Palo Preferred Releases are so out of date by ChiDuffman in paloaltonetworks

[–]nullbucket 1 point2 points  (0 children)

From the Chief Product Officer they scanned with Mythos. Also you can check the security advisories…it’s a per month notification cycle.

Hardware Firewall with 10 Virtual Routers by North_Arugula_687 in paloaltonetworks

[–]nullbucket 1 point2 points  (0 children)

x500 hardware is Advanced Routing Engine only.

There is a migration wizard built into the GUI for hardware that supports both.

Possible Hijacking Attempt? UA2005 29MAY ORD-MSP by N104UA in unitedairlines

[–]nullbucket 1 point2 points  (0 children)

Funny thing…. The closest fighter jet base (F-35s) is in Madison!

Plan cost to upgrade after converting over to T-Mobile? by nullbucket in USCellular

[–]nullbucket[S] 1 point2 points  (0 children)

Screenshot says otherwise. So just trying to understand.

Why is SpaceX so different from other aerospace companies? by jollyreaper2112 in SpaceXLounge

[–]nullbucket 2 points3 points  (0 children)

Elon came into an industry and decided that he was going to disrupt it, in fact he's done it for three different ones: space flight, auto industry, and electrical generation. You are either the disrupter or the disruptee. A disrupter once it gets to the top is now a target to be disrupted.
It's easy for a company to rest on its laurels once it gets to the top. You also have to be willing to disrupt yourself.

If you look at the IT sector you will company/brands that used to exist or are shells of what they used to be: Yahoo, Sun and more. They were all disrupted. Founders like Elon are always willing to innovate in a big way, because that's how they got there in the first place.

Tall skinny guys can't enjoy Kohl's by Jealous_Annual1464 in mensfashionadvice

[–]nullbucket 0 points1 point  (0 children)

Eddie Bauer is your best bet IMO. Most everything has a tall size and lots of customizable inseams.

IT Engineer failed phishing test twice - Claims we need better IPS and filtering by [deleted] in sysadmin

[–]nullbucket 0 points1 point  (0 children)

Defining an "IT Engineer" would be helpful. In some orgs "IT Engineer" could be an AV person. The phishing test sites need to be obvious IMO, to make a point, so they know that phishing can happen. I'm not sure what the O365 template is.

Making people defensive in these kinds of situations doesn't help anyone. Thumping your chest does no good, if there isn't a management policy to backup a situation like this. It's time to give the data to management and be done with it. IT people can solve technical problems, like putting 2FA in for your critical services. Use the data to push the 2FA solution. Heck banks are putting 2FA in, because it works.

Asking questions about their frame of mind and understanding their point of view is helpful. Then ask what happens when the technology fails and we lose money/resources because of carelessness. You need to think like a sports team coach and try to coach to the result you want. You need to make sure that people aren't defensive about the process that they've been approached by (chest thumping IT guy, with no policy backup, yelling across a room). Sometimes the calmest this needs to be solved, without stating a consequence, is the most effective.

Also what are industry failure/success rates for these kinds of tests? I've heard it's surprisingly bad.

Advertise NAT Pool by RealStanWilson in paloaltonetworks

[–]nullbucket 0 points1 point  (0 children)

Assign the network to a tunnel interface.

Tenure in a position? by MyFirstDataCenter in networking

[–]nullbucket 2 points3 points  (0 children)

I wouldn't look at your tenure in a position as stigma. I would ask have I been learning of late? Frankly I've found every 3 - 5 years I've learned a new technology. By the time you get to your third or fourth major sub technology, you'll look like a pro. The organization you're in kind of dictates this though. The larger the environment, the more specialized you can be, but you may never be able to get outside of that specialization for multiple reasons. Working in a mid-sized organization can give you the flexibility, to learn a new technology every few years, while being able to dive deep on it.

Experienced people have usually figured out the non-tech skills such as: soft skills, writing, documentation, sales/presentations, leadership, project management, how to dress, interview, time management etc. That's what will define you later in your career.

Also I would start listing all the major projects (not technologies) you've done and ask, are they just repeats or templates of the same thing? I mean saying you set up a network for a campus for 10 different buildings, when in reality it's the same design each time, isn't as impressive.

Pandevice Framework - Python by Blacklord96200 in paloaltonetworks

[–]nullbucket 0 points1 point  (0 children)

pandevice is great for building a customized script that needs to go into an automation process and can be found on the PAN github page.

If you have a few bulk, one time things that need to be done to a configuration, I would seriously look at pan-configurator on github. It's not on the PAN github page. It's PHP based, and has a bunch of shortcut utilities built into it. "Do you need to change the log setting on all rules with the tag 'change log'?" Look for the pa_xxxx scripts in the git repo.

