Would a sysadmin really be looking to move away from a Red Hat certification track just because RH behaved like a for-profit corporation? I think it’s naive to assume this will have much of an impact on the reputation and desirability of an RH cert in the business world.
But, I suppose if you just want to avoid giving RH your testing money, then the Linux Foundation certs would be fine.
The whole sudden shutting down of source code repos thereby putting the future of Rocky/Alma at risk, leading to a follow-on effect of sysadmins migrating away from Rocky/Alma and swearing off RH/RH-derived stuff in general.
This is the straw that broke the camel’s back. Red Hat has gotten greedier and greedier since IBM bought it. 99.99% of my work is new RHEL installs, and we are looking at Ubuntu & SLES lately.
Some, yes. I think it still being Red Hat adjacent has us talking about the other two more. Should be interesting to see how it plays out. I doubt much will change and we’ll have to keep having difficult conversations with customers about RH license costs.
LFCS should be on par with RHCSA. CKA is also a good certificate which should get you a good return.
From my point the RHCSA is still a valid exam despite RedHats recent moves. HR Drones and Managers won’t care what RedHat is doing as long as they are supporting their products.
I actually really appreciate just whipping out my phone and hitting “Adopt” when I am setting up new hardware at a site (UniFi stuff). It gets added, updated, and it’s done. Then I can leave and go manage it from the office.
Yes, but the number of hours they can withstand these reads is rather insane. I’ve seen SAS level drives with millions of hours of runtime and no bad blocks. They are pretty robust these days!
I was happy to see the FortiCloud interface was updated recently, and pushing this update was about as easy as can be. I updated over 25 devices in a span of about 2 hours the other night and it all went without a hitch.
Howdy! I actually left /r/sysadmin a long time ago because I found that 90% of posts were just salty IT techs bitching about dumb end users. While I definitely understand the frustration after 15 years in IT, I always hoped for a slightly more constructive community. Hopefully this can be that place!
As one who has to manage an HA pair of PaloAltos AND Fortigates, the FortiUpgrade is just so stupid easy & quick. I don’t understand why people would wait longer than a week or two for the ‘bleeding edge’ people to test first.
Then again, my configuration is so basic there’s not much to go wrong.
It comes down to the risk appetite of the business. You mention a “secure” network, but you already have internet access. So, it seems that some access to resources on the internet is already an accepted risk. Beyond the possibility that a random attacker might leverage the gstatic CDN to attack your network, do you have any other specific threats which make you hesitant to whitelist it? Are those threats large enough that the business would consider them to great a risk to that network? Do you have other mitigating controls in place? Would something like traffic inspection or endpoint protection be a sufficient mitigating control? Can the systems with the offending app be firewalled off from the rest of the network? Could the specific assets needed by cached internally and requests for gstatic redirected? What other compensating controls can be put in place to mitigate the risk?
All that said, have you brought the issued to your management and gotten their input on the risk? In the end, it’s a business decision and should be decided on by the business leaders. If they want to take the risk of allowing that network to access gstatic, that’s on them.
Based on this quick article, softwarekeep.com/help-center/what-is-gstatic-com#…. It feels like just allowing all of gstatic is a bit of a security nightmare. I’d push back and have them identify the parts of gstatic they actually need for their website to work and allow those.
Alternatively, if this application needs a cdn but is only intended for local hosting in the secure network, perhaps a locally hosted cdn could be a good idea.
Without knowing the security in place it’s hard to do much beyond give general maybe this or that.
Depends on how secure your seecure network is, but generally speaking I wouldn't allow it. As you said, it's way to broad and gives away control of what is loading and what comes on your network.
Gstatic.com is a domain owned by Google that serves as a content delivery service that caches all unchanging files in a server near the user to reduce load times. It is used to load content from Google’s Content Delivery Network (CDN) and store static data like JS libraries, stylesheets, and images. Gstatic.com also verifies connectivity to the internet for Chrome browser and Android devices. Google hosts its static content on a specific server called Gstatic to reduce bandwidth usage and deliver the content faster. Gstatic.com also allows users to embed Google Maps images on their web pages without requiring JavaScript. Gstatic.com is not a virus, but security software may display pop-ups about it.
Just subscribed, came here for the same reasons! Hoping this place can take off, because main reason I was going to give Reddit a single of iota of traffic going forward was for the Mega Patch Tuesday Threads, those are so insanely helpful that they are the first place I go before patching now. Hopefully we’ll some going in here as well, maybe our lord and savior JoshTaco will grace us with their presence as well 🤞 🚬
Sysadmin
Newest