The Consolidated B&EC "Quick Question" Thread.

Discussion in 'Business & Enterprise Computing' started by looktall, Jun 6, 2015.

  1. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,361
    Location:
    Canberra
    outbound, sure. inbound - no fucking way.

    I'm not being a jerk here - simply stimulating discussion. 3rd party firewalls only real advantage would be management and reporting - and given that Windows Firewall is *incredibly* manageable via GPO/scripting/etc - that leaves reporting, which I believe SCOM can handle for you.
     
    Last edited: Nov 28, 2016
  2. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,573
    My question was more around the benefits of a tightly firewalled endpoint vs the time cost of managing it, and in a fairly secure environment how much benefit their really is.
     
  3. Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,864
    Location:
    Brisbane
    We turn it off and leave it up to our hardware firewall. Not my choice and its in our default domain policy which i cannot edit. having said that we are about to upgrade all our firewalls globally. Nice way to chew up 1.5million from the estimates ive heard.....
     
  4. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,480
    Location:
    Brisbane
    It's defence in depth, how do you define 'fairly secure?' Ideally you'd firewall every port on each host that didn't need to be accessed, have a separate management network for RDP/SMB ports (unless file shares are needed) etc etc.
     
  5. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,573
    Have you seen this implemented anywhere? (and was it a "secure" environment, aka, Defence or similar).
     
  6. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,361
    Location:
    Canberra
    you should just be happy we aren't having to comply with HIPAA
     
  7. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,573
    If it's enfocement and auditing is anything like PCI, I'd be mostly underwhelmed. I've seen PCI compliant systems with holes you could drive a bus through.

    But I'm more interested in the actual value they offer, rather than the theatre of compliance.

    I've been running one in 'report' mode on my desktop, while doing both daily work, and obviously dubious things, and I'm not really seeing anything of value in what it's reporting.
     
  8. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,480
    Location:
    Brisbane
    Once, it was a banking environment. They also utilised VPN's on their local network from workstations to servers to reduce the impact and risk of some unwanted person trying to sniff traffic if they gained access to the network.
    *edit*
    I lie sorry, I've also seen an MSP that segregated in that way too.
     
    Last edited: Nov 28, 2016
  9. scottath

    scottath Member

    Joined:
    Aug 16, 2007
    Messages:
    2,575
    Location:
    Sydney
    Anyone have experience with the various 'new' messaging platforms - and the integration with the respective PBX style solutions?
    Thinking of the Slack copies that have calls attached.

    EG Cisco Spark + Cisco UC VS Skype for Business + (Preview) Microsoft Teams

    Looking into these both at the moment, but being an EDU tenant, cannot play around with Microsoft Teams as yet.
     
  10. mr626

    mr626 Member

    Joined:
    Jul 17, 2011
    Messages:
    2,750
    Looking at refreshing our small laptop fleet (~100). Any reason why I shouldn't go with a Latitude e5470?

    We are a bit of a Dell shop generally, but for various reasons last time we went with Lenovo for laptops. They were good overall, but warranty service was terrible. Dell on the other hand have always been great.

    They'd be spec'd with i5 6440HQ / 8GB / 256 SSD / AMD R7 M360 / Matt 1080p screen / 4 cell battery

    None of our users are really road warriors so not to concerned with the apparent 'sub par' battery life (reported around 7 hours on the 4 cell, which doesn't seem that bad anyway :confused:).

    For a 'general purpose' laptop to last 3-4 years I think its a pretty good unit. I like the connectivity on it too- onboard ethernet / vga / hdmi means no dongles for staff to lose.

    Anything I'm missing?
     
  11. roger895

    roger895 Member

    Joined:
    Aug 27, 2007
    Messages:
    178
    Location:
    Hobart, TAS
    I have an E5450 at work. Gets the job done.

    Have never really had any issues with Latitude series laptops. Dealt with hundreds.

    Lenovo support is woeful. We have an open case from April. Still unresolved, with virtually no way of escellating. Communication is terrible/non-existent, no updates on job progress. Not worth the potentially cheaper unit cost vs Dell.

