|
Built out a new office. The AV vendor hosed up badly and didn't finish their poo poo in over half a year. After lots of threats, non-payment of services, etc, they finally commit to coming in and resolving it tomorrow. Switch governing half their poo poo dies over the weekend. Just loving kill me.
|
#
?
Jul 17, 2023 19:07
|
|
|
|
| # ? May 10, 2024 16:59 |
|
|
I hate the entire concept of gig work but I do feel that making getting paid contingent on actually putting resolution notes in the cases you close would improve the usability of our helpdesk software quite substantially. Maybe their manager could manage this team and achieve the same outcome, what a novel concept.
|
|
#
?
Jul 17, 2023 19:13
|
|
|
Thanks Ants posted:I hate the entire concept of gig work but I do feel that making getting paid contingent on actually putting resolution notes in the cases you close would improve the usability of our helpdesk software quite substantially. Maybe their manager could manage this team and achieve the same outcome, what a novel concept. There is nothing people won't game, you would have to have a human reviewing everything. Our helpdesk stood up new ticketing software a while back and made certain fields mandatory. Techs responded by entering "." in those fields.
|
|
#
?
Jul 17, 2023 22:11
|
|
|
The Fool posted:I have about a hundred vnets, a five digit number of subnets, and an equal number of nsg's I can only hope they did. We aren't that large company, but half-assing stuff in the testing/initial setup phase continues to bite us in the rear end.
|
|
#
?
Jul 18, 2023 01:18
|
|
|
https://twitter.com/iammemeloper/status/1680871461622276098 
|
|
#
?
Jul 18, 2023 02:17
|
|
|
 That's being thrown into the group chat at work.
|
|
#
?
Jul 18, 2023 02:33
|
|
|
What kind of monster thumbs-downs that?
|
|
#
?
Jul 18, 2023 04:03
|
|
|
I'm doing training that includes a GPDR rap music video Before anyone else jumps to conclusions / Let's eliminate any confusion / GPDR is so you better tune in / To what's going down in the European Union 🙃
|
|
#
?
Jul 21, 2023 16:20
|
|
|
klosterdev posted:I'm doing training that includes a GPDR rap music video Unless it was Algerian rap straight from the banlieus it's cultural appropriation.
|
|
#
?
Jul 21, 2023 17:19
|
|
|
I sort of understand the reasoning behind it but it grates quite a lot having to e-waste brand new in box Meraki hardware simply because the customer that bought them ended up closing before they could be deployed and the warranty is only valid with the first named owner. These companies shout about sustainability at every opportunity (https://meraki.cisco.com/en-uk/about/sustainability/) and then when faced with the easiest way to be sustainable they throw all that into the bin because they can make more profit doing it this way.
|
|
#
?
Jul 24, 2023 22:04
|
|
|
Don't buy Cisco. I know, easy to say, harder to do. But seriously. Don't buy Cisco.
|
|
#
?
Jul 24, 2023 22:10
|
|
|
Thanks Ants posted:I sort of understand the reasoning behind it but it grates quite a lot having to e-waste brand new in box Meraki hardware simply because the customer that bought them ended up closing before they could be deployed and the warranty is only valid with the first named owner.
|
|
#
?
Jul 25, 2023 01:58
|
|
|
Seconding this. Who cares about the warranty. They can be used as trial / loaners
|
|
#
?
Jul 25, 2023 04:24
|
|
|
Wibla posted:Don't buy Cisco. yes, and: don't buy meraki specifically
|
|
#
?
Jul 25, 2023 05:32
|
|
|
Cisco used to be like "nobody got fired for buying IBM". What is preferred nowadays? It's not my expertise. We ended up with Fortinet our new office and it's ... mostly fine. Some parts feel very amateurish. We were pretty stable using their APs and firewalls, but the L3 switches finally came in after half a year backorder and we're having a lot of mystery issues after replacing our ancient Arubas.
|
|
#
?
