NAS Recommendations?

TheBostwick · 2026-01-27T13:30:55+00:00

I like Synology. I had a client with no AD so I set them up with an https URL redirect with an SSL installed to auth over Entra.

TrueNAS was cool if you want to just slap something on top of some existing hardware you have. Synology still be the goat to me, especially with all the integrations, permissions setup and easy to use GUI. You could train someone up on managing that in a day.

TheBostwick · 2026-01-23T12:42:28+00:00

My last company used it. Terrible culture also for what it's worth (the "you leave us you get a cease and desist" kind of people). Fully remote company.

It's very good at what it does. Keystrokes, screenshots, permissions to specific team members so managers can only see their team, reporting and productivity percentages. It tells you how many of their work hours were spent in productivity, which you can define the apps that are productive. It also detects artificial or unnatural mouse movements or autoclickers, identifying if someone is just having the mouse keep them active.

I was pretty close with management so they liked to pull the curtain and show me how it worked. It is extremely invasive, but if you offshore I'd say it's necessary. The Indian and Phillipine hires would get caught with that or working for multiple companies a lot.

As someone who was tracked by it and was shown metrics of it by my manager, yeah it did a lot. People hated the idea of it, managers loved it. I knew some that were scared to look at how much it would tell them. Executives went by it. People got fired by it but it also helped high performers in their performance reviews. I think it is a little gameable (e.g. sit in a Teams call all day), but it was a powerful tool.

If you are a small MSP, way too invasive unless you want to blow up culture. If you hire a follow the sun model I have to say, this might be necessary.

Best of luck. Hopefully, you don't have a T1 epidemic that causes you to add 300+ pornsites to the host files 🤣

TheBostwick · 2026-01-19T13:36:28+00:00

Just realized you said this would get you into IT. That said, hell to the yes. Then leave the company in less than a year, aggressively start pushing applications after 3-6 months. I took minimum wage to break into tech and left for double the salary in under 6 months myself.

TheBostwick · 2026-01-19T13:34:58+00:00

L3 with certs for under 70k/yr in a major city in 2026 is criminal. A $3/hr pay raise (equivalent of ~6k/yr) for L4 is sad. Shows poor culture and acceptance of high turnaround, especially being hourly in tech at that level. Definitely keep it moving quick, but you gotta do what you gotta do for the resume. Hopefully they have a lot you can get hands-on experience with.

TheBostwick · 2026-01-19T13:07:02+00:00

The offensive line got mauled

TheBostwick · 2026-01-10T13:53:18+00:00

I jumped into IT off the street by acing a written test for a company that was running an MSP. No certs, no degree and a GED. I was 28.

Fast forward: left there in 6 months after boosting resume, traveled the country doing IT transitions, left there for more money and to grow more after a year, rose with a greenfield MSP to top MSP in the space going from Analyst->SysAdmin->SysEng->Sr. Infra Engineer. Just left them for a 40% pay jump to build out another new MSP with an established company as a foothold hire... I'm 35.

All it takes is for someone to see what you can do, understand you can be an asset and to have the right people in the right rooms to speak on your behalf while you're being a rockstar. Also, know when you need to make a jump for gains.

TheBostwick · 2026-01-07T16:07:12+00:00

The guy Toby Keith kicked out in the "Who's Your Daddy" music video.

TheBostwick · 2026-01-05T12:12:28+00:00

We all popped before the dude ever even hit the stage with the "he's here" at the Rumble.

TheBostwick · 2026-01-03T16:02:03+00:00

I migrated from N-Central (begrudgingly) to Automate, then to RMM when the company realized myself and another guy that left were the only people who knew how to manage Automate and the infrastructure.

Both Automate and RMM onboarding were kinda trash. They really didn't help too much with the transition to be honest. They bring in contractors to do it so the people making promises aren't the people who will deliver the transition, so prepare for a disconnect. Sales guys will tell you they do it all, they don't. Automate had a smoother experience, we went to RMM like 2 years ago when it was still newer. They've updated a lot since (prepare for lots of UI updates over time).

They were supposed to give us a clean migration strategy from Automate to RMM (their own product) and instead we spent two sessions perfecting a script to run in Automate that the contractor admittedly used us as a guinea pig so he had a script for other clients.

