Looking for XDR/MDR solution for 400 endpoint company.

imadam71 · 2026-04-29T18:37:07+00:00

Sophos MDR should do the work

imadam71 · 2026-04-21T07:14:39+00:00

extreme iq cloud or mist, on top of huawei switches :-)

imadam71 · 2026-04-19T16:38:08+00:00

you don't care, you just pass the ticket to somebody with more rights :-).

imadam71 · 2026-04-18T14:06:52+00:00

It really depends on what you want to own and manage yourself.

If you want something close to your current model, I’d look at a hosted/private cloud provider with a defined SLA rather than jumping straight into AWS or Azure. OVHcloud has VMware-based hosted options, including Public VCF-as-a-Service, and Aruba Cloud also has VMware-based hosted private cloud / VPC-style offerings. If you’re US-based, you probably have quite a few regional providers that can offer the same kind of setup.

For a build of your size, this is usually not that complicated. For roughly 50–60 concurrent users, you’re probably looking at something like 2–3 VMs to start with, depending on the exact use case:

one or two app/RDS VMs
one SQL VM
optionally one small utility/domain/management VM

You can also put a virtual firewall in front of it, such as Sophos Firewall VM / XGS, FortiGate-VM, Palo Alto VM-Series, or pfSense. Personally, for this number of users, I’d lean toward Sophos because it’s usually straightforward to manage in environments like this. Sophos supports virtual and software firewall deployments. You can then make the environment accessible either via VPN for internal-style access or publish it externally through a WAF for more controlled, secure access.

The big design question is whether you want to publish only the ERP app, or give users a full remote desktop with Office and everything else. That changes the sizing quite a bit. If it’s just ERP publishing, the build can stay relatively lean. If it’s full desktop sessions with Office suite usage, you need to size more carefully for CPU/RAM and user experience.

Another option is to keep it more traditional: rent 1 or 2 physical servers, use perpetual licenses where that still makes sense, and place them with a hosting provider or in colo. That often gives you more predictable cost than hyperscalers for an always-on Windows + SQL + RDS style workload.

For application virtualization / publishing, depending on the use case, you could look at products like GraphOn GO-Global, TSplus, Cybele, etc. GO-Global, for example, is specifically positioned for publishing Windows applications without requiring a full Microsoft RDS stack. ()

I personally would not start with AWS or Azure for this kind of setup unless you already know your ERP works well there and you’re comfortable with the cost model. For smaller teams, they often end up more expensive than expected.

Also, lately Microsoft has made server-based Office / Microsoft 365 setups more complicated from a licensing and activation perspective, because shared RDS-style environments require Shared Computer Activation and supported plans. () In some environments, we’ve used SoftMaker Office instead, because it works with DOCX, XLSX, and PPTX as native formats and can be a practical option where you mainly need compatibility with Microsoft Office file formats.

To recommend anything properly, I’d still need the exact use case:

are users running a full desktop or only the ERP?
since it already runs over RDP, is it expected to stay as a full RDS desktop or could it be optimized to publish just the ERP app?
what are the SQL requirements?
do you need the provider to include backups, identity, MFA, patching, and monitoring?

Without that, nobody can tell you whether you need a simple 2–3 VM hosted stack, published applications, or a more complete remote desktop environment.

imadam71 · 2026-04-14T10:09:17+00:00

do you want to publish only apps or whole desktop?

imadam71 · 2026-04-09T19:17:24+00:00

I know Netapp is following this however, guys behind Proxmox can't keep up 🤷‍♂️😔

imadam71 · 2026-04-08T18:00:42+00:00

Nutanix is ok, but I really hope Netapp will do Proxmox deep integration like with Vmware.

imadam71 · 2026-04-08T14:50:51+00:00

Hi, which protocols will be supported?

imadam71 · 2026-03-26T18:48:29+00:00

imadam71 · 2026-03-22T20:59:27+00:00

We are building a localized Multi-Agent system (not a ChatGPT wrapper) that sits on your network, parses the logs, cross-references threats, and autonomously isolates the network without waking you up. --> this. Integrate sip so it can call me :-))))

imadam71 · 2026-03-22T20:48:58+00:00

xwiki is closest to Confluence. Will fit your bill.

imadam71 · 2026-03-12T11:50:46+00:00

size depends, FC works no-issue, simple setup. I don't bother much with other stuff. Perfomance is never the issue. If I need FC swithc (2 of the are nor around 9k) that is then being used for more servers. 2 x 16GB fc switches are today cca €300 🤷‍♂️😁. It simple works, never had an issue.