Jul 25, 2023 14:01
|
|
|
I am so fed up with Cisco documentation. It is insane how bad it is. I really think they have the worst technical writing in the industry by a substantial margin. I am trying to set up a test implementation of wired 802.1x using Windows NPS as the RADIUS server, partly because it is already set up and working well for wireless and partly because there's no additional cost to it. (I didn't configure the wireless stuff, I am learning 802.1x basics as I go.) It took forever to figure out the new style (C3PL) configuration on the switches, but I think I've finally got it. Now I am working on the NPS side of things, and it's very easy to configure NPS however you want, but while you can always find documentation on Cisco's site that looks like what you want, it usually doesn't actually have what you need. Often there's a wall of text describing the absolute minutiae of the options available to you. But there's never an explanation of when or why you might want to use those options, there's never a sample "standard" implementation. You can read ten pages of Cisco documentation and come away knowing nothing more than you did when you started. I am not doing anything fancy, I just need wired users to be authenticated and assigned to the correct VLAN. I think all I need is the standard RADIUS attributes: Tunnel-Medium-Type, Tunnel-Pvt-Group-ID, and Tunnel-Type. teethgrinder posted:Cisco used to be like "nobody got fired for buying IBM". What is preferred nowadays? It's not my expertise. Cisco still basically has that position, but the main competitors are Aruba and Juniper, plus Arista on the datacenter side (their campus switching options are not very fleshed out, but everyone I've ever seen discussing Arista loved them). I think any of those are fine, but I am not personally very impressed with basic operation of Aruba after a trial. Fortinet is also fine but -- and I've never touched Forti myself -- people seem to think you really want to be full-stack Fortinet if you're going that route. Everyone hates current Cisco firewalls, the usual recommendation is Palo Alto if you have the money and Fortinet if you don't. There are some other vendors but those are the biggies. guppy fucked around with this message at 14:08 on Jul 25, 2023 |
|
#
?
Jul 25, 2023 14:05
|
|
|
Fortinet switches and access points are Unifi levels or worse, you really don't want to go there
|
|
#
?
Jul 25, 2023 16:59
|
|
|
The company owners decided we need a structure that isn't everyone reporting directly to them, which makes sense. They promoted the guy on the penetration testing team with management experience in a previous life to team lead. This is fine. They then went out and hired in someone to be a technical lead/"senior" tester for the team. You know, someone with more certs and experience than us. Which is also fine, maybe we can learn from this new person. Dude shows up, has maybe two years experience but has passed the OSCP. Every technical question I ask him has gotten the equivalent of "lol I dunno" in response. Sure, whatever. Big field and all that. Now we've stopped doing peer review of each other's reports, and the team lead and the tech lead are doing review of our reports. The tech lead has started to remove bullet point formatting from everything... 
|
|
#
?
Jul 25, 2023 19:36
|
|
|
Arquinsiel posted:The tech lead has started to remove bullet point formatting from everything...  You need to sit this person down and politely tell them to stop.
|
|
#
?
Jul 25, 2023 19:50
|
|
|
Deputy likes dots
|
|
#
?
Jul 25, 2023 20:05
|
|
|
Arquinsiel posted:... Why?? That's just such a weird thing to do. It's a little like going through an essay and removing all the paragraph breaks. Of course, some goons post like that...
|
|
#
?
Jul 25, 2023 20:44
|
|
|
teethgrinder posted:Cisco used to be like "nobody got fired for buying IBM". What is preferred nowadays? It's not my expertise. I like Juniper stuff for switches, Palo Alto for firewalls. Not exactly a field brimming with (reasonable) choice though. guppy posted:I am so fed up with Cisco documentation. It is insane how bad it is. I really think they have the worst technical writing in the industry by a substantial margin. It really is extraordinarily bad. They're my go to if I have to pick an example of that awful, overly wordy without saying much and especially not what you need, big corporate technical documentation style.
|
|
#
?
