@scottalanmiller said in Spectrum VS T-mobile home internet:

Even a lot of fiber services are like that now. And satellite. Upload costs more than download

Not exactly how it works.

Fiber are doing because they choose to use modems that are built that way (looking at oyu AT&T UVerse), or to prevent "abuse" of their network by people buying low cost consumer internet and running everything.

Satellite works that way because power to broadcast versus receive. So yes more expensive only because of hte cost to have a strong enough transmitter.

@jaredbusch said in offline, air-gapped backups / backup rotation (looking for hardware & ideas):

@dave247 said in offline, air-gapped backups / backup rotation (looking for hardware & ideas):

Of course backups can be encrypted. Anything physically attached to the network is vulnerable to malware/ransomware. The point of all this was clearly explained in my original post.

FFS, think a little.
They cannot be encrypted if the datastore is not accessible to anything except the application making the backup.

Thanks for your rudeness, Jared, it is so helpful.

Yes, I do understand what you are saying, however if a system is connected to a network and other systems, it is not air-gapped / truly segregated from the environment and therefore not 100% safe in a total ransomware situation. All applications have vulnerabilities and a skilled hacker (or insider) or well-made ransomware could still potentially get at it.

Additionally, I am not looking at this as any kind of main backup method - I am just trying to mull over ideas for a very last-ditch, fail-safe, "shit hits the fan but we have offline backups though" setup.

@gjacobse said in Recent 3CX experiences:

@scottalanmiller said in Recent 3CX experiences:

@gjacobse said in Recent 3CX experiences:

@scottalanmiller said in Recent 3CX experiences:

@voip_n00b said in Recent 3CX experiences:

Thunk configuration was quick and easy. Must faster then FreePBX (assuming your providers are supported - mine all were

Didn't used to be that way. But it's been a hot minute. I'm sure 3CX has come a long way.

They may have come a long way, but I don’t think I would suggest them to anyone

Not likely. They were pretty bad in the past, both as a product and as a company. But not to the point that I wouldn't take a look again. But their licensing costs is high.

And that is one of the few main reasons. IIRC- Isn’t 3cx based off of freePBX?

Definitely not. If it were, it would be open. It's completely their own code at every level. It's not Asterisk based at all, so FreePBX wouldn't be useful to them anyway. The strength of 3CX is in their proprietary stack end to end. It's also their challenge. They are stuck doing everything themselves, but they also get to build exactly what makes sense for them.

@travisdh1 said in Your organizaion is due for Microsoft License Review email:

@scottalanmiller said in Your organizaion is due for Microsoft License Review email:

That doesn't sound like something from Microsoft.

It really doesn't, I think it's more marketing. It did originate from [email protected], but we know they allow access to microsoft.com domain emails for 3rd party marketing purposes.

No way to know if it is REALLY sent from MS, either. Might be spoofed.

@dafyre There are many options out there.

If you want to do yourself and work on it
https://getgophish.com/

If you want to use a provider, Curricula and Knowbe4 might be your best bet
https://www.curricula.com/
https://www.knowbe4.com/

We have used Sophos Phish and TrendMicro but reporting and the actual templates lack a lot of what Knowbe4 does already. Knowbe4 also has extensive documentation on how to integrate with various email systems and SSO.

You can also educate the users and create a reporting for those emails either via a Plugin or manually forwarding to a dedicated email account. You would also think about separating permissions and tasks from users. So you would have an admin account that is not your every day user login on the computer and so forth.

Red Hat has introduced a new technology, called Stratis, that is a layer combining Linux' existing LVM2 technology and the existing XFS filesystem and merging them together to be managed as a single unit with best practices automatically applied. It's not new per se but takes best of breed existing technologies and puts them together to feel and act more like their more modern competition.

@irj said in Single 32gb DDR4 RAM vs 2x16gb:

I just bought a pre-built desktop from Dell. I opted not to upgrade the memory as it was much more expensive to do through them.

