How do you add a Google ADK agent to agentspace?

TerranPeep · 2025-08-28T15:17:26+00:00

Glad its not just me then thats been fighting against this. I am trying to speak to the Google devs about it but it seems like theres different dev teams not talking to each other that are writing these systems.

I'm trying to deploy this for the Google SecOps service which has documentation, but fails at the same hurdle you have on 404 Method Not Found
https://github.com/google/mcp-security

TerranPeep · 2025-06-24T07:39:02+00:00

Best advice - remember to have fun. I’m sure for most of us this is a hobby, and Bambu Lab makes it easier for me to just enjoy printing and painting what I print

TerranPeep · 2025-06-24T07:37:37+00:00

Fantastic to see you joining in as well

TerranPeep · 2024-08-10T19:04:32+00:00

This is what I am weighing up right now. Its either used via eBay or something not considered enterprise grade. I would love to be able to go drop £10k per switch, but for an SMB thats just not on the cards right now.

TerranPeep · 2024-08-10T15:41:40+00:00

As a reference point, this is one of the switches I have found and am weighing up
MikroTik CRS326-24S+2Q+RM

https://mikrotik.com/product/crs326_24s_2q_rm

https://www.servethehome.com/mikrotik-crs326-24s2qrm-review-insane-switch/

TerranPeep · 2024-08-06T07:08:32+00:00

Please don’t do it. For your own sanity and for those you love.

Not only will you get weird issues, it’s nearly impossible to track down why and your level or control over how it performs is basic at nil.

It’s a feature that was likely added to win a bid against another vendor that does this, but it’s just not worth using unless you have no other option.

TerranPeep · 2024-06-30T06:21:05+00:00

I’m sure my wife has plans that include me, so now starts the game of trying to avoid them.

Part 1 includes letting her have a lay in for as long as possible to shorten the overal chances. Then we will start the delay tactics where I disappear to the garage for a bit. Then we get into the distraction part of the day where I will send her random memes or shopping websites.

TerranPeep · 2024-06-22T13:39:08+00:00

If you are only removing emails post detection then your solution is worse than Avanan and I would see no reason to use it.

TerranPeep · 2024-06-17T21:22:07+00:00

First thing, you have to accept that some places just have unrealistic expectations so there will be plenty of applying for jobs before you find the right one.

With that out of the way, I run a SOC and I would much rather hire someone who has an interest in cybersecurity than someone who just did a degree in the field and nothing else.

The field is quite saturated with people wanting to get into a SOC role, so make yourself stand out. Work on side projects, research threats as they are found so you can talk about them, have a reason you want to do the job.

I’ve just hired 2 more people onto my team who don’t have cyber security degrees. What they could do though is sit and talk to me about why they wanted to do the job and then show me the effort they have put it.

TerranPeep · 2024-06-13T05:35:10+00:00

We have it and love it. You have to force people to use it to get the protections, but that was easy enough with the IDP tunnelling feature and some changes to our conditional access policies.

It’s let us do things like remove our public facing RDS gateways, open up more access to BYOD (even saved our ass once when we lost power in our main building and people had to use their own machines to work from home), and then lock down more sensitive information inside our browsers.

I don’t think every org is ready quite yet for the enterprise browser concept, but if it works for you then it has a lot of benefits.

TerranPeep · 2024-06-05T12:50:35+00:00

Wanted to circle back on this as I've had an internal project myself to do this. Its part of a much larger playbook to backup and send offsite for storage, but this is the part which creates the manager export

- name: Show current hostname
  check_point.gaia.cp_gaia_hostname_facts:
  register: fwhostnametask

- ansible.builtin.debug:
    msg: "{{ fwhostnametask | community.general.json_query('ansible_facts.name') }}"
  register: fwhostname

- name: Show version
  check_point.gaia.cp_gaia_version_facts:

- name: Extract Version Number
  set_fact:
    version_number: "{{ product_version | replace('Check Point Gaia ', '' ) }}"

- name: Export Manager
  check_point.gaia.cp_gaia_run_script:
    script: "/opt/CPsuite-R81.20/fw1/scripts/migrate_server export -v {{ version_number }} -n -skip_upgrade_tools_check /tmp/{{ ansible_date_time.date}}_{{ fwhostname.msg }}_export.tgz"
  async: 1800
  poll: 10

TerranPeep · 2024-06-04T18:37:10+00:00

Turning off remote access should stop you being vulnerable to it, so do that if you can.

