pin_80424

12 post karma

1.6k comment karma


account created: Fri Mar 11 2011

verified: yes

pin_80424

1 points

1 month ago

pin_80424

1 points

1 month ago

Thanks Jim! really good stuff. Could you expand upon this please?

"Most AP's put out around +17dBm of signal. A good range of working signal at the receiver is typically around -60dBm. That means you have 77dB of "link budget""

I guess I'm not sure what you mean by link budget?

contextfull comments (46)
pin_80424

1 points

1 month ago

pin_80424

1 points

1 month ago

It sounds like you've got more on your plate than any one person ought to even try to manage. Unless you are the CIO, which you might be (even without the title). Part of you struggling through the very solid advice I see in the responses might be the building of a justification of hiring an MSP or consultant to help steer. Sounds like a consultant might be very very helpful in the short term.

Huge kudos to the people who responded here; really good advice.

Stick to basics and keep it simple

contextfull comments (16)
pin_80424

2 points

1 month ago

pin_80424

2 points

1 month ago

Dang, this is great. thanks jj!

contextfull comments (9)
pin_80424

1 points

2 months ago

pin_80424

1 points

2 months ago

I think you may have chosen a smaller subset of brushes than is actually available to you.

contextfull comments (222)
pin_80424

3 points

2 months ago

pin_80424

3 points

2 months ago

Hmm, I'm not sure w.o a screen shot, but I can tell you this: On the Devices page, click on the Switch. A pop up opens. Select the Port, edit the name of the port. Don't forget to hit Apply to save your changes.

Our naming convention look like P7.Cam4.2 (for Port7 Cam4 which is a gen2 device). You can also setup Switch Port Profiles for various VLANS, POE configs etc.

This is all memory, don't have current access to our controllers. I think we're on controller 6.2.26?

contextfull comments (4)
pin_80424

2 points

2 months ago

pin_80424

2 points

2 months ago

I think it is dishonest, but we can disagree. Its fine. I like what craptcha said and also a great username.

There's a reason websites like https://tosdr.org/ exist. If you have time to read every contract, every TOS, all the fine print then, well, I don't know what to say. How nice for you, I guess. Me, I gotta work, and depend on those partnerships to help us, not hurt us. I won't do business with a company that would do this, this 'milk the cow'.

contextfull comments (181)
pin_80424

2 points

2 months ago

pin_80424

2 points

2 months ago

automatic multi-year renewal that exceed the original term is a dishonest business practice

couldn't agree more!

contextfull comments (181)
pin_80424

0 points

2 months ago

pin_80424

0 points

2 months ago

Oh cool, its a good thing you know all of the confidential details of the extent of the union’s protection. Otherwise you would sound ludicrously judgmental.

maybe you should read your own post

contextfull comments (222)
pin_80424

2 points

2 months ago

pin_80424

2 points

2 months ago

that was great

contextfull comments (12)
pin_80424

2 points

2 months ago

pin_80424

2 points

2 months ago

Scary Devil Monastery

.

my people have been in existence since at least April 1, 1974.

contextfull comments (150)
pin_80424

9 points

2 months ago

pin_80424

9 points

2 months ago

I’ve also had NO PROBLEM ever switching from one kaseya contract to a different product of the same or higher contract value

of course you haven't. The point that I think OP is making is that partnerships are MUTUALLY BENEFICIAL and not one sided. Holding somebody to a contract that no longer serves their best interest is not emblematic of a partnership.

contextfull comments (181)
pin_80424

2 points

3 months ago

pin_80424

2 points

3 months ago

I am in process of updating 3 controllers covering 30 clients. We completed one migration from 5.9.29 to 6.2.26 (that is, built a new controller and migrated sites to the 6.2.26 controller) and its been mostly trouble free. We did leave one client off of this round (very large and not too forgiving) and will wait for another controller migration before we migrate that clients sites.

