RedFox @ redfox @infosec.pub

Husband, Father, IT Pro, military service.

---

Read more

Posts

9

Comments

273

Joined

1 yr. ago

Yeah, damn, I always forget about that...just like they want...

Sucks if you wanted a different EV, like Rivian, Leaf, that toy battery truck coming soon...

Knowledge primarily, since I'm not running a business.

At this point, like they say in Chips, TLS inspection is standard...

If your enterprise isn't doing TLS inspection on everything other than banks, medical, gov, they're doing it wrong.

Some times people think the hard part is getting the CA trust setup, but I find it's far more tedious to deal with certain sites and mobile apps especially that do certificate pinning.

I like OPN also. I've always appreciated the stability of the BSDs.

My only personal complaint with OPN/PF was the TLS inspection.

I've read about adding the modules to *Sense, but I haven't figured out the configuration pieces.

It just works with Sophos UTM and XG firewall, and the configuration was super easy.

You always use what you like though.

This is true, the 6 GB RAM limit and four cores.

I run a pretty enterprise home lab, and I haven't ever seen the devices hit the resource limit.

I have around 3k IPS rules and TLS inspection for most categories of sites except the normal stuff like streaming, banking, etc that you'd not want or need to inspect.

For anyone it might help, I use these as inline proxies rather than as the gateway at the moment. So they have more than just internet traffic going through them, they also have segments of my LANs getting evaluated. Performance has been great so far.

hates him and sabotages him at every step

Isn't that also describing his children?

Quick reminder, everyone struggles with wanting to be validated and downvotes by random Lemmy users around the world don't matter.

Take a breather, touch grass/snow and remember no ones opinion on here matters, especially mine 😉

Maybe the reason we've had a bunch of crashes all the sudden is that we SHOULD have fired all them before now? Maybe they are INDEED the geniuses, and WE are the stupid ones...

Won't someone please think of the investors...!

I'm just glad they're still distracted with torrents...

rawdawg some torrents

LOL! Did you spray 1's and 0's in their face when you were done?

Good comments.

Do you think there's still a lot of traditional or legacy thinking in IT departments?

Containers aren't new, neither is the idea of infrastructure as code, but the ability to redeploy a major application stack or even significant chunks of the enterprise with automation and the restoration of data is newer.

Lol, even in 2024 with free VPN/overlay solutions...they just won't stop public Internet exposure of control plane things...

Blank check

Funny how that seems to often be the case. They need to see the consequences, not just be warned. An 'I told you so' moment...

Agreed.

Dont we all use centralized management because there is cost and risk involved when we don't.

More management complexity, missed systems, etc.

So we're balancing risk vs operational costs.

Makes sense to swap out virtual for container solutions or automation solutions for discussion.

Yeah, that's pretty risky for this point in time.

I guess the MBA people look at total cost of revenue/reputation loss for things like ransomware recovery, restoration of backups vs the cost of making their IT systems resilient?

Personally, I don't think so (in many cases) or they'd spend more money on planning/resilience.

Seems like your org has taken resilience and response planning seriously. I like it.

contract "options" are indeed normal. You could also lump in government contracts into the category your thinking about. I've never heard of a scenario where the vendor broke contract by not honoring the options. I also have never dealt with a vendor getting bought out and then not honoring existing contracts. Super fun to watch the corporate drama. I personally don't care for the private equity style business that seems to be an even bigger problem than the investor first/profit centric model that I thought was the worst thing.

My mid life birthday gift was an electric zero turn mower. Already had all electric yard tools. Will buy Tesla or best option in couple years. Never going to a gas station again!

So indeed, fuck gas

Office culture nuances... I enjoy them.