|
Our sonicwall died a few days ago and it was way out of warranty with no support agreement, so I had to replace it with a bunch of little RV042Gs I had lying around. Today the ticket I'm dealing with is that not being able to print from wireless is Unacceptable (right now they're not configured properly with RIP and an edge router because I just didn't have enough time to learn how to do that while everything in the office was down, so there's no real proper communication between subnets except some stuff I fudged with port forwarding). So, I'm looking for something to replace our old sonicwall that can handle multiple subnets, internal and external firewall rules, DMZ, etc. Are the newer sonicwalls worth the price? Their recommended replacement for a 4100 pro is this http://www.sonicwall.com/us/en/products/NSA-E8500.html but that seems like overkill even to me, and finance would absolutely never approve it. Is there a new favorite firewall/router manufacturer I should look at? Bonus: I found out today that my boss (who technically works for a different company in the same building) put in notice last week, so now there's nobody with high-level network planning/provisioning experience in the office at all! Hooray for learning things because you have to or everything will blow up arnbiguous fucked around with this message at 21:36 on Oct 7, 2014 |
#
?
Oct 7, 2014 21:32
|
|
|
|
| # ? May 31, 2024 11:47 |
|
|
Siochain posted:I love that where I work, that's not our rule. The problem is that everyone else thinks it is, so people are always calling us liars. Really frustrating when one and only one client is having issues, and they won't let us troubleshoot, because "I just know its on your end, fix it!". And then you find out they can't get online at all. We're a web-based service. Gee, I wonder why it may not work. Well, I sorta meant that was the rule for all Router providers. I actually gave a poo poo when working for the ISP. It was easier to fix the problem then have them bounce back into the queue an hour later. tehloki posted:Our sonicwall died a few days ago and it was way out of warranty with no support agreement, so I had to replace it with a bunch of little RV042Gs I had lying around. Today the ticket I'm dealing with is that not being able to print from wireless is Unacceptable (right now they're not configured properly with RIP and an edge router because I just didn't have enough time to learn how to do that while everything in the office was down, so there's no real proper communication between subnets except some stuff I fudged with port forwarding). How big of a network are you needing to manage? I have a tiny network here and stuck with the sonicwalls. Meraki devices are pretty good as well from what I saw.
|
|
#
?
Oct 7, 2014 21:35
|
|
|
m.hache posted:Well, I sorta meant that was the rule for all Router providers. I actually gave a poo poo when working for the ISP. It was easier to fix the problem then have them bounce back into the queue an hour later. Nah, it applies to a lot of ISPs, VoIP providers, and anyone else online. Had a lady today insistent our site was slow and causing her problems. As she also can't connect to her VoIP service (not with us). But Google works, so its not an ISP issue. Tried to remote in? Couldn't. But, still us  Sorry, bad day, must rant.
|
|
#
?
Oct 7, 2014 21:41
|
|
|
m.hache posted:How big of a network are you needing to manage? I have a tiny network here and stuck with the sonicwalls. Meraki devices are pretty good as well from what I saw. Up to 100 wired devices on 4 subnets (it varies throughout the year), up to 200 wireless devices (already have unifi APs for this and they're working fine, just, the little RV042G craps out every day or two and fails to assign DHCP leases), 6 servers that require a public IP and external access rules
|
|
#
?
Oct 7, 2014 21:43
|
|
|
tehloki posted:Up to 100 wired devices on 4 subnets (it varies throughout the year), up to 200 wireless devices (already have unifi APs for this and they're working fine, just, the little RV042G craps out every day or two and fails to assign DHCP leases), 6 servers that require a public IP and external access rules Check out Cisco Meraki. They have a pretty solid offering and I've heard good things about them. Not too sure price wise though. Might be a little more than you're willing to spend.
|
|
#
?
Oct 7, 2014 21:46
|
|
|
I'm really going to miss my boss because he was the one who could say something like "we need to spend $x or you will not have this [stability/feature/security policy] you want" and management would actually listen to him, after ignoring me
|
|
#
?