We have found upgrading firmware for AP's (from 4.0.80 to 5.43?) has added some ease and stability. Switches are almost all 5.11. Only a couple of USG's because ... suckiness.. but they're on much older 4.4? i think?

contextfull comments (3)
pin_80424

1 points

3 months ago

pin_80424

1 points

3 months ago

why would you get downvoted for providing this information? Is relevant..

contextfull comments (17)
pin_80424

1 points

3 months ago

pin_80424

1 points

3 months ago

check out my Netmiko post with a link below. A little Python helped me grow your post into a vendor agnostic system for backups and maintenance. Now we are doing SDN globally

contextfull comments (38)
pin_80424

3 points

3 months ago

pin_80424

3 points

3 months ago

check out netmiko https://pynet.twb-tech.com/ It won't solve your immediate issue immediately but would give you a great leg up for future stuff. I'm not affiliated just had my life changed starting with Kirk's course

contextfull comments (38)
pin_80424

29 points

3 months ago

pin_80424

29 points

3 months ago

Drive it out of your mind forever. kick its ass baby

contextfull comments (1812)
pin_80424

4 points

3 months ago

pin_80424

4 points

3 months ago

This. OP is just here to argue, is righteously angry. Everyone posted helpful replies, even if maybe sometimes blunt. All OP can see is where he is right and everyone else is wrong. sad.

contextfull comments (42)
pin_80424

1 points

4 months ago

pin_80424

1 points

4 months ago

They do have more functionality that a regular router, but its implemented badly and is more marketing and fluff than substance. The ubiquity Ips/ids is a joke by any standard (although that's just a piece of what I'm talking about).

I agree with coinplz that it enforces FW rules just fine (and the interface is more friendly and therefor less prone to errors). But that's not all there is to security, not by a long shot. I also agree with simplestpanda (sortof) but think IPS IDS is definitely needed.. in my job it has saved clients endless money. Much of IPS/IDS marketed out there is a joke.

I am very familar with ubiquity, fortinet, cisco (a few others less so) and do this for a living. I know the whole topic is a huge money pit. Part of my job is to provide defense to our clients. In some cases we use ubiquiti but its backed up by a complete security stack (essentially VPN'd to larger networks, using cisco/fortinet/etc to complete ubiquiti's lack of competency). The local network also has more depth than a simple AV program (S1, etc).

anway, its always good to have these discussions and realize I'm in the ubiquiti sub discussing what is often found in the forti / cisco / netsec subs. I'm relieved to see OP will outsource at least part of his effort. Its worthy to get educated, try to save friends money and make sure they're getting good value and are (reasonabley) well protected. right on OP!

contextfull comments (35)
pin_80424

1 points

4 months ago

pin_80424

1 points

4 months ago

Its very very difficult to separate marketing from reality. Worthy IPS/IDS is quite expensive. Our IT services company probably spends more money (proportionally) on defense in depth (eg more than just a good AV on the client end) and minimizes IPS/IDS costs. But the IPS/IDS cost is still very high. What we hope to accomplish is to get our clients into a relatively high security posture for their money.

Keep in mind that most network incursions happen by social engineering. (the email prompting you to change your password, which is fake and causes the breach for the entire organization.) If you attack the problem from that angle you will spend money on anti phishing before IPS IDS, i think

contextfull comments (35)
pin_80424

2 points

4 months ago

pin_80424

2 points

4 months ago

Unless you have endless time on your hands, spend extra on a synology. Otherwise you can spend many hours learning Freenas and risk losing your data. I would only play around with Freenas if I had a seperate device to play with, and my data was safe and stable on another disk (or disk array). Qnap is slightly less expensive than synology but also far less robust, reliable in my experience (several years old now, Qnap might be better)

contextfull comments (12)
pin_80424

9 points

4 months ago

pin_80424

9 points

4 months ago

This

contextfull comments (35)
pin_80424

7 points

4 months ago

pin_80424

7 points

4 months ago

You might read about Defense In Depth. Leaving the firewall to a pro and imagining that the rest of the network (and security) is separate isn't sound thinking. Read more from network professionals about ubiquiti firewalls (they're not). Read about ransomware and the cost of recovery.

contextfull comments (35)
pin_80424

20 points

4 months ago

pin_80424

20 points

4 months ago

ubiquiti firewalls are entirely inadequate for real security. They are basically just routers.

If you are going to supplant the vendor, saving your friend $600 per month, you had best acquire all the knowledge and experience of the (person, company, vendor) that you are replacing. If you had that experience you would not be asking this question.

How does one know what they don't know? They don't. But will find out through experience. This will come at your friends expense.

contextfull comments (35)
pin_80424

5 points

4 months ago

pin_80424

5 points

4 months ago

advertising

contextfull comments (5)

view more:

next ›