Knowledge primarily, since I’m not running a business.

At this point, like they say in Chips, TLS inspection is standard…

If your enterprise isn’t doing TLS inspection on everything other than banks, medical, gov, they’re doing it wrong.

Some times people think the hard part is getting the CA trust setup, but I find it’s far more tedious to deal with certain sites and mobile apps especially that do certificate pinning.

I like OPN also. I’ve always appreciated the stability of the BSDs.

My only personal complaint with OPN/PF was the TLS inspection.

I’ve read about adding the modules to *Sense, but I haven’t figured out the configuration pieces.

It just works with Sophos UTM and XG firewall, and the configuration was super easy.

You always use what you like though.

This is true, the 6 GB RAM limit and four cores.

I run a pretty enterprise home lab, and I haven’t ever seen the devices hit the resource limit.

I have around 3k IPS rules and TLS inspection for most categories of sites except the normal stuff like streaming, banking, etc that you’d not want or need to inspect.

For anyone it might help, I use these as inline proxies rather than as the gateway at the moment. So they have more than just internet traffic going through them, they also have segments of my LANs getting evaluated. Performance has been great so far.

hates him and sabotages him at every step

Isn’t that also describing his children?

Won’t someone please think of the investors…!

I’m just glad they’re still distracted with torrents…

rawdawg some torrents

LOL! Did you spray 1’s and 0’s in their face when you were done?

Good comments.

Do you think there’s still a lot of traditional or legacy thinking in IT departments?

Containers aren’t new, neither is the idea of infrastructure as code, but the ability to redeploy a major application stack or even significant chunks of the enterprise with automation and the restoration of data is newer.

Lol, even in 2024 with free VPN/overlay solutions…they just won’t stop public Internet exposure of control plane things…

Blank check

Funny how that seems to often be the case. They need to see the consequences, not just be warned. An ‘I told you so’ moment…

Agreed.

Dont we all use centralized management because there is cost and risk involved when we don’t.

More management complexity, missed systems, etc.

So we’re balancing risk vs operational costs.

Makes sense to swap out virtual for container solutions or automation solutions for discussion.

Yeah, that’s pretty risky for this point in time.

I guess the MBA people look at total cost of revenue/reputation loss for things like ransomware recovery, restoration of backups vs the cost of making their IT systems resilient?

Personally, I don’t think so (in many cases) or they’d spend more money on planning/resilience.

Seems like your org has taken resilience and response planning seriously. I like it.

contract “options” are indeed normal. You could also lump in government contracts into the category your thinking about. I’ve never heard of a scenario where the vendor broke contract by not honoring the options. I also have never dealt with a vendor getting bought out and then not honoring existing contracts. Super fun to watch the corporate drama. I personally don’t care for the private equity style business that seems to be an even bigger problem than the investor first/profit centric model that I thought was the worst thing.

My mid life birthday gift was an electric zero turn mower. Already had all electric yard tools. Will buy Tesla or best option in couple years. Never going to a gas station again!

So indeed, fuck gas

Office culture nuances… I enjoy them.

DomainCode-SiteCode-Function##

ACME-USCA-WEB01 ACME-GERM-DC02

I worked for a company where the previous IT dorks named the servers after startrek ships. It’s cute at home. Had to rename everything and readdress the whole organization.

It’s pretty plain to see IBM afraid of loosing vendor lock-in, but running a software solution designed for an open or distributed platform shouldn’t be that big of a threat, right?

All their selling points for z series are the insane hardware performance, redundancy, and tuning.

Isn’t it unlikely you’re going to get that on some virtual or abstracted mainframe platform?

If I was one of the businesses that’s been paying the fortune keeping IBM mainframe alive, I’d stay on it. They measure profits in the billions and saving some money going away from IBM and risking loosing countless dollars per minute seems like a risk…

Oh wait, I forgot, all American Corps are currently (since the 80s-ish), worthless greedy fucks solely focused on short term profit and stock price regardless of long term consequences. Maybe they should save some money on one of the things that’s helps make them billions…I bet that golden goose tastes amazing 😄

We are just a little behind trying to elect our new dictator…

But just for a day…

/S 🙄

Nice. Then what’s the Spanish equivalent?

I have only visited Rota. Neat place.