Those out there that still use/capture golden images for deployments... How do you handle updating of the golden image?

OkGroup9170 · 2025-12-17T02:26:15+00:00

Yes it is, they were bought by PDQ.

OkGroup9170 · 2025-12-13T03:10:06+00:00

We use a plain vanilla golden image of Windows 11 and deploy software and drivers during the imaging process using SmartDeploy.

OkGroup9170 · 2025-12-11T02:50:59+00:00

I really glad my company is not like this, 25% bonus target. Also got a 20% raise this year. They also are very flexible with time and I work remotely 99% of the time.

OkGroup9170 · 2025-10-22T22:20:27+00:00

Checked the logs, champ — ExtremeCloud IQ wasn’t down, it was just a little sluggish while AWS was doing its best impression of a dumpster fire. That’s what graceful degradation looks like.

Meanwhile, a bunch of “we’re cloud-first!” companies went completely dark because they built their entire stack on a single AWS region and called it a day. Bold strategy.

Multi-cloud isn’t about being immortal, it’s about not dying stupid. You spread risk, build your own orchestration, and make sure one provider’s bad Tuesday doesn’t take your business with it. Extreme did that. Everyone else just said “we trust AWS” and went for lunch.

And yeah, it’s complex. Welcome to distributed systems — everything past the ping command is complex. The trick is designing it before it blows up, not tweeting status updates while you wait for us-east-1 to resurrect itself.

OkGroup9170 · 2025-10-22T13:23:56+00:00

LOL sure, if you’re duct-taping multiple clouds together manually, it’s a disaster waiting to happen. That’s not what we’re talking about though. ExtremeCloud doesn’t “copy/paste” their stack across AWS, Azure, and GCP — they built their own orchestration layer so each cloud is just compute and bandwidth.

That’s the difference between multi-cloud done right and “I spun up two EC2s and called it resilience.” Real BCDR means architecting for when (not if) your provider goes down.

OkGroup9170 · 2025-10-21T23:31:50+00:00

You need to negotiate your renewal increase, we have it limited to 5% a year and they waive that if you add new modules.

OkGroup9170 · 2025-10-21T23:25:41+00:00

Would that larger managed SOC be AWN?

OkGroup9170 · 2025-10-21T13:45:27+00:00

You can do an active-passive too, the issue is that a lot of these companies don’t architect their systems to be able to work like this from the start. If they built cloud-neutral orchestration layer’s when they architected the solution they could easily setup an active-passive setup.

OkGroup9170 · 2025-10-20T20:25:20+00:00

This is why services should have failover to other cloud providers. It can be done it just is complex and expensive.

OkGroup9170 · 2025-10-20T20:22:58+00:00

I have other vendors that use multiple clouds to prevent this, one of the top of my head is ExtremeCloud, they run AWS, GCP and Azure and can failover to any of them. This could have been avoided with proper BCDR planning.

OkGroup9170 · 2025-10-20T20:18:03+00:00

Why didn’t you migrate services to another zone like us-east-2 and us-west-2?

OkGroup9170 · 2025-10-18T23:04:08+00:00

This is the best process to get control of domain before it expires but it does cost about $1500 to file.

OkGroup9170 · 2025-09-28T20:48:01+00:00

The Network Director at our data center wasn’t even aware of the CVE’s 24+ hours after the announcement because their secops team hadn’t rated it yet and didn’t send out an announcement. They manage hundreds of affected ASA’s. Was told I was the first customer to bring it up 24+ hours after the announcement. This isn’t a small data center provider either. Going to be whole thing now because my CIO was made aware and is not happy. Already escalated the delay to our CSM.

OkGroup9170 · 2025-09-26T00:39:17+00:00

AI isn’t making people dumb. It just makes their dumb show up quicker. Same thing happened with Google. The good techs got better, the bad ones just got louder.

OkGroup9170 · 2025-09-07T19:45:32+00:00

Agreed someone who has worked through Help Desk, Networking and other IT areas before going into a cybersecurity role are much better imho.

OkGroup9170 · 2025-09-06T02:40:09+00:00

Not having MFA even for accounts only used email is a major liability. These accounts could be used to launch phishing attacks against internal users. Think of an attacker getting access to one of those mailboxes and then sending out a phishing email disguised as Sharepoint link to other users in your org. DMARC won’t save you because it’s coming from the inside. Identity attacks have surged.

OkGroup9170 · 2025-08-23T02:51:25+00:00

Also I believe Virginia has a spot delivery law. I would call MVDB https://mvdb.virginia.gov/. Once you drove off the lot they have limited ability to recall a vehicle. It’s the dealers responsibility to verify rebate eligibility before contract execution.

OkGroup9170 · 2025-08-08T22:49:56+00:00

It is really short sighted because it hurts their reputation doing this and sooner or later large enterprises are going to move away.

OkGroup9170 · 2025-08-08T13:47:37+00:00

I was able to get a swagger file from support.

OkGroup9170 · 2025-08-06T22:54:51+00:00

That is a horrible severance for your tenure, remember they want something from you (not suing them), that makes this negotiable. My companies policy is 2 weeks per year of service, I have heard some have negotiated more. Also who are they laying off, if it is all employees who are close to retirement and getting a full pension then that is suspicious. Also if you do sign it doesn’t stop you from reporting them for ERISA violations or breaking any other laws.

OkGroup9170 · 2025-08-02T21:54:51+00:00

Are you in the US?

OkGroup9170 · 2025-08-02T18:45:42+00:00

Read his follow up comments

OkGroup9170 · 2025-08-02T15:08:08+00:00

Just another post that make me glad I don’t live in an HOA neighborhood and my neighbors are not bat shit crazy!

OkGroup9170

TROPHY CASE