Oct 7, 2014 21:49
|
|
|
Siochain posted:Nah, it applies to a lot of ISPs, VoIP providers, and anyone else online. Had a lady today insistent our site was slow and causing her problems. As she also can't connect to her VoIP service (not with us). But Google works, so its not an ISP issue. Tried to remote in? Couldn't. But, still us 3 years doing tech support for an ISP, and I can see why everyone tries to dodge fault... call times. It takes less time to tell somebody to call someone else than to properly troubleshoot, which lowers you call time average. However, when EVERYONE does this, average call times drop around the board, so everyone gets told to stay under the average again, so you push back sooner and... eventually you have 0 time to do proper troubleshooting, and are just passing the buck around until the customer is so pissed that somebody HAS to troubleshoot with the screaming person. I just love the circular logic that runs businesses.
|
|
#
?
Oct 7, 2014 21:52
|
|
|
We've been passing around a Remedy ticket for the last couple days for everyone to chuckle about - apparently a MSgt put in a request to have Minecraft installed on SIPRnet. We're not sure how the ticket got routed to us since we only handle Exchange and Instant Messaging. Something tells me, however, that there is going to be an interesting meeting between a MSgt and their commanding officer sometime soon.
|
|
#
?
Oct 7, 2014 23:04
|
|
|
guppy posted:The company is splitting into two. One for computers and printers and the like, one for "business technology" (whatever that means) and services. And yes, 55,000+ employees laid off, which is more people than Google employs. Ars Technica article here: http://arstechnica.com/business/2014/10/hp-confirms-breakup-layoffs-hit-an-entire-googles-worth-of-employees/ Heh. HP Ink.
|
|
#
?
Oct 7, 2014 23:31
|
|
|
 god damnit malwarebytes.
|
|
#
?
Oct 8, 2014 00:24
|
|
|
Well, that's the first time I've seen windows say that. What were you trying to clean, so I can avoid that terrible mess? I've been using malwarebytes a lot since I finally accepted MSE does absolutely nothing
|
|
#
?
Oct 8, 2014 00:32
|
|
|
GnarlyCharlie4u posted:
I haven't seen Malware Bytes change a permission (or quarantine the entire Program Files (x86) folder.) What points to them?
|
|
#
?
Oct 8, 2014 00:55
|
|
|
Maybe he was saying like "god drat, malware just bites"
|
|
#
?
Oct 8, 2014 01:05
|
|
|
Malek posted:I haven't seen Malware Bytes change a permission (or quarantine the entire Program Files (x86) folder.) What points to them? I suppose it could just be a harddrive failure but... I clicked on the program folder to open malwarebytes, ran a scan, quarantined a couple of things, went to rescan and got that.
|
|
#
?
Oct 8, 2014 01:55
|
|
|
Kurieg posted:Did belkin basically DDOS their heartbeat server by having all their routers try and refresh at once, or is it something even stupider than that? eh, I think it was more like some sort of internal network problem that took down their heartbeat server, or at least caused connections to drop, and for whatever reason this broke DNS. I didn't pay 100% attention to it because it wasn't my outage and I had better things to do.
|
|
#
?
Oct 8, 2014 02:05
|
|
|
http://krebsonsecurity.com/2014/10/huge-data-leak-at-largest-u-s-bond-insurer/ ^ Bet that generated a few tickets.
|
|
#
?
Oct 8, 2014 02:43
|
|
|
Renegret posted:What follows are steps on how to change your DNS settings to Google DNS. Is there anyone left who hasn't done this already (or who somehow has found an ISP whose DNS servers don't regularly poo poo the bed anyway)?
|
|
#
?
Oct 8, 2014 04:08
|
|
|
Daylen Drazzi posted:We've been passing around a Remedy ticket for the last couple days for everyone to chuckle about - apparently a MSgt put in a request to have Minecraft installed on SIPRnet. We're not sure how the ticket got routed to us since we only handle Exchange and Instant Messaging. Something tells me, however, that there is going to be an interesting meeting between a MSgt and their commanding officer sometime soon. Found "Big Booty Bitches" on a SFC's SIPR side lappy in Iraq. Also, on that same day a 1LT got picked for having a map with grid cords with bases, etc. listed on his personal laptop. Good times.
|
|
#
?