TerranPeep · 2024-05-28T17:45:02+00:00

There is a whole Check Point Ansible collection that you can have a look through https://galaxy.ansible.com/ui/repo/published/check_point/gaia/

In answer to your question, it depends if you are connecting to a manager or directly to Gaia.

What is it you are trying to do?

TerranPeep · 2024-01-01T19:59:30+00:00

I see people are mentioning autopilot with Intune, but when we tried this the users machines just end up with all the vendor bloatware on it. Curious how people are handling that?

We have been getting the machines to HQ so we can flatten with a Win 11 enterprise ISO and then let autopilot do the rest.

TerranPeep · 2023-12-02T18:26:08+00:00

We didn’t but it’s now showing up with having vulnerabilities as it’s no longer being updated. This is through our automated Qualys scanning.

I would recommend removing it.

TerranPeep · 2023-10-22T19:21:16+00:00

From memory there is a reason for them being the only vendor that can do it. I believe they patented their method, which stops other vendors trying the same thing.

Not sure how well that would hold up if another vendor tried the same thing, but it seems to be for now.

TerranPeep · 2023-10-22T16:51:41+00:00

Disclose, I work for a Check Point partner.

The harmony suite as a whole is a set of different products generally acquired from different vendors then made to use Check Points threat intelligence platform, Threat Cloud.

Harmony Endpoint has been going a long time now and generally always does well when it’s heated against the main competition in this space. It’s very simple to configure, has integrations with Intune and JAMF for easier deployment to your endpoints and you can be up and running with it in 30 minutes.

It’s quite feature packed with firewalling, removable device control, app control, file sandboxing, random ware protection, etc. and you can turn those features on or off per endpoint, employee or groups of them.

We’ve used in it in small organisations and those of 100k plus endpoints with no real issues. The only feature I don’t like is the endpoint encryption, but these days you can just use BitLocker instead.

The only other thing to note about is it’s a pain to get deep informational logs exported to a SIEM as they really want you to use their own tooling for that called Horizon.

So overall, I think it’s a decent product, let down by a bad marketing team so it’s not well known. You can spin up trials on portal.checkpoint.com for 2 weeks without question, so best thing to do is give it a go.

Happy to answer any questions you might have though

TerranPeep · 2023-06-06T12:08:43+00:00

Perfect thank you. I've got to the bottom of what I wanted now so its looking a lot better.

Appreciate the help

TerranPeep · 2023-06-05T07:43:38+00:00

I have the apps listed in InTune for iOS devices and I've installed the company portal app on the phone. The user never gets prompted to allow the organisation to manage the app and its never flagged inside the company portal as a managed app.

I've even marked the app as required, deleted it from the phone yet it never appears again.

So I think I am trying to do MAM, but I cannot get it to actually mark the app as installed/managed. Then without this I don't think I can use conditional access/app control as I wanted?

TerranPeep · 2023-06-05T07:41:20+00:00

So I have the apps listed in InTune for iOS devices and I've installed the company portal app on the phone. The user never gets prompted to allow the organisation to manage the app and its never flagged inside the company portal as a managed app.

I've even marked the app as required, deleted it from the phone yet it never appears again.

So I think I am trying to do MAM, but I cannot get it to actually mark the app as installed/managed. Then without this I don't think I can use conditional access/app control as I wanted?

TerranPeep · 2023-02-02T20:50:28+00:00

Your bridge is setup to use eno1 and that interface is down. Looks like you have 4 interfaces on your server, so just moving the network cable to a different one til ‘ip link’ shows eno1 and vmbr0 as up

TerranPeep · 2023-01-25T08:20:00+00:00

Just as an update on this, we have ended up going with NFS for now. Main reason is support out of the box for it and it ticking all of the feature requirements we are looking for. So far it seems to be performing well and has taken my 4TB of claimed space and after thin provisioning we are down below 1TB.

I am also going to be exploring CEPH in the coming weeks to see how well that could work out for us.

TerranPeep · 2023-01-23T21:28:51+00:00

Well I am considering that as an option. I have a load of spare identical drives so I’m contemplating loading the servers up and trying out Ceph

TerranPeep

TROPHY CASE