I know that this won’t be popular – but at some point you have to establish SOME set of supported environments.
I like clients – and when I was in my early days, I would extend myself to do almost anything to retain a client – but now, it just isn’t worth it. PPTP, L2TP (IPSec), SSL VPN, and DirectAccess – I support all these. If a client says they want something else, I say “I’m sorry, but this is what I support”… From: listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com] On Behalf Of Micheal Espinola Jr Sent: Monday, May 2, 2016 7:12 PM To: ntsys...@lists.myitforum.com Subject: Re: [NTSysADM] Looking for some ideas I hope for and look forward to a healthy discussion about this! I've never come across one that comes to a conclusion. -- Espi On Mon, May 2, 2016 at 3:01 PM, Kurt Buff <kurt.b...@gmail.com<mailto:kurt.b...@gmail.com>> wrote: All, $Company has a set of support engineers whose job it is to connect with customer sites which run our product. There are over 50 of these customer sites, and of course we hope to get more. Our systems at the customer sites are not normally the customers' main set of IT resources, but are usually critical to their operations, so their IT staffs have their own opinions on how to grant access for us to their environments. Therefore, each site has different requirements for remote access, having a multitude of different VPN units (Sonicwall, Juniper, Cisco, etc.) and requirements for different brands of Antivirus installation, and whether or not split tunneling is allowed, etc. Currently our support engineers are using 3 desktop machines with varied OSes, and using a set of VMs running in VMware player, but not nearly enough of them, so that there are frequent conflicts in the configurations of the VMs, what with different versions of VPN and AV software. I expect normally no more than 4 or 5 VMs to be in use at a time - and usually only 1 or 2. My thought currently is to have a set of VMs (one per customer) on a small cluster in a DMZ - our support engineers would be able to access the host, start the required VM, and be on their way. My solution starts to run into conceptual problems, however, when I think about how to power down VMs that aren't in use, and also how to wake up VMs periodically so that they keep patches and antivirus updates. Are there products our there for a given platform that will detect VMs not in use and shut them down, and that will also wake those not running, to let them get patches and AV updates, then shut them down? I'm platform agnostic - we run both VMware (production) and Hyper-V (DMZ) here, and I don't care which one I implement. Of course, whatever solution is proposed should detect machines in use, and not shut them down. Thoughts, input, suggestions? Thanks, Kurt