Oct 8, 2014 04:30
|
|
|
Collateral Damage posted:I hate docking stations with the burning passion of a thousand suns. I swear we have more docking station related issues than any other. I know this is from a page ago but I have a good one. We had an issue where certain models of Dells with certain models of docks wouldn't pull DHCP only on certain switch ports. They'd work fine everywhere else, anything else would work fine on those ports. It was a relatively basic setup and I didn't see anything VLAN or port-security related that could have caused it. The only straw I could even grasp at was some sort of line or voltage issue that those docks were intolerant of? But really, who the gently caress knows. The workaround was "don't issue these docks to these floors" and everybody was happy with it. e The Electronaut posted:Found "Big Booty Bitches" on a SFC's SIPR side lappy in Iraq. Also, on that same day a 1LT got picked for having a map with grid cords with bases, etc. listed on his personal laptop. Every cross-domain violation (basically plugging a secure device into an unsecure network or vice versa) was a senior person too, with the exception of retarded joes that try to charge their iPhone off the SIPR USB port. We had to take down an entire medevac comms site until an audit took place because the dumbass CPT surgeon plugged his SIPR external drive with a giant fuckoff DO NOT PLUG THIS INTO ANY COMPUTER OTHER THAN SIPR label on it into his personal laptop, then NIPR, then SIPR. Pudgygiant fucked around with this message at 06:48 on Oct 8, 2014 |
|
#
?
Oct 8, 2014 06:37
|
|
)
|
Pudgygiant posted:NIPR, then SIPR. These stories sound great, but what is SIPR and NIPR for non-Amerigoons?
|
|
#
?
Oct 8, 2014 07:23
|
|
|
Non-classified and Secret computer networks.
|
|
#
?
Oct 8, 2014 07:26
|
|
|
dogstile posted:I would always assume it was someone with access who just, you know, did it. For their own use. The thing is, IT have their own policy, IT are the only people who can manage the proxy (so I know one of 7 people made the change), and no IT staff are in the Directors policy, and infact the IT policy lets you get to absolutely anything anyway so we could browse as much porn as we liked. So it means that someone actually requested this, and someone actually actioned it. The directors policy consists of the CEO and less than a dozen very senior management staff
|
|
#
?
Oct 8, 2014 13:30
|
|
|
less than three posted:These stories sound great, but what is SIPR and NIPR for non-Amerigoons? Secure Internet Protocol Routing Nonclassified Internet Protocol Routing
|
|
#
?
Oct 8, 2014 13:51
|
|
|
tehloki posted:So, I'm looking for something to replace our old sonicwall that can handle multiple subnets, internal and external firewall rules, DMZ, etc. Are the newer sonicwalls worth the price? Their recommended replacement for a 4100 pro is this http://www.sonicwall.com/us/en/products/NSA-E8500.html but that seems like overkill even to me, and finance would absolutely never approve it. Is there a new favorite firewall/router manufacturer I should look at? For 200 wireless devices and 100 wired, plus WAN? Overkill. SonicOS devices are, features-wise, identical as long as you pay the licensing costs. It's all about capacity. A TZ215 at minimum, maybe a NSA 220? How much throughput are we talking, here? Connections/Sec and Mbit/sec?
|
|
#
?
Oct 8, 2014 14:01
|
|
|
dennyk posted:Is there anyone left who hasn't done this already (or who somehow has found an ISP whose DNS servers don't regularly poo poo the bed anyway)? Your average user. So basically anybody dumb enough to buy a Belkin router in the first place.
|
|
#
?
Oct 8, 2014 14:12
|
|
|
less than three posted:These stories sound great, but what is SIPR and NIPR for non-Amerigoons? According to wikipedia, NIPR is for semi-secure but not classified documents and communications. SIPR is for classified stuff. So he took a classified hard drive, hooked it up to the internet, then to the secure domain, then to the classified domain.
|
|
#
?
Oct 8, 2014 14:20
|
|
|
Kurieg posted:So he took a classified hard drive, hooked it up to the internet, then to the secure domain, then to the classified domain. But surely a hard drive carrying that kind of data is locked down tighter than a ducks arse anyway, so data couldn't have been written/read outside of the fancy secure network?
|
|
#
?
Oct 8, 2014 14:42
|
|
|
Ahdinko posted:But surely a hard drive carrying that kind of data is locked down tighter than a ducks arse anyway, so data couldn't have been written/read outside of the fancy secure network? 
|
|
#
?
Oct 8, 2014 14:50
|
|
|
Ahdinko posted:But surely a hard drive carrying that kind of data is locked down tighter than a ducks arse anyway, so data couldn't have been written/read outside of the fancy secure network? How dare you apply logic and sense to this situation!
|
|
#
?
