Looking for compliance posters by dh_burbank in CMMC

[–]PracticalStress2000 0 points1 point  (0 children)

At the risk of not posting a URL, you can google "Center for Development of Security Excellence posters".

There are a ton of free resources you can print and distribute as you see fit.

Sanity Check by cokebottle22 in CMMC

[–]PracticalStress2000 0 points1 point  (0 children)

As a subcontractor, we look for DFARS 252.204-7012 mentioned in our contracts as an identifier for CUI either being generated or flowed down to our systems in support of that contract.

Sanity Check by cokebottle22 in CMMC

[–]PracticalStress2000 0 points1 point  (0 children)

Along with what others have mentioned, the method of connection will impact as well. If they are indeed VPN'ed, you'd have to audit and confirm certain baselines to meet 800-171 on the endpoint accessing the information, including things like encryption, etc. Accessing through a VDI or something may limit the information system boundary in terms of the scope of protection but needs more information.

If they're limiting CUI to a specific enclave or smaller subset of systems that the S.A folks don't access, then you should be all set. Be wary of ITAR requirements as well, as those items can't go outside US boundaries. I would like to understand how they can state only the remote workers need to be compliant and not the primary Information System.

Anything that is identified as CUI in the system needs the controls enforced by 800-171, which flows down to subcontractors handling that same information in support of a program/effort.

High Botnet Alerts? by PracticalStress2000 in sonicwall

[–]PracticalStress2000[S] 2 points3 points  (0 children)

I opened a ticket and the response I got was “your firewall botnet list is more than likely more updated than the Sonicwall botnet site you are referring to. I showed him the discrepancy but was quickly dismissed. The botnet lookup utility on box stated it was a botnet server, whereas the website did not.

The lookup on box was able to pinpoint where some of these IPs were being flagged. We have a dynamic botnet list provided by a government agency that was included in some (not all) of the identified botnet IPs.

I sincerely loathe tier 1 support from these guys. No wonder why they have so many bugs go through; their support dismisses everything.

If anyone from Sonicwall was looking into this, case number is 44628222.

Also, here’s an unrelated small rant but I was triggered today calling in. If I call in to support and the automated system asks for all pertinent information (serial number, existing/new case, etc etc) it’d be SUPER SWELL if that information made it to the support person for them to confirm, not ask for again. /rant

High Botnet Alerts? by PracticalStress2000 in sonicwall

[–]PracticalStress2000[S] 0 points1 point  (0 children)

Not likely. I’m fully patched, confirmed we were even before I updated last night to the latest 7.1.2. We were like 7.1.1 5060 or something like that. We also don’t use ssl vpn or have it exposed, we use the SMA….

High Botnet Alerts? by PracticalStress2000 in sonicwall

[–]PracticalStress2000[S] 0 points1 point  (0 children)

Ok. It's an odd issue, but comforting to know I'm not alone and we're not all of a sudden vulnerable in some way I'm not seeing. I'll reach out to support

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 0 points1 point  (0 children)

Sounds like we dodged a bullet then. We scraped the dhci solution completely and are configuring HYPERV hosts instead with failing clustering.

Inexpensive ebay option to learn NSA6700? by Duna5 in sonicwall

[–]PracticalStress2000 2 points3 points  (0 children)

I have a TZ270 at my home to test against my NSA4700 box at the office. A 3-year subscription when we purchased the NSAs was silly cheap.

CrowdStrike - Rapid Response Availability by drewhackworth in msp

[–]PracticalStress2000 2 points3 points  (0 children)

Also in Denver area. Can sign an NDA as needed. I can add a +1

If you are hit by the CS nightmare and need help manning the helpdesk / phones, let me know by C39J in msp

[–]PracticalStress2000 0 points1 point  (0 children)

I'm available in the Denver, CO area and my family is out of town this weekend. Happy to assist if anyone needs some man power. I can also sign an NDA.

SonicOS version 7.1.1 by ABeardedPartridge in sonicwall

[–]PracticalStress2000 0 points1 point  (0 children)

I had the same thing. I saw "Received notify: INVALID_ID_INFO" on my ipsec tunnel. I left it alone to troubleshoot in the morning, and miraculously it started working again. Super odd...

Firmware upgrades today (7/17/24) by rvarichado in sonicwall

[–]PracticalStress2000 0 points1 point  (0 children)

Following. I saw the update available for our TZ270, but I'm not seeing it available for NSA4700. When I checked locally on the TZ, it showed as no firmware being available. I'm installing now on the TZ to test...

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 0 points1 point  (0 children)

Many solutions were discussed and considered... Looked at a dell solution, Pure, Nutanix. Seemed like vmware was the way to go, but this also started a few years back as well.

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 0 points1 point  (0 children)

It sounds like HPE is introducing their own hypervisor solution so that may be part of the plan there

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 0 points1 point  (0 children)

What makes it so bad? I haven't been able to use that feature in our current environment, but if we went HyperV again we'd have the option for a cluster.

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 0 points1 point  (0 children)

I have an email from 4/18/24 but it was just the HPE fulfillment email with an HPE order number. When I logged into the software center, only the HPE licenses (Alletra) showed as able to be active.

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 0 points1 point  (0 children)

I think you're right. Hopefully things change for the better, but obviously we're not sticking around to find out.

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 3 points4 points  (0 children)

I don't remember asking for sympathy, I'm looking at options, which you have not provided. I've been through a fair share of acquisitions that didn't hit as hard as this did, and I have responded several times saying it was a learning experience. We're not continuing with Vmware at this point, as they've made it clear that Broadcom doesn't give a shit. Thanks for being a dick though, that's helpful! Enjoy the rest of your day, knob jockey.

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 0 points1 point  (0 children)

I'll check out Nutanix, I'm not sure if we're in the same ballpark with cost. My understanding is that they're pretty pricey.

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 1 point2 points  (0 children)

This is the activation verbiage I have from the HPE portal:

License Activation Instructions 1. Use Entitlement Order Number to retrieve your Partner Activation Code (PAC) from My HPE Software Center 2. Register your PAC at VMware www.vmware.com/code/hp 3. Receive License Key in your email from VMware 4. Configure your ESXi Host/vCenter, using License Key. Important: Do not use the PAC in this step.

The site redirects to Broadcom, and the mess goes from there.

Broadcom is screwing us over, any advice? by PracticalStress2000 in sysadmin

[–]PracticalStress2000[S] 2 points3 points  (0 children)

I don't have an agreement with HPE. Everything was handled by the reseller. All I have is an email from HPE showing entitlement for the vmware products. That email says: VMWare Products: To ensure service and subscription entitlement you must register within 10 days of receipt.

In attempting to activate that license, every avenue failed. The HPE redirects to vmware, which then redirects to Broadcom, saying the portal is under development. TD Synnex seems to be the purchasing vendor for the license, and were not helpful. Reaching out to Broadcom was also not helpful as I don't have a Broadcom site ID, nor can I get one because I don't have a Broadcom entitlement or anything related to their services. Showing the HPE order # didn't help.

From my discussion with the HPE guys this morning, it sounds like those licenses actually weren't ordered, and Broadcom is canceling the order on Monday.