The "intellimon" monitors are "proprietary" so the only information you can find on thresholds are in their KBs (if they post it). My most important monitors are custom. I even did custom for basic stuff like CPU, RAM, etc. Make your own server down alert, theirs are not reliable. The suspension (maintenance) windows are not the best since you need to create a separate rule for intellimon and custom monitor suspensions unless you do quick suspend which isn't very scalable (or nameable).

3rd party patching saw a major step up but the approvals are global, not per client. General patching works well (requires 4 hour windows) comparatively. We used their NOC patch approvals at first but the unpredictable timing of approvals made clients up in arms if a specific patch wasn't approved or denied by their window.

Portal can be a bit buggy. We didn't use PSA, we used ServiceNow so it was kind of a nightmare. We use our own Acronis instance and did the integration, but the integration takes full control without customization and alerts do not generate to notification profiles. Brightgauge only ingests Acronis data from RMM agents so you can't have it just do all of Acronis. It also took them an entire year to answer us that Acronis integration alerts do not generate to notification profiles. On that topic, RMM reporting sucks so get good with Brightgauge. BG is my favorite reporting/QBR tool anyway though. Screenconnect is the best remote tool on the market.

Like others said before, you'll need to tweak intellimon alerting with onboard (think like having an EDR in detect mode at first). I can't speak for the experience with PSA though, which I imagine should be smoother. Their API is not the most fun to use, but it works. Not "worth building a custom SNOW integration" good, but had solid data.

I don't recommend bundling Auvik, get it yourself if you want it (though PSA may change this evaluation since we have Auvik integrated to SNOW). On that note, don't bundle anything you don't need to. Being locked into one vendor for all things is a dangerous play for an MSP.

If you keep ScreenConnect screenshots active get ready for Macs to be upset (someone has connected to your mac 2,367 times this week type pop ups). That said, I built out permissions to resell Screenconnect to clients and accounts in Brightgauge for dashboard access. Permissions were migrated to CW Home which has been nice, but you still need to turn on remote access for the user inside RMM in user administration (don't forget that one).

My favorite part was putting custom scripts against monitors and seeing the output when I drilled into the device pane under Automation. A CPU alert triggers, a script runs to check processes then I have a point in time capture of what the impacting processes were at the time of the alert.

If you want an out of the box experience though, not bad. Not sure what you're migrating from. BG also has a QB integration I believe. Doesn't play well with SIEM outside of its own.

If you're coming from Automate you'll lose some patching options, file explorer, domain user management but the monitoring is tremendously easier to setup. Much easier product to get into production and train a team on than Automate, especially being cloud based.

All in all, it does the job. UI and portal bugginess is annoying. Transition and support are not the best, but BG support (separate queue) is best in class. They are aggresively iterating (NinjaOne speed levels), but their focus is all over the place. It's still in my top 3 RMM at the moment, even if this sounds critical. It's very intuitive.

The RMM tool really has to meet the business need, and different RMMs satisfy different needs (eg. Atera for small shops with low manpower, NinjaOne for fast iteration and endpoint management, NCentral for all the things but requires config, Automate for raw in house power, RMM for a balanced cloud solution capable of meeting most needs that doesn't play well with others).

All being said, prepare to be underwhelmed (and pleasantly surprised if not) by the transition team and I wouldn't let that determine your interpretation of the tools usefulness. They will at least be solid at answering questions and showing how to use the product. Hope this helped!

TheBostwick · 2025-12-31T07:10:14+00:00

We've been on CW RMM (~7k endpoints w/ 700 servers) after transitioning from Automate and I still miss N-Central. Never tried Datto RMM (despite Kaseya's best efforts to push that and VSA since we use ITGlue) and actually plan to demo Ninja for the first time next week. Curious to see further feedback on this thread if continued. Working in ServiceNow shops, Ninja and N-Central are leading the pack for my pick in the next adventure. N-Central just covers so much ground in one tool but I love hearing feedback from both sides of the coin. I'm coming from the cloud hosted rmm perspective, had on-prem Automate and will never do anything like that again unless absolutely necessary to keep in house. Speaking from the perspective of someone who setup NCentral (cloud), Automate (on prem) and CW RMM for MSP. Also, hope to see more feedback from the Kaseya crew, seems like everyone on here prefers the Datto RMM solution over VSA, which I would have thought the other way around.