Jul 25, 2023 21:04
|
|
|
I like Extreme for switching, but only because their fabric poo poo seems to actually work, and their engineers will actually respond when poo poo breaks in fun ways. We priced out our current network overhaul project based on ballpark pricing using Cisco SR-MPLS, and figured we might have to add a bit on top because of the inevitable cost overruns and extra consultant hours needed to wrangle that poo poo into a functioning whole. Then we found out that a different division had done the heavy procurement lifting already, but with Extreme, so we're now looking at getting a better performing network than we thought, while also coming in below budget and probably completing the roll-out in a shorter timeframe as well. Best part? We most likely won't have to renumber a bunch of OT poo poo in the process. Thank gently caress for L2-etree. I'm currently on vacation, and I'm itching to get back at it, as I have eight pallets of switches waiting for me 
|
|
#
?
Jul 25, 2023 21:12
|
|
|
Blue Footed Booby posted:Why?? That's just such a weird thing to do. It's a little like going through an essay and removing all the paragraph breaks. Of course, some goons post like that... I've asked you repeatedly to stop calling me out 
|
|
#
?
Jul 25, 2023 23:50
|
|
|
Wibla posted:
|
|
#
?
Jul 26, 2023 01:06
|
|
|
Welp, some bean counter is getting upset that nobody is going into the office so it’s been pretty much declared that I should be going in more than the once every three months that I’ve managed for the last year. My boss just passed the message along and admitted that it was pointless and that I wouldn’t get any work done, thanks for being an effective line manager. I guess I’ll see if I can get away with going in once every 5-6 weeks, not showing up until 09:30, bailing at 16:30 and getting nothing achieved, while looking for another fully remote job.
|
|
#
?
Jul 26, 2023 01:20
|
|
|
Thanks Ants posted:Welp, some bean counter is getting upset that nobody is going into the office so it’s been pretty much declared that I should be going in more than the once every three months that I’ve managed for the last year. My boss just passed the message along and admitted that it was pointless and that I wouldn’t get any work done, thanks for being an effective line manager. Sounds like a good way to get a free lunch! Quarterly department meetings are always catered
|
|
#
?
Jul 26, 2023 03:52
|
|
|
https://twitter.com/fuckeduppcs/status/1684239714734206979?s=20
|
|
#
?
Jul 26, 2023 17:37
|
|
|
I should have thought of that for securing that lovely fan to my motherboard, those little plastic tabs broke if you sneezed at them.
|
|
#
?
Jul 26, 2023 17:51
|
|
|
Footage of the 8 bit guy restoring another lost prototype machine
|
|
#
?
Jul 26, 2023 19:48
|
|
|
super nailgun posted:I like Juniper stuff for switches, Palo Alto for firewalls. Not exactly a field brimming with (reasonable) choice though. We use Juniper switches from access level to core, but we are coming up on replacement time for the access ones, and a few people are pushing for Meraki's, in the hope that we can offload plugging cables in to our Help Desk/HD2 people. Problem is we are being pushed to just find the highest rated one on the Gartner thing and then pick it, because all of our managers are terrified of decisions.
|
|
#
?
Jul 26, 2023 21:02
|
|
|
CitizenKain posted:We use Juniper switches from access level to core, but we are coming up on replacement time for the access ones, and a few people are pushing for Meraki's, in the hope that we can offload plugging cables in to our Help Desk/HD2 people. I'm sorry, what? Is that the rationale they're going with? 
|
|
#
?
Jul 26, 2023 21:50
|
|
|
CitizenKain posted:We use Juniper switches from access level to core, but we are coming up on replacement time for the access ones, and a few people are pushing for Meraki's, in the hope that we can offload plugging cables in to our Help Desk/HD2 people. Every part of this is a bad idea. If you want to move away from Juniper, that's a conversation you can have, but don't do it to go to Meraki and don't let your helpdesk people anywhere near your data closets.
|
|
#
?
Jul 27, 2023 00:59
|
|
|
How often are you doing changes that plugging cables in is worth licensing a pretty expensive switch product just so you can have people who aren’t really qualified go and make changes? Depending on your ratio of ports to outlets it might be cost effective to deploy enough switches to have every outlet lit up so nobody ever needs to move a cable around and on-site hands don’t need physical access to the switches.
|
|
#
?
Jul 27, 2023 01:05
|
|
|
Or keep all your cables plugged in and use a NAC.
|
|
#
?