Oct 8, 2014 14:52
|
|
|
A call came in... I don't even remember what the original issue was. I ask her for a contact number. She responds that she could give me her cel number but she doesn't have the phone on her.  The phones she calls from have numbers on them. There are people around who she can ask for the extension to the department she's in. I field calls all day from people who work in a place and have no idea what number people can call them at.
|
|
#
?
Oct 8, 2014 15:08
|
|
|
Ahdinko posted:The thing is, IT have their own policy, IT are the only people who can manage the proxy (so I know one of 7 people made the change), and no IT staff are in the Directors policy, and infact the IT policy lets you get to absolutely anything anyway so we could browse as much porn as we liked. Oh, ok. 
|
|
#
?
Oct 8, 2014 15:09
|
|
|
Is your IT just those 7 people? Having IT able to get out to any site whatsoever is likely more dangerous than Facebook Sue up on 9.
|
|
#
?
Oct 8, 2014 15:17
|
|
|
An update came in, to my KACE box. From the list of resolved issues:  It only took them 4 months after I submited bug reports for both these items but I CAN FINALLY USE APOSTROPHES IN TICKET WORK FIELDS woooooooooooooooooooooooooooooooooo 
|
|
#
?
Oct 8, 2014 15:20
|
|
|
Sirotan posted:An update came in, to my KACE box. From the list of resolved issues: I'm sure that broke something else horribly. 
|
|
#
?
Oct 8, 2014 15:22
|
|
|
Inspector_666 posted:Dude, Linksys has been dead for a while now. The Belkin versions look and feel like 2nd rate DealExtreme knockoffs. I know that, just making a point that it's not just strictly Belkin branded stuff that's affected now, in case anyone still uses (or recently bought) Linksys products. My dad got a new Linksys wireless router earlier this summer to replace his old Linksys gateway that was probably like 7-8 years old, and the new one performs WORSE than the old gateway did - random connection drops, constantly having to powercycle it, slow speeds, you name it. Even a firmware update didn't fix it, it's just a huge pile of poo poo and I wish Cisco would've either held on to the Linksys brand, or sold it to another company that knew what the hell they were doing.
|
|
#
?
Oct 8, 2014 15:24
|
|
|
Irritated Goat posted:I'm sure that broke something else horribly. Yeah actually the list of resolved issues is 2 pages long, and the list of known issues is 4.................... I'm installing the update right now, can't wait to see what will go wrong this time!!
|
|
#
?
Oct 8, 2014 15:24
|
|
|
Sirotan posted:An update came in, to my KACE box. From the list of resolved issues: Someone clearly needs to teach them about magic quotes.
|
|
#
?
Oct 8, 2014 15:50
|
|
|
internet jerk posted:Is your IT just those 7 people? Having IT able to get out to any site whatsoever is likely more dangerous than Facebook Sue up on 9. Yeah 7 onsite and certain stuff is escalated to a third party, but it always pisses me off that every other time I'm trying to google a network issue/download something/whatever, then being blocked because of "Computers" or "Malware" or "hacking site", so I'm all for having open internet in IT Plus SA is classed as "Questionable" or "Cult/Occult" or something really stupid like that. Ahdinko fucked around with this message at 15:56 on Oct 8, 2014 |
|
#
?
Oct 8, 2014 15:51
|
|
|
Ahdinko posted:Plus SA is classed as "Questionable" or "Cult/Occult" or something really stupid like that. Sounds about right. We worship Slenderman.
|
|
#
?
Oct 8, 2014 16:06
|
|
|
|
| # ? May 31, 2024 11:47 |
|
|
tehloki posted:Our sonicwall died a few days ago and it was way out of warranty with no support agreement, so I had to replace it with a bunch of little RV042Gs I had lying around. Today the ticket I'm dealing with is that not being able to print from wireless is Unacceptable (right now they're not configured properly with RIP and an edge router because I just didn't have enough time to learn how to do that while everything in the office was down, so there's no real proper communication between subnets except some stuff I fudged with port forwarding). You could take a look at http://www.sophos.com/en-us/products/unified-threat-management.aspx since Sonicwall is someone they want to take a swing at you might be able to get a good price as a current sonicwall customer.
|
|
#
?
Oct 8, 2014 16:20
|
|
