um and they reached out to me now they want to pay me to do a video on it and I'm always has I don't do too many paid videos are pretty far between but hey there's bills to pay and that's why we do some of these paid sponsored videos so um Kubernetes or SD-WAN those are two different things I don't know what you're asking to compare Kubernetes is uh orchestration SD-WAN is well SD-WAN which I have a whole video explaining all the variations of SD-WAN because SD-WAN is technically in my opinion a marketing term um and how you if you watch my video on it you'll understand why I call it a marketing term because there's different variations of what SD-WAN means to different people so yeah that's not as uh hot sauce of the day I don't have anything new maybe next week yeah but I'm yawning now so I'll make instead of making all of you on I'm going to bounce thank you everyone for joining all 100 100 something people on here looks like it was 112, 113 so thank you all for joining it awesome love it and uh SD-WAN is just DMVPN yes SD-WAN is keeps changing match well there's different types I did an explainer video on SD-WAN because there's so many different things it's it's all the things it depends on which marketing person you're talking to so uh you can do live migration like you do V-motion so yes I can take VMs and migrate them from here to there I guess that's more like the V-motion so uh me and Jason Slegal will do a video talking about because he's way deeper into VMware so we'll do a video together uh and we'll do a nomenclature lineup of this is what VMware calls it this is what XEP and G calls it and hopefully that'll make it better so I think I don't know but uh can I call you Tom I call me Tom so I guess you can call me Tom that's that is my name so we'll go with yes I I've been called worse oh and Brett's going to talk to me tomorrow alright thanks everyone I got to go get some more whiskey so I can yawn one or two more times and crash later