    I'd go with Dell hands down. See if you can spring for Pro Support, makes life easier, unless you have spare units if there's a failure.
     
  12. wazza

    wazza Member

    Joined:
    Jun 28, 2001
    Messages:
    3,731
    Location:
    NSW
    My main concern with Dell at the moment is with their spare parts QC - we don't get many serious failures, but the last 2 laptop mainboard replacements have ended up being multiple callout jobs, and ones where the attending tech doesn't bother to check that they haven't caused further issues. First time had something like 5 separate callouts (4 mainboards, a few hard drives, dock, power supply etc) before I told the account manager to replace the entire laptop with a brand new one or we'd pull all business, 2nd one has had 2 callouts so far and I don't know if the problem is fixed (left it with my junior tech to handle) but I highly doubt it.
     
  13. DavidRa

    DavidRa Member

    Joined:
    Jun 8, 2002
    Messages:
    3,087
    Location:
    NSW Central Coast
    Dell Deployment ToolKit

    Has anyone used the Dell deployment toolkit to roll out servers? I'm trying to export and import a RAID configuration (which will be a pain the rear to create manually twenty times).

    The tool of choice is "RAIDCFG" - on Windows 2012 R2, which should be fairly sorted nowadays. Problem is, run it, nothing happens. No log, no export, no help (RAIDCFG -h) - nothing. Stupid return code too (-1073741515 - 0xC0000135) - which I can't seem to decipher other than it potentially being a missing DLL (gee, so obvious).

    Suggestions welcome - it's the same whether it's WinPE or 2012R2, the 2012R2 was deployed with full Dell drivers (via ConfigMgr). Same whether it's 5.3 or 5.4 too, so ... I'm guessing it's something more fundamental. Suggestions welcome.
     
    Last edited: Dec 2, 2016
  14. mr626

    mr626 Member

    Joined:
    Jul 17, 2011
    Messages:
    2,750
    This mirrors my experiences on all counts.

    We have plenty of spare units, so I'm not too worried about Pro Support. We've always just gone with NBD on-site warranty and have found that this suits us fine (other than servers, we Pro-Support those).

    Hmm, sounds like more of an issue with the attending tech than anything. The one's we've had come out have always been great- I usually have a quick chat with them about common faults / failures / patterns they are seeing, good to get a heads up on such things from the trenches.

    Thanks for the replies.
     
  15. greebs

    greebs Member

    Joined:
    Dec 30, 2001
    Messages:
    958
    Location:
    Melbourne
    For general use, I see no issues with that - especially if you're a Dell shop mostly anyway. Do you have any docking stations (another good reason to stay with Dell if you do)? We run a bunch of E7440's and have minimal issues.
     
  16. mr626

    mr626 Member

    Joined:
    Jul 17, 2011
    Messages:
    2,750
    Limited number of docking stations. I have actually seen a decline in use of these over the years- the most complex setup our staff seem to want is an extra screen and a mouse, and both of those are easily done without a dock.
     
  17. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,480
    Location:
    Brisbane
    Anyone know where I can safely download an older version of procdump? I'm chasing one that works with server 2003 r2
     
  18. Foliage

    Foliage Member

    Joined:
    Jan 22, 2002
    Messages:
    32,093
    Location:
    Sleepwithyourdadelaide
  19. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,480
    Location:
    Brisbane
  20. Luke212

    Luke212 Member

    Joined:
    Feb 26, 2003
    Messages:
    10,179
    Location:
    Sydney
    in ubuntu if you know the file descriptor of a socket, can you apply TCP_NODELAY to an existing socket via command line?

    eg:
    Code:
    lsof -i
    
    COMMAND   PID USER   FD   TYPE 
    java     3286 root   29u  IPv6
    
    i want to set TCP_NODELAY 1 on 29u

    the below are the c functions to do it. but im looking for commands if you know them!

    Code:
    setsockopt(2)
    setsockopt(3)
    
    if you can do it i will love you long time!
     
    Last edited: Dec 7, 2016

Share This Page

Advertisement: