Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«65 »
  • Post
  • Reply
The Fool
Oct 16, 2003



Literally everyone is using iPads for their pos these days for a reason.

Adbot
ADBOT LOVES YOU

Schadenboner
Aug 15, 2011

I MEAN, TURN OFF YOURE MONITOR, MIGTH EXPLAIN YOUR BAD POSTS, HOPE THIS HELPS?!

The Fool posted:

Literally everyone is using iPads for their pos these days for a reason.

Is it because your touch-screen is a POS?

NevergirlsOFFICIAL
Apr 24, 2004



Revalis Enai posted:

Any recommendation for touchscreen monitors good for POS? I have a spare ITX PC I'm thinking about using it for one of our POS system. I'm getting sick of having to deal with the old rear end Casio-9100s.

Every store I go to that isn't an old-rear end chain uses ipads

Gerdalti
May 24, 2003

SPOON!


Anyone have any opinions on cloud managed / serverless antivirus? Symantec being bought by broadcom seems to be a clusterfuck. I can't even get license renewals.

It looks like both sophos and avast have decent offerings, but I don't have experience with either of them in the past 5+ years.

Digital_Jesus
Feb 10, 2011



Azure Security Center integrated with Win Defender?

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!

Pillbug

Digital_Jesus posted:

Azure Security Center integrated with Win Defender?

Yes but its a different ATP license level. P5 IIRC.

Internet Explorer
Jun 1, 2005





Oven Wrangler

Microsoft Defender ATP

The Fool
Oct 16, 2003



CommieGIR posted:

Yes but its a different ATP license level. P5 IIRC.

Defender ATP is in Windows E5, and last I checked didnít come as a stand-alone add-in.

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!

Pillbug

The Fool posted:

Defender ATP is in Windows E5, and last I checked didnít come as a stand-alone add-in.

I mixed up P5 for O365 and E5 for ATP/Defender

NevergirlsOFFICIAL
Apr 24, 2004



Gerdalti posted:

Anyone have any opinions on cloud managed / serverless antivirus? Symantec being bought by broadcom seems to be a clusterfuck. I can't even get license renewals.

It looks like both sophos and avast have decent offerings, but I don't have experience with either of them in the past 5+ years.

I feel like good idea to get one of those endpoint security dealies that integrate with the firewall like sophos

Internet Explorer
Jun 1, 2005





Oven Wrangler

We had Sophos Firewall and Sophos AV and the AV was such a pig we moved off of it. I wouldn't recommend it.

Gerdalti
May 24, 2003

SPOON!


Thanks for the feedback guys. I am trying to push for defender, but I think I'll get overruled by parent Corp. Symantec literally will not renew my license, so they're out. I'll keep looking and researching.

NevergirlsOFFICIAL
Apr 24, 2004



what about one of the trendy carbon black / cylance / crowdstrike dealies

Potato Salad
Oct 23, 2014

Nobody Cares




Tortured By Flan

Gerdalti posted:

Anyone have any opinions on cloud managed / serverless antivirus? Symantec being bought by broadcom seems to be a clusterfuck. I can't even get license renewals.

It looks like both sophos and avast have decent offerings, but I don't have experience with either of them in the past 5+ years.

Defender ATP is starting to look like literally the best thing you can set up on a windows endpoint fleet, imo

Crowdstrike / Carbon Black are looking okay. Cylance is pretty slick, but I've run into trouble with support.

There's always Fireeye

Moey
Oct 22, 2010

I LIKE TO MOVE IT


I'm just starting a rollout with Carbon Black and I don't hate it yet.

EoRaptor
Sep 13, 2003




Moey posted:

I'm just starting a rollout with Carbon Black and I don't hate it yet.

We run a very large Carbon Black deployment, and as long as you understand what it does, itís actually pretty good for controlling Ďunknowní applications.

Fireeye we have had less luck with, itís a very heavy client with high resource demands. Not popular inside the company.

Frohike999
Oct 23, 2003


Ok, I feel like there's gotta be a better way to handle this. We have a group of developers that all run data conversion programs and want access to the same machines and instances of the program that's running. Their idea is that if one of them is out of the office while a conversion's running, the others should be able to see what's going on with the application (these are Windows applications). I really don't like the idea of creating shared Windows accounts for them to use. Anyone else run into this, and if so how do you get around it?

The Fool
Oct 16, 2003



Run the server/multi-user version of whatever etl software you are using instead of trying to hack something together.

Frohike999
Oct 23, 2003


These are all in-house applications unfortunately, it's already hacked together.

pixaal
Jan 8, 2004

All ice cream is now for all beings, no matter how many legs.

Toilet Rascal

Frohike999 posted:

These are all in-house applications unfortunately, it's already hacked together.

That's a feature request for the in house devs of the applications then. If the issue is going to be forced, just make the shared account and make sure all partied know this isn't the best solution and it should be a feature added. Include some basic stuff that can go wrong but keep it short. Just enough to cover your rear end, not long enough to seem like a rant or tantrum.

Honestly shared accounts just happen in small shops sometimes and there's not much that can be done other than locking it down to a single computer and limit the software it can run so people are only using it for the 1 or 2 pieces of software and not everything.

pixaal fucked around with this message at 18:56 on Feb 25, 2020

Frohike999
Oct 23, 2003


Ok thanks, yeah my initial thought was to tell them to rewrite it to allow for multiple users but realistically that's not going to happen. Ok, well thanks again for the suggestions.

The Fool
Oct 16, 2003



Frohike999 posted:

Ok thanks, yeah my initial thought was to tell them to rewrite it to allow for multiple users but realistically that's not going to happen. Ok, well thanks again for the suggestions.

You should still tell them to do that at first, then when they push back you have the shared account option.

EoRaptor
Sep 13, 2003




Frohike999 posted:

Ok thanks, yeah my initial thought was to tell them to rewrite it to allow for multiple users but realistically that's not going to happen. Ok, well thanks again for the suggestions.

Are these processes running on each workstation, or on some central server(s)?

Perhaps the application could be made to write its logs somewhere shared, or otherwise update its status to a shared location?

Frohike999
Oct 23, 2003


They're typically run on a VM that everyone remotes into.

And yep, I totally agree that this really should be a solution handled within the software, whether updating the status through a log or have the actual conversion process done as a service and make it so the application they're running really just checks on the status of what that service is doing, but I also know that that's just not something I'm going to convince them is needed. I just didn't know if other people here had experiences like this or not.

Internet Explorer
Jun 1, 2005





Oven Wrangler

You're essentially talking about a service account that has to be logged in. If this is the work flow and it is unchangeable, then create a shared account and lock it down so that it can do only this.

If you want to get super fancy there are products out there that can track who is logging onto a shared account. I believe AuthAnvil has that capability. That sort of thing is common in MSP spaces because they don't want to create a domain admin account for all of their employees for all of their clients.

But folks saying to push back are right. It's our jobs to push back against this sort of stuff and make others say it cannot be done the right way.

Frohike999
Oct 23, 2003


I agree with you 100%

Potato Salad
Oct 23, 2014

Nobody Cares




Tortured By Flan

A bunch of enterprise password managers let you connect via rdp via a proxy gateway; in this way, shared credentials are never actually shared, it's just access that is checked out/in.

Example workflow:
1) user logs in to, let's call it Centrythotic.contoso.com
2) user checks out a credential shared with their team
3) user is not actually given the password, but they can click on a link that opens RDP or ssh to lovely-app-06.marketing.contiso.com

Potato Salad fucked around with this message at 04:42 on Feb 26, 2020

Potato Salad
Oct 23, 2014

Nobody Cares




Tortured By Flan

You should be using some kind of password manager / vault; they're so drat handy for flexibly securing access to hacky in-house systems.

mllaneza
Apr 28, 2007


Veteran, Bermuda Triangle Expeditionary Force, 1993-1952





BonoMan posted:

Problem is that department demands every single project file/asset/whatever for every single client from 2009 til now be hosted and available.

Sell them on CC, then tell them how much that will cost versus keeping only a reasonable set of projects online. Putting a read-only copy of the historical projects in each office will be cheaper and get them what they want.

Bu the important thing when someone asks for the moon is to come up with a real cost. Either they gently caress off or you get to do a big budget infrastructure project that will look fantastic on your resume. Either way, you win.