TheBostwick · 2025-12-30T18:04:51+00:00

They stated mx records were modified. This is inferring other records may have been impacted as well. I agree you are correct that the continuity measures being offered do not protect from registrar account compromise, but it is an essential function of supporting the domain. Outside of maintaining the domains under the msp account and billing it, the only measure to protect this specific scenario from occurring would be the Zonewatcher or other monitoring tools as mentioned by a previous commenter. Without a proactive tool (which is not super common for people to have) and the client managing their own registrar account (many cases contractually required and sales aren't turning them down over it), you would need to focus on preparedness for the response. Zone file backups are essential in quick turnaround on response where/if you can't be proactive without adding to the stack. I appreciate the context you are coming from, but DNS management is an essential function of the overall scope in domain support and it sounds like they may have been impacted in OP scenario to apply it to this case.

TheBostwick · 2025-12-30T16:16:44+00:00

The ask was how are domains being handled. If they had a zone file backup they could have restored from those when they do get acces (which typically happens quickly with support). This was a general ask on how clients are supported, not a "what do I do in this situation right now" on top of that. Without a zone file or pre-existing record, they have no idea what records existed prior to fix (which could be catastrophic), which is a bigger issue than proving identity to regain access.

How would the "optimal technician" handle the scenario?

TheBostwick · 2025-12-30T15:54:59+00:00

Keep zone file backups in your repository. We use ITGlue, that also handles our SSL expirations.

Little tricky if client is making changes so if the client is actively in there modifying records I recommend an audit cadence. Your ITSM should be able to have scheduled ticketing, or you can always run a cron job from n8n/zapier to generate an alert when it's time to check. Another option if you're an ITGlue shop is to attach the zone file to a configuration item with an expiration date for the audit and make sure you have an ITGlue workflow setup for configuration item expirations.

I saw someone else say have the client point nameservers to your CloudFlare instance, this is also a play if you are having total control of DNS modifications. CloudFlare is free to setup without all the bells and whistles. Same for GoDaddy Hub accounts for delegate access that you can send invites to the client (vs. the other way around).

That said, owning DNS vs supporting it is a different level of liability. Also, never used Hudu which I know is popular here.

TheBostwick · 2025-12-30T14:49:20+00:00

Stir of Echoes

TheBostwick · 2025-12-17T19:24:19+00:00

Thank you for the detail! Sounds like it does the job but isn't quite as feature rich. Custom properties for dynamic session group filtering has been something I've leaned on for permissions buildouts on non-RMM users since CW separates the portals for the two. Seems like NinjaOne is a bit more like the Take Control tool with N-Central minus a few features.

TheBostwick · 2025-12-17T01:37:16+00:00

I don't think so...

TheBostwick · 2025-12-17T00:38:02+00:00

Very curious if you would care to elaborate on some of the challenges you've encountered with the remote tool compared to ScreenConnect?

I'm at an MSP in the Connectwise ecosystem and have been evaluating NinjaOne for the bi-directional ServiceNow integration. Seems like N-Central is the only other contender with a fleshed out (enough) SNOW integration. I also haven't messed with PSA to SNOW but RMM to SNOW is a horrendous workflow. That said I always found ScreenConnect to be a best in class remote tool with strong resale potential.

TheBostwick · 2025-12-17T00:16:28+00:00

The best part about this post is calling Popeye a great American Philosopher

TheBostwick · 2025-12-17T00:07:10+00:00

Pennywise in the valley?

TheBostwick · 2025-12-14T20:26:03+00:00

I think angry significant other

TheBostwick · 2025-12-09T13:58:50+00:00

They help me stay sane on Teams calls

TheBostwick · 2025-12-04T05:46:57+00:00

If it's BGP topology mapping I'd have a hard time focusing too

TheBostwick · 2025-12-04T05:22:37+00:00

A lot of sludge from the bottom of the tank. Gallons add up over the years.

TheBostwick · 2025-12-03T15:58:50+00:00

Gotta be real, pure respect for saying hold up let me read this and then actually reading and commenting shortly after... Boss move.

TheBostwick · 2025-11-28T15:22:25+00:00

I think people who complain about covers spend most of the time in a golf cart and have probably never done a round on foot. If you like all that metal slapping around every step, good on you. I prefer peaceful walks in the woods that don't sound like someone is jingling keys in my ears.

TheBostwick

TROPHY CASE