My system is only coming with a single 8gb RAM stick which is obviously unacceptable. The motherboard has 4 RAM slots and supports up to 128GB.

I'm looking at single 32GB sticks vs 2x16. The single sticks are appealing to me because it makes it easier to upgrade in the future. I could eventually have 32x4 to make 128GB.

Now I don't see needing more than 40gb currently which is why I was thinking 32gb would be fine.

Ok that's alot of rambling... My main question is single stick performance vs using RAM in channel. What would you do?

BTDT. I would go with two 32GB.

The future is uncertain and it's much easier to just get what you might need right now. If you can imagine needing 40 GB I'd do 2x32GB right away. Then you have optimum performance and the same memory on both.

@dustinb3403 said in XCP-NG installation on windows server:

@mario-jakovina said in XCP-NG installation on windows server:

@irj said in XCP-NG installation on windows server:

You really shouldn't be booting for USB, and should be using a hypervisor even if it's hyper V (which isn't the best IMO, but still 100x better than booting from USB).
Once you get the hypervisor up and running then you can start creating VMs from it and get up and running.

I don't know what are you trying to say?
@perja11 is trying to install XCP-NG as hypervisor, so it's OK to boot from USB (and install on baremetal)

I think @IRJ was assuming that the OP was attempting to run the hypervisor from a USB drive.

Yeah I mistakenly thought that. @stacksofplates set me straight offline 😂

@dashrender said in UniFi Product stream:

@scottalanmiller said in UniFi Product stream:

@travisdh1 said in UniFi Product stream:

@wirestyle22 said in UniFi Product stream:

@scottalanmiller said in UniFi Product stream:

@travisdh1 said in UniFi Product stream:

@wirestyle22 said in UniFi Product stream:

@travisdh1 said in UniFi Product stream:

@wirestyle22 said in UniFi Product stream:

@travisdh1 said in UniFi Product stream:

I forget off the top of my head which device it is,

The UniFi Access system consists of four elements:

UA Controller: The control center for your Access system, hosted on the UniFi Dream Machine Pro (UDM-Pro). Your UA controller is easily upgradable and offers a host of features that simplify access policymaking as well as personnel, space, and device management.

UA-Hub: A secure I/O hub that authenticates inputs registered by your Access readers (UA-Pro & UA-Lite), push buttons, and sensors. Your UA Hub can also control door locks, alarms, and motorized door openers.

UA-Pro and UA-Lite: The Access system's card or motion reading devices that unlock doors with a swipe of an NFC card or NFC-enabled mobile phone. Please refer to the Current and Future Access Modes section below for more information on current and future access methods.

UA-Card: A NFC card that is specific to your Access system and encrypted with a special algorithm that cannot be replicated, unlike other NFC cards. Your Access system will support any NFC card, so you can retain your current access cards.

It was the Dream Machine Pro I was thinking of. The reviews I've seen all say that if you have to buy a Dream Machine Pro just for the access control that you're better off going with the competition who's overall price will be lower.

That applies if you aren't planning on using the other stuff the Dream Machine is capable of. It's a single device that can manage all of your AP's, Security Cameras, Door Access and soon VoIP. Depending on the use I would think it would be worth it provided you are getting the functionality you want out of it.

That's sounding like a great product for the home, I'll have to keep my eye on them.

It's really not. Think of your home like a business. This is a product for a business that has confused itself with a home.

Sounds like it's not a product for business

It is not, probably not even a serious house product, just something that looks neat to play with (expensive toy.)

What even makes it look neat? To me, being junk, makes it far less interesting than normal gear. Like you are used to a Ferrari and then someone comes along with this Yugo. Yeah... not interesting, at all. Not even as a gadget, because there's nothing special, just crappier versions of what we already use.

Normal people see SPOG and just love it.. one ring to rule them all - that's what makes it 'neat'
neat doesn't make it good or worth while.

Like humans with rings of power. So lame.

thanks everyone for the help, it is greatly appreciated.

