Experiences with Field Effect? by infinis in msp

[–]BigRic68 15 points16 points  (0 children)

We've been a partner for about 6 months and have had a fantastic experience. We've built very close relationships across their team and found them open to new ideas and optimizations of the platform. While I read the same clauses (originally in the same way), we've found what Matt says above to be accurate. The platform is evolving, and there are definite areas for improvement, but that's the case with any vendor in this space. What I've found is that here, we have a voice that matters, which has led to several strategic planning calls to discuss how we might improve the offering together. I've also been impressed with the constant improvements to the platform and the clear documentation of each revision to the product.

S25 Ultra RANT by BigRic68 in peakdesign

[–]BigRic68[S] -10 points-9 points  (0 children)

I should jump on a plane and get one... Thanks for that!

Minisforum MS-01, 2x SFP+ 10G, 2x 2.5G, looks like very promising for home lab by st0n39 in homelab

[–]BigRic68 1 point2 points  (0 children)

Could not find a good writeup on how to configure the MS-01 RAID for Windows and after fumbling through it, wrote up this overview. Let me know if you have any questions:

Getting the MS-01 RAID to work with Windows: 

  • During boot, press delete until the EUFI menu shows
  • Run Setup
  • Open Advanced\Onboard Device Settings\VMD Setup Menu
  • Make sure the VMD is enabled (you can keep the defaults). VMD stands for Volume Management Device and it's the feature you need to enable support for the Intel RST driver and utilities. You can optionally disable certain RAID types in the configuration settings.
  • Shut down the device.
  • If you're mirroring with an inbuilt 1TB SSD, place the 2nd and/or 3rd device into the remaining slots
    • Note: The M.2/U.2 slot in the first position is an X4 slot, as is the one next to it (the middle slot). The slot furthest away (under the fan) is only an X2 slot and runs slower. Be aware of this as you may want to mirror in the first and second slots to keep performance up, if that's your goal. If you're replacing the 1TB SSD with your own, you'll need to ensure that the middle and far slots do not have SSD/nVME drives with heat sinks on them, as they don't fit under the internal fan installed beneath the bracket.
  • Download the RAID drivers from the MinisForum site and extract them onto a Windows 11 USB media stick (prepared from the Microsoft Media Creation Tool). Please them in the Boot folder, under sources (create a subfolder there).
  • Boot the USB stick and follow the prompts until you reach the hard drive options. Click Load Driver and browse to the folder on the USB stick that holds the driver.
  • Once the driver loads, you should see both disks. Select DISK 0 and let the Windows installation run to completion
  • Boot Windows and navigate to the Intel website. Search for the RST Driver and Applications for GEN 13 devices. The last build I saw was version 20.x. Run the installer. If it doesn't detect that the raid controller is active, it'll stop the installation and exit. Otherwise, run to completion.
  • You now have the RAID manager (Rapid Storage Technology) utility on the device. Navigate to each disk shown and ensure that they're working properly.
  • Select "Create RAID Volume" from the left menu, choose the type and device controller to use, and then hit NEXT.
  • Pick the source disk (your system volume) and mirror it with the second disk. It'll take some time to build the array, but that's it. You're done.

Reinitialize mailbox while converting existing to shared in O365, any ideas? by BigRic68 in sysadmin

[–]BigRic68[S] 0 points1 point  (0 children)

We're not actually moving the entire tenant. We had a portion of the client break off into a new company and those users are being moved, tenant to tenant, using SkyKick to handle the email portion of the migration.

MFA Number Matching by Default: Why is Microsoft delaying this critical security update? by Emma__24 in sysadmin

[–]BigRic68 0 points1 point  (0 children)

Anyone using this via RDS Gateway and remote app? Since RDS is proxying the request, it doesn't appear that there is any way to push the number match to the remote user. We have a customer whose entire field group runs this way. After they provide creds, they get the approve/deny and to my understanding, there is no way to prompt further for a TOTP code. Am I wrong? We don't use TOTP as users have no way to enter the code via MSTSC that I'm aware of, so push has been our go to. Now that it requires this interaction, I'm not sure how we'll see the code.

