novasamurai

I think we need to come up with a more scalable way to integrate security. I think the current model makes security simply just an option rather then a requirement, if available at all.

Solarwind's IPAM has come a long ways, it is by far one of the most used tools. A one stop shop to identify IP/DNS issues, and to see the history of how that IP addresses has been used in the past.

Nice I'll have to figure out how to watch it in my area, may have to buy an episode on Amazon. I could see some of these things taking place in the real world. Much better then hacking a plane on a runway with a USB cable from a fast car though the landing gear.

Even after that moment to GUI we still invest a lot in developing new CLI's, Even windows there are things that used to have GUI's that now you can only do via a CLI and/or PowerShell. Now days we are just deploying servers via virtual templates in 10-15 minutes, which used to take us hours and sometimes days.

The swallow could try, but it would be in for a ride. It would also likely be the last coconut ever lifted by the somewhat motivated swallow.

Like all technologies cloud can be secured with the proper controls. This also depends on who your cloud provider is, what controls they offer, what controls you can implement on top of their technologies, how much control you have on which regions your data is hosted. U encrypt or they encrypt and who has the keys. What…

Yeah except now with the monitoring agent, unless I can install the agent for some reason I'll probably avoid SNMP were possible

This is very interesting. Of all devices Firewalls are some of the most important. I'll have to test out FSM and see if it can provide the reporting and suggestions I need. Having a full change management system.

Yes watched that one 6 times too, must be the magic number this early in the morning. I'm on the west coast, so still early.

Here is my Home SysAdmin Lair with a couple of staged additions for the picture. This is just a small portion of my home "collection." Had to pull out my Faclrum, I mean Mac Classic out of storage. I'm not allowed to share my "work" office or datacenter, but many times I do a lot of work at home. When is a SysAdmin Super…

Depending on the edition it might be cheaper to buy an island

Disclaimer: Like everything else in IT there is not a silver bullet and your requirements may different from organization to organization. If budget is an issue I would use an encrypted password file on a DFS share that unlocks with a key file like Keepass. Now keep in mind there will always be a trade off in security…

Yeah I wonder what they will come up with next.

Ok, now I'm really going to look into setting up the Patch manager trial and see how it works with SCCM as well.

pzjones‌ sounds like a career limiting move. I have seen similar situation where the VP still manages to continue to make more mistakes.... I call that kicking around a dead horse....

One of my "whys" is that I enjoy solving tough problems, and constantly learning new technology. If someone needs a puzzle come see my desk. Ultimately I believe most Sys Admins want to help others. In the financial business we are focused in providing services that make it easy for our members to manage their finances,…

IPAM from Solarwinds is the goto tool we have been going to first when suspecting an IPConflict or suspecting a DNS issue, or even reserving an address in DHCP. Another favorite among our Solarwinds users where I work is looking at the IPs historical information to see what may have used the IP address previously. Many…

To get past the roadblocks, it usually requires a little more one on one meetings between the different group managers and individuals, in the form of I'll scratch your back if you scratch mine type compromises. It is one way to get out of the silo mode that we sometimes get into when project deadlines start creeping…

With this I would also say the ability to monitor/report DNS replication issues between DNS servers with the same zones.

Mixed feelings on this topic. Now if you are using pre-shared keys and simply hiding your SSID to secure your wireless network, and filtering based on MAC. You are not secure, but rather making life harder on yourself and your users. Instead look at options to use captive portals, certificates, and radius authentication.…

Network automation, and the push to the cloud, and automating patching of windows 10 does put many IT professionals on notice. If you don't enjoy learning new technologies every day/month/year than you may need to reconsider your profession now? You always need to have an exit strategy, and look for what is in demand.

Agreed, without a good log management system, all you have is noise. It is important to have a system that actually understands what events to correlate certain types of events. Otherwise it is just a needle in a haystack.

I have used a service to send phishing emails. I call it simulated phishing. Keeps users on the toes, and everyone gets tricked once in a while. I'd rather keep users vigilant about emails and fall for mine once in a while than fall for a targeted phishing e-mail. We saw great results from these test emails. We take…

It is always important to put the Spock face on and don't take anything personal. Once emotion gets involved you have added something to slow down your resolution process. This does not mean to not show empathy to the user, we can still do this and not get too involved. Stay focused on finding the solution, and I'm sure…

It is always harder to explain the cost of something that has not happened yet to justify the cost of monitoring. The Hospital analogy(although a true story), can help those non-it executives understand what the true benefit of monitoring can be. Especially when many data centers need similar environmental monitoring as…

Hopefully IT can continue to change it's culture of in-security to find a better balance of lets just make it work and making it work securely. This will ultimately protect the end user from unintended internal breaches.

I always caution against all in one tools and possibly no tools, and rather like to go for best in breed for what fits the organization. I understand that some tools can be costly, and it is always going to be hard to explain to those not charged with defending the network the need to purchase additional security tools.…

So WPM works great, it is one of the reasons we host a few servers on Amazon AWS. We have found that doing so with Solarwind's WPM was much cheaper than a hosted managed solution. What would be interesting is if we were also able to integrate Pingdom with WPM to give us a single view that would still alert us if our…

Two more to go. On the fill in the blank, check twice and submit once

Jfrazier Yeah, I have seen how SecOps running against NetOps can cause some issues. For me I started out NetOps and later became SecOps. It helps to have an understanding of both sides of the coin. I also see the value of working together, there are a lot of overlaps in the kind of information collected.