@scottalanmiller said in Basic Ubiquiti Network:

@eddiejennings said in Basic Ubiquiti Network:

@jaredbusch said in Basic Ubiquiti Network:

@eddiejennings said in Basic Ubiquiti Network:

The Dream Machine looks interesting, but I'm not inpressed with it also being an 8-port switch.

I have not looked at it yet, but are they fixed switch ports, or assignable? The ER-X is an example of this.

The documentation I've seen doesn't tell me much. It seems like the switch ports create just a plain layer 2 switch. They aren't assignable interfaces like the old EdgeRouter Lite's eth0, 1 and 2.

I believe that to be true.

The old ER Lite were software bridged only and not something you ever wanted to do. Horrible performance killer.

The ER-X and ER-4 have an actual switch chip. You don't have to make each port use it, but it is there.

So you could make eth0 be WAN and eth1 through eth3 be members of switch0

@pattonb Have mercy! 🙀

Things to consider if you do this yourself, once you disable a device if you don't enable it again, it will remain disabled in device manager between subsequent removal/installation.

So it's critical to enable any disabled devices after the fact, or you'll have to manually enable the device through device manager.

Whatever you are downloading is an HTML file. But you are trying to parse it as JSON. That command will only work with a JSON file.

@dbeato yeah, I should probably do that. I should be able to move everything over to my backup host and do it that way.

I know this is an old question that I'm replying to, but I found this post while searching for an answer to a different Citrix problem and I would like to offer some information in case anybody is still having the problem.

Our Problem:
In our environment we noticed when upgrading from Receiver 4.9 CU5 to Citrix Workspace App 1912 CU1 that Citrix App shortcuts were not showing up on the desktop for users. We have the "Show apps on desktop" setting configured via group policy and we have the Mandatory keyword in a lot of our Citrix apps. This all worked fine with Receiver, but with Workspace App, whether it was an upgrade to Workspace App on an existing endpoint or a new installation on a new endpoint, the user's Citrix Apps would not enumerate on the desktop unless the user opened the app pick list or ran a WSA reset.

Solution That Worked for Us:
Add the following Reg strings:
x64 machines - HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\Dazzle
RefreshMs = 3600000
InitialRefreshMinMs = 1
InitialRefreshMaxMs = 1

x86 machines - HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Dazzle
RefreshMs = 3600000
InitialRefreshMinMs = 1
InitialRefreshMaxMs = 1

Enabling Prelaunch on Endpoints also seemed to help with this issue. See the below Citrix Article for more info:

https://support.citrix.com/article/CTX239186

Passthrough authentication is delayed on Workspace App for Windows 18.8.0.19031
Article | AuthenticationConfiguration | 2 found this helpful | Created: 29 Oct 2018 | Modified: 29 Oct 2018
Symptoms or Error
Pass-through authentication is delayed on Workspace App for Windows 18.8.0.19031 Once user logs on to desktop, Workspace App does not log in automatically. User has to right click on Workspace App icon in system tray and click on logon. Application shortcuts are to be placed on desktop - This is enforced by policy. As Workspace App does not log on, apps are also not enumerated on the desktop. If user closes Workspace App and reopens from Start menu, logon is instant.

Solution

Make sure the following registry keys are present:

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\Dazzle
RefreshMs = 3600000
InitialRefreshMinMs = 1
InitialRefreshMaxMs = 1

Use Receiver GPO to enable Prelaunch if it is required

Problem Cause
Prelaunch behavior has been re-designed in newer Receiver/Workspace App

You should never over lap channels that causes co-channel interference. If you have to then as stated above the AP's that are farthest physically apart should use the same channel.
Also, I would turn off 2.4GHz unless you NEED IT and even then you probably don't NEED IT on all 4 AP's. Try just on 2 AP's to reduce interference and see what happens. Many cases in our offices I have either completely turned off 2.4 or I have it on only 1 AP and absolutely no complaints about wifi since I did that.