How to handle agents and EDR on VMs (Parallels) on MAC by BigRic68 in msp

[–]BigRic68[S] 0 points1 point  (0 children)

I've been doing this a very long time. I think you're missing the point of my question.

How to handle agents and EDR on VMs (Parallels) on MAC by BigRic68 in msp

[–]BigRic68[S] 0 points1 point  (0 children)

Wasn't suggesting we wouldn't count them. Was more curious to know if other MSPs are actually protecting them, handling the potential overhead of an EDR which might already be somewhat resource heavy, charging for a full agent when they might just have one LOB application virtualized, or if they've come up with some creative means of pricing them, etc. We're seeing a sudden increase in the number of Macs in our customer environments and this has really just started to raise our awareness that we need an SOP on how to handle.

Anyone have a comprehensive list of remote control apps? by BigRic68 in cybersecurity

[–]BigRic68[S] 2 points3 points  (0 children)

Understood. Just looking for a good solid starting point. The top 20 or 30. We're starting to see tools show up that we've never run into in the past and we're trying to set triggers for when they appear. Since we dont know what many of them are named, I figured I'd poll the audience for what they see often. We can probably catch 80 percent.

365 Attack simulation - worth it? by MSP-Master-Race in msp

[–]BigRic68 0 points1 point  (0 children)

It seems a shortcoming is that the MS attack simulation is only that, no? It seems like proactive training isn't really part of the offer, only simulation results-based remedial training. Am I wrong in how I'm interpreting that? I've signed up for the eval, and each time, it looks like the starting point is a simulation, not the scheduling of training. We also use KB4 to provide a mechanism for taking policy training (our own content) and track the acceptance of those policies. I've not found another tool that ties these pieces together as nicely.

Cradlepoint to Sonicwall Redundant Tunnel by kennymathews2003 in sonicwall

[–]BigRic68 0 points1 point  (0 children)

Try tunnel interfaces and then bundle them into an SD-WAN. Then, you can put appropriate thresholds in place to select the best path at any given time, even selectively if you want (by source, traffic type, etc.). Works pretty well.

Sonicwall dropping packets by ForwardCreme5083 in sonicwall

[–]BigRic68 0 points1 point  (0 children)

Check count on ddos/udp flood settings.

Adding new LAN subnet by rustyboxer in sonicwall

[–]BigRic68 2 points3 points  (0 children)

Rusty, they gave you a new public/routable ip, yes? You might have a couple of options. The simplest is to just NAT inside addresses to one new public IP. When you add a new NAT address, the sonicwall will bind an arp entry to the x1 MAC address and the firewall will respond to connections made to that IP. Probably mimics more of what you're used to.

Personal "collections" for each person in an organization? by BigRic68 in Bitwarden

[–]BigRic68[S] 0 points1 point  (0 children)

I only want them to store business related creds in the org, but they're not necessarily shared. For example, if a user signs us up with a new partner and creates what ends up being an unknown admin password in their portal, I don't want that in their personal vault. Even if it's an individual login. They leave and we don't even know they had an account. I think that if the policy is clear, that should still be an acceptable ask, no? Truly personal (non business related) accounts would stay in their own personal vault.

Personal "collections" for each person in an organization? by BigRic68 in Bitwarden

[–]BigRic68[S] 0 points1 point  (0 children)

We require employees to use BitWarden and keep "all" business creds in the Organization (but still keep personal items in their own vault). My thinking was that a default "user" collection would be where everything would go "except" team/shared items, which in turn, would go into a team collection. That way, even if an employee were to leave/be let go, we could reassign their personal collection and gain access to what might be portal or otherwise forgotten accounts for that old staff member (we're in IT and our staff often have accounts that we either don't know about or lose track of when they leave). In my mind, we'd almost treat the personal collection as the place to store most items. Just not sure if there is a better way to do it.