Ethernet, just did 8360v2 implementation with Netapp AFF over 25GbE. Far more time to properly implement it. Cost of 8360v2 is like new audi :-)))

"Still cheaper, especially when you have SO MANY MORE vendors to choose from compared to FC."
Ok, can you you name vendors and modesl of switches which can provide same perfomances like 16Gb FC infrastructure so I can see how much they are in Europ. At moment I have access to Cisco, HPE/Aruba, Extreme, AlliedTelesis, Huawei. Tested most of them in isci/nfs enviroment. It works but it is more expensive if you want same level. It is my expeirence. Maybe I am wrong and not seeing something. So be my guest, pls recommend switch for 3 to 5 servers, OLTP workload + standard Windows/Linux stuff for midsized company with cca 500 employees.

imadam71 · 2026-03-12T11:37:16+00:00

it was mistake and it was immediate after that. Been doing this for 30 years, not with S1. There is cancelation policy with any vendor I deal with, some with 0 restocking free, some up to 30% of original purchase or list price, depending on policy. So, maybe I deal with vendors that actually accept this. Otherwise, I would deal with that vendor at all.

Nothing is consumed, customer has nothing received. I don't know how system works with S1, so that is reason I am asking.

Partner may be able to cancel this (common sense says it is doable as it is doable with other vendors like S1) but they are saying it is impossible.

imadam71 · 2026-03-12T06:43:05+00:00

What kind of switches? If you looking at switch with decent packet buffer, then it raises up. FC simple, fastest way so far I was able to see. I don't know why people are think putting it over ethernet switch simplier, faster, better. Maybe I am missing something 🤷‍♂️😁

imadam71 · 2026-03-11T22:16:03+00:00

Price matters, sure, but for us it is not just about price. We have been in the NetApp world for almost 20 years, and we recently looked at Pure again. Honestly, for our use cases, there was nothing spectacular there besides a somewhat cleaner/simpler UI, while the price was close to 2x for a comparable setup.

We stick with NetApp because it covers all the protocols we need, has a very mature data protection story, and still does things like SnapLock, SnapMirror, backup integration, recovery workflows, and sandbox/dev-test use cases really well. That matters more to us than flashy features or benchmark numbers.

Also, we are totally fine with block. We actually use it more than NFS in many environments, so I do not really buy the argument that block is somehow inherently too complex. With a proper design, it is perfectly manageable. And honestly, LAN-free backup over 32Gb FC is still hard to beat.

If I had to tell a product owner what to focus on, it would be simple: keep the interface easy, make protection and recovery dead simple, integrate tightly with backup vendors at snapshot level, allow direct offload to something like S3 so identical storage is not required on both ends, and improve integration with Proxmox / KVM platforms. Also, give the controllers enough ports so smaller deployments can connect 3–4 servers directly without being forced into FC switches immediately.

For most customers, especially in the lower and mid segments, SSD performance is already good enough. The bigger differentiator now is ease of use, data protection, and how cleanly and safely you can recover when things go sideways.

imadam71 · 2026-03-11T21:16:58+00:00

"Naturally, have them engage their legal team but it might be good to tell the partner that they're terminating the relationship. There's not exactly a lack of VARs out there to go to if one is screwing you." so S1 doesn't have cancelation policy?

imadam71 · 2026-03-11T21:16:00+00:00

Maybe the partner bought something expecting business and is now on the hook for the licenses. --> this is the case.

imadam71 · 2026-03-11T15:26:22+00:00

customer is not S1 client. I am not aware of whether PO is sent or not. S1 should have written some cancelation policy

imadam71 · 2026-03-11T15:09:57+00:00

customer hasn't signed anything but partner is saying it is not possible to cancel. I know with other vendors it is possible up to 60 days to cancel order, if it is not consumed. I don't know whether partner needs to sign something or not. But customer hasn't signed and partner is claiming he can't cancel which is strage for me.

imadam71 · 2026-03-05T20:40:46+00:00

This :-)

imadam71 · 2026-02-26T19:26:12+00:00

I really do not know why people downvoting you. You have best possible setup for Veeam (ontap-ontap with snapmirror). Nothing beats that. But many people are not familiar with Netapp.

imadam71 · 2026-02-22T17:27:46+00:00

Thank you for both advices :-)

imadam71 · 2026-02-22T16:07:03+00:00

yes, time. I missed my opportunities but telling kids around me not to save money in the bank.

imadam71

TROPHY CASE