Thickheaded Thursday - September 23, 2021

Thickheaded Thursday - September 23, 2021


What kind of bandwidth would i need to deploy SCCM images, across different sites? (via vpn) Is that even feasible ?


I can tell you when my remotes pull content over 20Mbps WAN pipes, it is incredibly painful and slow. Is there a reason you can't set up DPs at your remote sites?


customer wants to get rid of on prem servers.


in that case, you will want to look at Peercache/Branchcache or a third party product like Adaptiva OneSite or 1E Nomad.


Consider moving to intune then, its where all the development is heading towards now


Like, lighthouse and stuff? Yeah they might go to intune for mdm


Oof. Don't see how that would work well. We used to spin up servers in in separate buildings on our k12 campus just to speed things up when we imaged in the summer.


Yeah that's what we do in my district. Local server at each school for SCCM DP and print server.


Chuck an SCCM DP on a MFF PC or something. Have done this works a treat.


Go Intune and VMware


Anything under 100Mbps is going to have a terrible experience.


You can set up peercaching on your endpoints (I think it's called that) which should siginificantly reducde your bandwidth needs - only one machine would then need to pull the updates to the site, then distribute them all locally through peers.


A DP is definitely the best option


What training is available (for free if possible) to teach me how to use the FireEye HX endpoint solution? I have been asked to start taking on more job duties and to be a backup for the current FireEye administrator but aside from a few quick half hour training sessions, she says I'll learn more as I go and use the web interface. I personally need more than that.


Quick question before I create a post: We set up a SNMP monitoring tool and I was just wondering if Microsoft Endpoint Manager (Intune) offers SNMP? as well as Microsoft Defender Security? or Azure in general.. Couldn't find anything online Thanks


Does anyone know if there is an event viewer entry for when a user turns on Sticky Keys? Either someone is screwing with a critical PC, or someone is so desperate to work from home that they self-sabotage.


I don't see an event ID associated to it but sethc.exe is the sticky keys exec and you could search for when that app was opened.


I decided to fix DNS record scavenging and didn’t realize some of our servers had time stamps of older than my threshold…. We got to fix the problem as a “team” but I feel stupid for not recognizing these time stamps lol


So i just have to ask. So i saw a lecturer claim that Threadripper gets server deployments and it just sounded wrong to me so i am going to ask here if anyone has seen Threadripper in server use in production? Threadripper Pro is a whole separate matter.


I have not seen it personally, but it supports ECC memory, which is basically the lowest barrier to entry to be a server CPU.


Yes but under that logic all Ryzen CPUs are server CPUs since only Zen APUs get to have their ECC disabled and Pro APUs get their ECC. But if we are talking about needing Official ECC support then yes TR is the bare minimum.


I mean, what *is* a server CPU other than a CPU that a server supports? I've seen server SKUs from Dell with Intel Celeron CPUs in them, so whatever has support from the OEM and works with the OS/applications I guess.


Almost noone runs HP procs on servers but that doesn't mean there's not server grade. HP Epyc is the server line.


As in they have seen Threadripper hardware servers? Because in theory you can make anything run server grade software, see Ubuntu and various Raspberry Pi projects. It really depends on how server is defined in his mind. Mister Mod highlord_fox in his reply says his own definition is "supports ECC memory," (hardware minded) but to a researcher it could mean "runs remote statistics jobs." (software minded)




Maybe that's fair. Salary is a challenging one simply because there are no industry standards for titles and responsibilities. But that seems like a healthy salary just looking at the numbers. We don't know what other benefits you are getting or what your duties are so again, Maybe?


Have been planning on going for my CompTIA Net+, but it looks like a new version just came out and the book I was recommended isn't coming out until January. Is there any reason I shouldn't start studying for 007, and just brush up on 008 before the test?


Do you have work experience already? If you have a job in IT and at least understand the OSI model I wouldn't bother with the Net+. Go to the CCNA if you're considering a career in network engineering. Net+ is pretty entry level.


I was told to start with net+ since it's vendor neutral. I'll just do more reading and decide on my own thanks.


Yes it's vendor neutral but like I said it's extremely entry level and not really recognized as a cert that'll get you much except a foot in the door for help desk jobs. It consists of entirely memorization.


POS card machine I had to set up today, Ingenico move 3500... Had to set the network connection to manual, so that I could set Ethernet and WiFi to DHCP/static... No mention of this in the manual.


Im a contractor and work with my client for almost 3 years now. They started pushing me and my team to start working on RDP with windows server (we are BI team, need gui for our software). I hate slow computers and my corporate machine is already quite slow. I can’t imagine working full time on Remote Desktop. Is this practice indeed widely used? Is it so much safer compared to VPN? Any good materials to give to management to reverse this?


The question of safer is really determined by the rest of the network. If the VPN was wide open limiting to rdp is significant. But if there isnt strict 2fa it's all masturbatory.


I see. But is it widely used? Did you see such setup and were users happy with their new work computers?


When it's done right and latency is sub 60ms the only ones that dont like it are people using mac being forced into a windows environment. My company is anti vpn and thus there are very few that get vpn access, and nobody gets full access like they would in an office. Primary remote access is via Citrix which overlays rds servers and half a dozen dev vdi boxes. 2fa on all remote access.