@scottalanmiller said in open source hypervisors: do we really have them? do we really need them?:

@matteo-nunziati said in open source hypervisors: do we really have them? do we really need them?:

XAPI is a fully Citrix stuff. I do not think that, if Citrix will drop XAPI, anyone will jump in.

Actually XAPI is made by the Linux Foundation (with sponsorship from Citrix), not by Citrix themselves. It is owned by Xen, as a part of Linux, not be Citrix. XAPI is the base for XCP which Citrix then uses to make XenServer. XAPI is already out of Citrix' hands and developed separately.

I agree with that. At the lest Citrix event I attend, they couldn't care less about XenServer and reccommend VMware.

@bigbear said in Remix Mini: as a Thin Client:

@Dashrender said in Remix Mini: as a Thin Client:

Back when YouTube was mainly Flash based, I never got it to work worth damn in Thin Clients, but if I used a full PC via Windows XP/7 it worked fine!

Windows 7 and 2008 R2 I believe was RDP 8.1 and that was when UDP and a better RDP client came into play. Ive seen some plugins for flash too.

So far I have had zero luck finding a non-windows thin client that supports even RDP 8.

RDP 10 is incredible. We loaded up Minecraft and you cant tell you are in a session.

I think that the official Microsoft RDP app for iOS use RDP 10.

@IRJ said in SMB vs Enterprise:

@Jimmy9008 said in SMB vs Enterprise:

@IRJ said in SMB vs Enterprise:

@Jimmy9008 said in SMB vs Enterprise:

I'm a generalist too; I don't think that puts me at a disadvantage compared to specialists. Where many specialists would get caught up on a project, I have a range of experience which will get me past that problem.

That is a key point. In enterprise, you take a very small amount of responsibility for specific functions vs doing everything across the board. It's both good and bad, but at the end of the day you'll learn more if you have to do everything. Although you may not master a specific area.

Do you have an example of a specialist role? I'd like to see how they compare to a generalist role...

There are so many examples. Let's just take a look at a windows server admin. There is a team for handling group policy, several builds, server patching, server OS troubleshooting, application support for specific applications (these are the guys troubleshooting with the vendors), package deployment, and more.

You probably do alot more than sever admin in SMB. You're evaluating products, talking vendors, deploying actual physical hardware like racks and servers, configuring network equipment, and many more roles that aren't windows admin related.

Agree, that's what I do!

@matteo-nunziati said in SMB vs Enterprise:

never been in enterprise. always in envs with <=50 people - these includes warehouse guys.

On the other side in these 2 years I've literally built their infrastructure, from wiring the company with fiber up to introducing virtualization, backups, standardized printing (no more 15 different printers from 100 vendors) and so... now switching ERP (PITA MAXIMUM!). I've written a couple of web apps. So basically I've been a 360° IT kid, from engineering to fixing printers

I share an experience similar to yours, luckily just the good part :)!

@Dashrender said in Modern iPad security: the most secure endpoint ever?:

@Francesco-Provino said in Modern iPad security: the most secure endpoint ever?:

@scottalanmiller said in Modern iPad security: the most secure endpoint ever?:

@Francesco-Provino said in Modern iPad security: the most secure endpoint ever?:

Why don't go instead with a stateless endpoint that has a completely reproducible configuration in 2-3 taps?

In that scenario, as a stateless endpoint, is iOS buying you that much over ChromeOS?

I think android is less secure because it's a patchwork; also less stable, less integrated with the hardware and based on older design and technologies.
Other than that, I prefer apple hardware.

I haven't looked into it - what make Android a patchwork? I'll agree it's less stable than iOS - but I blame that on the small integration times between versions, so vendors never have/take the time to make things as good as they can be.

People/trade rags are complaining that Apple is boring now, not innovative with the iPhone anymore (and no, removing the headphone jack wasn't innovative ) but then, does it really need to be? There hardware/software integration is second to none. There's probably always polish that can be added, hence some of the recent revisions, but in general it seems to be gleaming the cube.

The kernel is Linux, that wasn't born at all for mobility (big effort of google for making it usable for that purpose), and every vendor has its own customized UI and other parts of the system. So every vendor-related piece is developed as a snowflake by relatively small teams and is at risk of becaming abandonware. Low code quality strict deadlines…

I tried one of the earlier firmware iteration of the S7 edge… just a horrible mess of non-integrated software put together. The cam wasn't working at all. Ok, they fix it in the end, but… light years from what I've seen on my iOS devices.

I would like to point out againthat I'm not a fanboy in any way, I went through the iPhone just because it was my business-supplied phone. It just works for what I need, it's insanely stable and polished.
Maybe the only thing that iOS really lacks at the moment is burning an ISO to a pendrive in a dd-fashion… but I could carry with me a raspberry or some similar micro-pc for that. I don't NEED to virtualize anything on my machine. For any emergency I can fire a VM in one of my server or in a public cloud and reach a machine via ZeroTier or similar stuff. The iPad can act as an internet hotspot if the connection is missing in place.

@scottalanmiller said in Modern iPad security: the most secure endpoint ever?:

@Francesco-Provino said in Modern iPad security: the most secure endpoint ever?:

Why don't go instead with a stateless endpoint that has a completely reproducible configuration in 2-3 taps?

In that scenario, as a stateless endpoint, is iOS buying you that much over ChromeOS?

I think android is less secure because it's a patchwork; also less stable, less integrated with the hardware and based on older design and technologies.
Other than that, I prefer apple hardware.

@scottalanmiller said in Modern iPad security: the most secure endpoint ever?:

@Dashrender said in Modern iPad security: the most secure endpoint ever?:

So why don't you just buy yourself an x86/x64 tablet, install nix on it and be happy?

Why specify the x86 or x64 architectures? Surely x86 would be unthinkably bad. And for a tablet, most of the good options are ARM.

I agree with you. Arm feature less TDP, less power drain, so more battery life… and quite good performance with the latest cpu. Is all against x86 in the mobile sector.

@Dashrender said in Modern iPad security: the most secure endpoint ever?:

@Francesco-Provino said in Modern iPad security: the most secure endpoint ever?:

@RojoLoco said in Modern iPad security: the most secure endpoint ever?:

@Francesco-Provino Yes, the closed, xenophobic iOS environment is secure... and severely limited compared to every other device available. But if that works for you....

iOS has almost everything I need in a mobile device. Of course I have also a lot of server and beefed desktop with Linux for heavy stuff, but I don't think the iPad can be beaten as a everyday carry device…

I absolutely hate windows, I dislike to manage it as a server and I don't want to have trouble with it as an endpoint also (much worse IMHO).

Linux is great, but not that much on mobile.

Mac OS X… is what I'm using now, but there are several things I don't like and I feel it's very tied to the past. It performs well on apple hardware of course, but the latest iteration of macbooks has leaved me disappointed.

Android is similar in many ways to iOS, but iOS polish and integration with the hardware is completely on another planet.
I'm a big fan of Linux, but Android is almost as closed as iOS… if it wasn't true, I would write this post from an Android tablet running KDE and using reKonq as a browser.

So why don't you just buy yourself an x86/x64 tablet, install nix on it and be happy?

Because if Linux desktop (I mean, on desktop pc) experience is less than stellar but acceptable, Linux on mobile is usually not. Problem with pointing devices, strange suspend/resume issues, awful battery life, lack of polished integration with the hardware in general… I've beeb there. With the best of the best, Dell XPS 15.

Of course is getting better for Linux on laptops, but the other OSs experience is still leading.
I know that with a hundred of tweaks, using i3 wm with exactly THAT version of the kernel I can (maybe) get a comparable user experience, I've done it for years, but… why bother?

I use my mobile endpoint mainly as a client to connect to servers and surfing the web, I don't want to wast time and energy reconfiguring this or that nvidia-kmod or the latest pulseaudio weird stuff. Oh, and of course I would have to repeat this snowflake configuration on every new machine.

Why don't go instead with a stateless endpoint that has a completely reproducible configuration in 2-3 taps?

@RojoLoco said in Modern iPad security: the most secure endpoint ever?:

@Francesco-Provino Yes, the closed, xenophobic iOS environment is secure... and severely limited compared to every other device available. But if that works for you....

iOS has almost everything I need in a mobile device. Of course I have also a lot of server and beefed desktop with Linux for heavy stuff, but I don't think the iPad can be beaten as a everyday carry device…

I absolutely hate windows, I dislike to manage it as a server and I don't want to have trouble with it as an endpoint also (much worse IMHO).