BonoMan
Feb 20, 2002


Jade Ear Joe

mllaneza posted:

Sell them on CC, then tell them how much that will cost versus keeping only a reasonable set of projects online. Putting a read-only copy of the historical projects in each office will be cheaper and get them what they want.

Bu the important thing when someone asks for the moon is to come up with a real cost. Either they gently caress off or you get to do a big budget infrastructure project that will look fantastic on your resume. Either way, you win.

CC?

pixaal
Jan 8, 2004

All ice cream is now for all beings, no matter how many legs.

Toilet Rascal


From context I'm assuming Adobe Creative Cloud Butt

BonoMan
Feb 20, 2002


Jade Ear Joe

pixaal posted:

From context I'm assuming Adobe Creative Cloud Butt

Oh we have CC for Teams now. That storage is nowhere near as robust as we need. It doesn't pool, you have to have asset owners, etc. Just not realistic. Ok for sharing stuff once in a while but not realistic for us. We need server based storage that people can work from rather than just have to keep downloading and uploading from. Especially when dealing with things like massive InDesign files whose file linkage fingers spread out through multiple projects.

Phuzun
Jul 4, 2007



My MSP is looking for another service for phishing simulation and training, if it has account monitoring to make us aware of compromised accounts, that's a bonus. We started with ID Agent and it seems like their domains for the campaigns get nuked by Google safe browsing and others pretty quick, so unreliable to run a long campaign that trickles out the simulation emails. They also offer a few pdfs for user training which means the training burden is really on the few overworked techs to build out. Anyone had good results with other services?

The Fool
Oct 16, 2003



KnowBe4 is kind of the gold standard

We've used Bait and Phish and they were fine

You can roll your own using GoPhish but that doesn't solve your documentation/training problem

Monitor your domains through haveibeenpwned

Phuzun
Jul 4, 2007



KnowBe4 was one I threw out there, so good to see that is highly regarded. I'll take a look into Bait and Phish further.

And haveibeenpwned is exactly what we'd been using prior to ID Agent to recognize why client contacts maybe seeing spam with our customer's names. I get the feeling the salesman likes selling the idea of proactive monitoring, but I've yet to see any hits that were actually recent, they are all hits on breaches that happen weeks or months ago, which means they'd have been screwed already.

e: proofpoint and mimecast were a couple others that seemed to have well rounded offerings plus other services we might be able to integrate.

I've been pushing hard on password policies but management is spineless, allowing customers to literally roll with 'password' on elevated accounts. Just a matter of time. Hell, I had to reset/reconfigure an HP switch because they left the default admin login at a place where they had a malicious employee (who was fired months ago). So very likely he had other crap going on over there. I found this out when we found strange network issues (yay for them charging for network monitoring and having zero monitoring software for networks).

Phuzun fucked around with this message at 01:20 on Feb 29, 2020

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!

Pillbug

3rd'ing KnowBe4.

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

If you have Microsoft 365 E5 licensing then the Attack Simulator is included, canít vouch for its quality.

The Fool
Oct 16, 2003



Phuzun posted:

I've been pushing hard on password policies but management is spineless, allowing customers to literally roll with 'password' on elevated accounts.

I kinda feel like this is just a thing with mspís that support small businesses. Once upon a time I had a client with every single user having the password ďpassĒ

This was only because I pushed back on having no passwords at all.

Mr. Clark2
Sep 17, 2003

Rocco sez: Oh man, what a bummer. Woof.


Thanks Ants posted:

If you have Microsoft 365 E5 licensing then the Attack Simulator is included, canít vouch for its quality.

Do you know if all the users that you run the simulation against need to have E5 licenses? Or is it just the admin that runs the simulation?

Adbot
ADBOT LOVES YOU

ghostinmyshell
Sep 17, 2004



I am very particular about biscuits, I'll have you know.


I'm getting dumped with our Citrix ADC and I know nothing about it. Any good video training on one of those CBT nugget kind of sites or suggestions? No budget for those Citrix classes.

Mainly we have lots of lovely web apps I need to get working with http/https rewrites/offloading and I'm in over my head right now and troubleshooting is pita. Basically it's wireshark and browser dev tools when trying to figure out why something isn't working.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«65 »