Jul 27, 2023 01:39
|
|
|
Some context, I work for a regional company that has 200+ locations spread across 7ish states, so almost everywhere is remote from IT. Wibla posted:I'm sorry, what? Is that the rationale they're going with? For whatever reason, we have numerous locations that seem addicted to just up and moving people around on a whim. Or moving printers. Why they are doing this is a mystery to me. The idea is someone can plug a device in, call and someone can click a button and make it the right vlan. guppy posted:Every part of this is a bad idea. If you want to move away from Juniper, that's a conversation you can have, but don't do it to go to Meraki and don't let your helpdesk people anywhere near your data closets. Actually the HD people are terrified of network cables, so honestly its our *users* that are going to be plugging stuff in. Thanks Ants posted:How often are you doing changes that plugging cables in is worth licensing a pretty expensive switch product just so you can have people who aren’t really qualified go and make changes? Depending on your ratio of ports to outlets it might be cost effective to deploy enough switches to have every outlet lit up so nobody ever needs to move a cable around and on-site hands don’t need physical access to the switches. We've tried that reasoning before, but its generally shot down due to costs. I think its dumb, the cost of a switch is small compared to how long it runs and the cost of a building. On some new buildouts, we are doing almost 1 to 1 for drops though. Or at least we can say "The top two ports are always live." gooby pls posted:Or keep all your cables plugged in and use a NAC. That has been "next year" on the budget for a long time. I honestly would rather stick with Juniper, the Mist thing seemed good, you can fall back on doing things in Junos and we've had only a handful die in over 12 years of running them.
|
|
#
?
Jul 27, 2023 02:54
|
|
|
NAC would solve your problems, Meraki won't.
|
|
#
?
Jul 27, 2023 08:36
|
|
|
CitizenKain posted:For whatever reason, we have numerous locations that seem addicted to just up and moving people around on a whim. Or moving printers. Why they are doing this is a mystery to me. The idea is someone can plug a device in, call and someone can click a button and make it the right vlan. You have a policy and process problem, and I'm hesitant to suggest technical controls as a solution. But if it is a business requirement for users to be able to plug in whatever device anywhere, you need to figure out a better method of handling these issues. What exactly is happening in these cases? I'm not sure I understand the sequence of events. The user plugs in a device to a random port that isn't patched, and a... helpdesk tech? goes and finds out what port they connected to and patches it in? The user does this? Nothing about this really makes sense to me. quote:Actually the HD people are terrified of network cables, so honestly its our *users* that are going to be plugging stuff in. That's even worse. Wibla posted:NAC would solve your problems, Meraki won't. I think their thinking is just that you could do this in a GUI rather than in the CLI. But "normal" switches often (always?) offer a web GUI anyway, you just have to turn it on the CLI. And it doesn't solve the problem of the helpdesk folks not knowing why things are the way they are.
|
|
#
?
Jul 27, 2023 10:49
|
|
|
Your dilemma sounds a bit like a customer of ours who wanted all the features of a managed endpoint (enforced full disk encryption, USB storage management, DLP) but didn't want a managed endpoint, they wanted people to have all those features if they decided to use their home computer. Some problems have well proven solutions, and people want to push back against them for reasons. The fix for "every port needs to be live" is to have enough switch ports to have every port live, it's not to try and get such a simple switch setup that random users can go and re-patch things in your racks (you will never get a product simple enough to make this a reality, there will always be someone who unplugs the uplinks and swears they never touched anything).
|
|
#
?
Jul 27, 2023 11:41
|
|
|
|
| # ? May 10, 2024 16:59 |
|
|
guppy posted:I think their thinking is just that you could do this in a GUI rather than in the CLI. But "normal" switches often (always?) offer a web GUI anyway, you just have to turn it on the CLI. And it doesn't solve the problem of the helpdesk folks not knowing why things are the way they are. Access switches are cheap per port, just patch everything up and get NAC working so you don't have to worry about some yahoo plugging in a rpi with 4g somewhere hidden. Problem literally solved. Letting helpdesk gently caress with VLANs is a hard no. We let them see the status of WIFI AP's in Site Engine and that's it.
|
|
#
?
Jul 27, 2023 12:03
|
|