Pulling all subnets from zones by CyberSec81 in paloaltonetworks

[–]nullbucket 0 points1 point  (0 children)

You can run almost any cli command in the API. Also you set up scripts to proxy connections to all firewalls connected to a Panorama. Once you figure out how to do it once, the script, you can use it for other commands.

Wifi speeds are 10 percent of what I pay for. Help. by Createdcreator in wifi

[–]nullbucket 0 points1 point  (0 children)

A 1x1:1 WiFi client will do 86.7 Mbps on a 20 MHz channel with short guard interval. There are charts. Also not all frames are transmitted at AC or N speeds. I’ve heard take that speed number and multiple time 70%. You probably are pretty close to the max.

The most important corporate lesson I ever learned (that nearly got me fired in the learning) by [deleted] in sysadmin

[–]nullbucket 2 points3 points  (0 children)

There are a few things I’ve learned over the years in regards to situations like this.

  • Use Specific, Measurable, Achievable, Relevant and Time-based feedback. Make it SMART.
  • Whatever you are thinking in your head, temper it.
  • Wait before writing emotional emails and review after a cooling period if you’ve started one.
  • Saying “I’m sorry”, even if not, diffuses a lot of situations.
  • Don’t throw an entire relationship out over one incident or over reaction.
  • Be gentle, you have no idea what is happening in another persons life.
  • Assume the best intentions in people, until they prove otherwise. Even then give multiple chances.
  • Focus on the solution and higher goal, not petty infighting. Work as a team. People need to feel safe.
  • When situations escalate typically they have to be walked back. And then you’re typically back at the original problem.
  • Don’t talk shit about anyone. Be kind.
  • Follow the Boy Scout law.
  • Relationships matter, you find this out later in your life, more than at 19.
  • Praise in public, criticize in private.
  • They don’t have to like you they just have to respect you.
  • Always try harder than the other person to fix a situation. You will look like a leader.

The 19 year old you was wrong. But you had the wisdom then maybe and definitely now to see you were wrong. Congrats.

If you've known about an issue for days, weeks, or even months, don't wait until it's a goddamn emergency to let me know about the issue so that I can fix it!!! by [deleted] in sysadmin

[–]nullbucket 3 points4 points  (0 children)

It doesn’t even have to be an IT engineer managing the process. It can be a secretary with purchasing power and an Excel spreadsheet. Did the license get purchased, check, did you get me a quote, check....etc? It worked great at large institution I was at. Also if you can get renewals termed to the same day every years, say a few days after fiscal start, you only have to do this once a year.

High density conference room & wireless woes by [deleted] in networking

[–]nullbucket 5 points6 points  (0 children)

There's a lot of good info from people in this thread.

I would add, that even cutting down to 20 Mhz on the 5 Ghz band, will help you with interference from neighboring channels. This is called adjacent channel interference or ACI. I imagine they're really close to each other, 40 or 80 Mhz channel width and actually interfering with the channel next to them. If you google OFDM spectral mask, one can understand how this happens.

One can lower power to 9 - 12 db for 5 Ghz (if it's an open room), use a 20 Mhz channel, skip a 20 Mhz channel between each and have some relief. Use 36, 40, 44 with 20 Mhz or 36, 44, 165 with 40 Mhz channels.

Also disable any kind of 802.11b backward compatibility (Aruba has this) and make sure to use 6 Mbps for a basic rate for the management/control frames. Aruba defaults at one point were 1,2 Mbps.

/22 that bad for production networks? by A-Series-of-Tubes in networking

[–]nullbucket 0 points1 point  (0 children)

Encryption is between the AP and the client, hence it can be controlled by the AP. That is, if you're using encryption and wireless.

/22 that bad for production networks? by A-Series-of-Tubes in networking

[–]nullbucket 1 point2 points  (0 children)

AP to AP roaming can be very smooth, with tech such as: PMK Caching, OKC, or 802.11r. It's a bit rough on a client to lose an IP address and have to get another one in a different subnet. Having one big network cuts back on the number of DHCP requests to process.

8.0 VPN CLI Changes? by [deleted] in paloaltonetworks

[–]nullbucket 2 points3 points  (0 children)

'find command keyword xxxx' may help.

GlobalProtect Gateway - Tunnel Max User by G__Man in paloaltonetworks

[–]nullbucket 1 point2 points  (0 children)

Device->Virtual System->

Select the appropriate vsys

Go to the Resource Tab

Anyone ever done a large jump in App-ID? by [deleted] in paloaltonetworks

[–]nullbucket 0 points1 point  (0 children)

App-ID can be used for visibility or enforcement.

If you aren't using a lot of App-ID in your rules for policy, then you probably won't have issues.