Linux is great, but not that much on mobile.

Mac OS X… is what I'm using now, but there are several things I don't like and I feel it's very tied to the past. It performs well on apple hardware of course, but the latest iteration of macbooks has leaved me disappointed.

Android is similar in many ways to iOS, but iOS polish and integration with the hardware is completely on another planet.
I'm a big fan of Linux, but Android is almost as closed as iOS… if it wasn't true, I would write this post from an Android tablet running KDE and using reKonq as a browser.

@Dashrender said in Modern iPad security: the most secure endpoint ever?:

@Francesco-Provino said in Modern iPad security: the most secure endpoint ever?:

Does anyone know if the iPad has gone through an exaustive and reviewed security auditing?

The more I search, the more looks like it has to be much more secure and stable than any Win/Linux/Mac/Android out here.

Well of course it's more secure. It's younger and very single vendor. The other systems you mentioned are old as dirt and most of them are made to be VERY flexible. There are a ton of things you can't do on an iPad, but perhaps your situation doesn't need those things, and you'll be happy with an iPad.

The same can be said for Chromebooks.

I think exactly the same thing.

Does anyone know if the iPad has gone through an exaustive and reviewed security auditing?

The more I search, the more looks like it has to be much more secure and stable than any Win/Linux/Mac/Android out here.

@StrongBad said in Modern iPad security: the most secure endpoint ever?:

@Giggiux said in Modern iPad security: the most secure endpoint ever?:

I don't think Google Chrome is a wrapper on top of Safari on iOS.

It is, all alternative iOS browsers are.

So, why some sites works on firefox-chrome and not on safari in iOS? I read about this thing somewhere else, but it's still unclear to me…

@Breffni-Potter said in Modern iPad security: the most secure endpoint ever?:

Yes but Apple has always had a walled garden approach to their iOS devices.

You can have more freedom and more risk or more security and less freedom, not both.

No problem with iOS freedom as of today. If I have a good ssh client, RDP, mail, nice browser, dropbox/other cloud storage, I'm set .

I was thinking about buying the new iPad Pro 10.5, so I stumbled on this link on security… wow, I'm impressed! I wasn't aware of all the enclave thing, and everything is built on silicon!
It seems to me that modern iOS devices got the best security feature set AND the best security defaults of any endpoint-OS (including Android, Windows, Linux, OSX and the BSDs).

Other than that, it's one of the single case in the industry where there is a single point of trust (apple!) from the hw to the software… controlling the full stack can be a big advantage.

So, what do you think of the modern iPads as secure endpoints (for sysadmin work, of course) from a technical point of view?

I'm in no way an apple fanboy or affiliated with apple reseller etc, just want to buy for myself so I would like to get your feedback about it .

@JaredBusch said in Going over SFF: what do you think of micro business-grade desktops?:

@Francesco-Provino said in Going over SFF: what do you think of micro business-grade desktops?:

@matteo-nunziati I think that now they can have ssd… do you have any pictures of that in the field? How they compared VS the size of an iPad? Standard mount or behind the screen?

You can also buy them with an i7. So I cannot see how it cannot work for anyone. Getone with an i7, SSD, and 16GB of RAM and it is way more power than needed for almost everyone.

I agree with you. No one will ever needs discrete graphic for our business.

@matteo-nunziati I think that now they can have ssd… do you have any pictures of that in the field? How they compared VS the size of an iPad? Standard mount or behind the screen?

Another fake italian…

@Dashrender said in Going over SFF: what do you think of micro business-grade desktops?:

I deployed my first two at this company 2 years ago.

Sadly we still need DVD drive in a lot of places... So SFF are our mainstay.

We need DVDs very rarely and we have capable machines for that, I don't think this could be a problem. Any suggestion on the mount options? I've seen some nice double-vesa supports…

@travisdh1 Like this.

@scottalanmiller I don't know if wiki report every difference between versions, but I know for sure that the last version of MS RDP client on WAN works much better than FreeRDP &co.