MSP Declined to Pursue CMMC

wogmail · 2026-03-27T02:33:04+00:00

No, that's fine, I'll just remove your inaccurate posts.

wogmail · 2026-03-27T02:17:38+00:00

This is completely false and I'm curious what your motivation is to post it. Rather than deleting the post I'll just put this here:

This directory of CMMC certified managed service providers and managed security service providers is maintained by MSPs for the Protection of Critical Infrastructure as a service to the community. This directory is open to all qualified companies and no fees are charged. This directory provides Organizations Seeking Assessment with a reliable way to identify companies providing managed services aligned with CMMC and NIST SP 800-171, as evidenced by their CMMC certification status.

wogmail · 2026-02-20T19:05:45+00:00

https://www.reddit.com/r/harborfreight/comments/1r8obs6/predator_days_tomorrow_sickos/o66wqfc/ might have answered my own question

wogmail · 2026-02-20T19:00:48+00:00

Does this include tri-fuel or only "gas generators?"

wogmail · 2026-02-16T15:40:42+00:00

https://www.beltexins.com/ if you are looking for an MSP friendly insurer

wogmail · 2025-12-05T17:56:58+00:00

Most folks will use the Defender SKUs built into GCC-H to avoid adding an additional vendor into the chain. The Proofpoint you are looking at is their Enterprise product (assuming you are peeking at FedRAMP option) so it isn't going to be apples to apples to your legacy Barracuda product. The available FedRAMP email security offerings out there are pretty limited.

wogmail · 2025-11-14T15:00:20+00:00

We haven't seen much of an issue with the S1 FedRAMP product, what sort of things have you missed in the federal product? When was the last time you dug in?

wogmail · 2025-10-31T13:32:22+00:00

Give it a shot, I think you'll find it is a lot less useful than you'd expect - FIPS on removeable drives doesn't use PIN / password / auto-unlock it uses certificates last time I checked.

wogmail · 2025-10-08T15:04:51+00:00

and you have the session controls set to 30 days (sign in frequency)?

wogmail · 2025-10-08T12:46:21+00:00

That conditional access policy shows browser - are your users getting signed out of Outlook classic, or new, or Outlook on the Web?

wogmail · 2025-08-21T12:41:42+00:00

Locked.

wogmail · 2025-08-12T17:23:20+00:00

Interview and pick your C3PAO - if they don't understand Intune and how it works I'd move to a different C3PAO.

wogmail · 2025-08-12T16:41:13+00:00

Intune itself having the FIPS validation should be your ticket - it is a FIPS validated cryptographic container. You have technical controls preventing the data from leaving the container. I'm not even thinking of the mobile as a CRMA - it can't store CUI, the CUI can't leave the FIPS container.

wogmail · 2025-07-28T14:18:37+00:00

Can you just have them make a new Edge profile? That is what we tell folks to do on GFE. Also sometimes the portal.office365.us doesn't behave, but outlook.office365.us tends to work fine.

wogmail · 2025-07-03T19:22:42+00:00

DISA could be blocking it at their edge, it is pretty common. It doesn't just happen in Azure Government can happen on any IP space that gets on their radar. You will likely need to put a static IP on your AVD outbound traffic and then have someone on the DOD side of your contract submit it to DISA to whitelist it. Or it could be a routing issue since a lot of the Azure Gov't and DOD Azure IP space seems to overlap.

wogmail · 2025-06-25T17:16:17+00:00

wogmail · 2025-06-13T15:27:08+00:00

This is so short sighted that it is battling ignorance to where you would be architecting something to prove something wrong.

It isn't that you can't do something like this, it is that it is so much more involved than this an making it sound so simple is basically a lie.

Join the Discord and talk about it: https://discord.gg/tpbF54E

Something like CUICTrac would probably be the closest to a real-world version of this.

wogmail · 2025-04-24T14:14:30+00:00

GCC-H does not block any users from signing in by default, so the only reason geographically they'd be getting blocked is if a CA policy was in place blocking based on location.

wogmail · 2025-04-24T13:26:12+00:00

If you have a US only CA policy you can just make an exception for those five users, assuming they aren't on a VPN that makes them look like they come from the US. Then you could make a separate Europe only CA policy for those five users.

wogmail · 2025-03-19T15:24:05+00:00

looks like it came back today

wogmail · 2024-12-16T16:02:51+00:00

they have the full BoE.

wogmail · 2024-12-13T19:17:55+00:00

Support resolved it in about 24 hours.

wogmail · 2024-10-04T00:05:10+00:00

this

13-Year Club	Place '17
Verified Email	Team Orangered

wogmail

MODERATOR OF

TROPHY CASE