The High Cost of On Premises Infrastructure

coliver

@scottalanmiller said in The High Cost of On Premises Infrastructure:

@bigbear said in The High Cost of On Premises Infrastructure:

@scottalanmiller said in The High Cost of On Premises Infrastructure:

@Dashrender said in The High Cost of On Premises Infrastructure:

I'm less worried about physical theft than I am about someone plugging a USB stick in and infecting the host, etc.

Infect it how? Can you describe this attack vector? When you plug a USB stick into a server, assuming that you have been breached in a datacenter to this level which is essentially unthinkable, and assuming that you've not disabled the USB ports, what would cause the files on the USB stick to be executed, or even mounted?

Dont you watch House of Cards?

No and I'm guessing that this would make me want to avoid it?

They do get a lot of silly technical things wrong, but the story is generally pretty good.

scottalanmiller

@coliver said in The High Cost of On Premises Infrastructure:

They do get a lot of silly technical things wrong, but the story is generally pretty good.

To me this always says "the writers didn't take this seriously and don't think that I should."

JaredBusch

@scottalanmiller said in The High Cost of On Premises Infrastructure:

@coliver said in The High Cost of On Premises Infrastructure:

They do get a lot of silly technical things wrong, but the story is generally pretty good.

To me this always says "the writers didn't take this seriously and don't think that I should."

What is the point in paying for a quality technical consultant to assist the writers when the target audience has no idea what anything is anyway?

Too many people get caught up in the weeds and deride things because of minor details and forget to pay attention to the story.

Now, that said, I have no idea how this show is as I have never watched it.

Also, if the tech is too blatantly wrong, then I will lose my suspension of disbelief and thus not like the show. But generally it has to be really bad for that.

coliver

@JaredBusch said in The High Cost of On Premises Infrastructure:

@scottalanmiller said in The High Cost of On Premises Infrastructure:

@coliver said in The High Cost of On Premises Infrastructure:

They do get a lot of silly technical things wrong, but the story is generally pretty good.

To me this always says "the writers didn't take this seriously and don't think that I should."

What is the point in paying for a quality technical consultant to assist the writers when the target audience has no idea what anything is anyway?

Too many people get caught up in the weeds and deride things because of minor details and forget to pay attention to the story.

Now, that said, I have no idea how this show is as I have never watched it.

Also, if the tech is too blatantly wrong, then I will lose my suspension of disbelief and thus not like the show. But generally it has to be really bad for that.

It's never that bad. They get some of the minutia of US politics much worse then they do the technical aspects in general. The story is actually pretty good, and Kevin Spacey does an excellent job as a sociopath. It's on Netflix highly recommend the first and second season (all I've had time for).

JaredBusch

My servers are in cage with 5 racks. The space my servers is in is part of a half rack rental.

So it is certainly possible that I could attempt something malicious once in. But that is very easily trackable.

Dashrender

@JaredBusch said in The High Cost of On Premises Infrastructure:

Also, if the tech is too blatantly wrong, then I will lose my suspension of disbelief and thus not like the show. But generally it has to be really bad for that.

Swordfish anyone?

scottalanmiller

@JaredBusch said in The High Cost of On Premises Infrastructure:

What is the point in paying for a quality technical consultant to assist the writers when the target audience has no idea what anything is anyway?

I also take "don't take it seriously" as another way to say "I'm not the target audience." I'm not saying it's a bad business decision, just saying that I'm not their target audience.

bigbear

Its actually one of the best shows on.

The data center thing was a setup anyway, some FBI guy wanted him to get caught. As soon as he connect the USB drive he is arrested.

ChrisL

I mean, short of a Mission Impossible-style rappelling from the ceiling kinda thing, it'd be awfully tough for Average Joe Hacker to waltz into a data center and plug a malicious USB in. Key cards, cameras, security guards, etc. are all something they'd have to pass through to get to the hardware.

My favorite, absolute favorite, thing is MANTRAPS.

scottalanmiller

@ChrisL said in The High Cost of On Premises Infrastructure:

I mean, short of a Mission Impossible-style rappelling from the ceiling kinda thing, it'd be awfully tough for Average Joe Hacker to waltz into a data center and plug a malicious USB in. Key cards, cameras, security guards, etc. are all something they'd have to pass through to get to the hardware.

My favorite, absolute favorite, thing is MANTRAPS.

Not to mention that they would have to get in, then identify how to get to the right customer's equipment, then figure out which of that equipment was the one that they were there to target. It is layer after layer of complexity to do this kind of attack - any kind of physical attack in this sort of environment. Just getting in the door, which you could potentially do with a tank, isn't enough. You still have to find the target. I've been in many a datacenter and figuring out which server is which is pretty hard in the sea of machines. They all look about the same.

Sure if you've been in there loads of times, know exactly where it is, know exactly what you are looking for it is one thing. But this requires more and more nearly impossible situations.

Whether it is colocation or even corporate datacenters, I have almost never had access to get to the equipment personally - and I'm normally the senior-most technical person overseeing those systems. It's not like you could grab any casual IT person and have them identify equipment for you.

ChrisL

@scottalanmiller said in The High Cost of On Premises Infrastructure:

@ChrisL said in The High Cost of On Premises Infrastructure:

I mean, short of a Mission Impossible-style rappelling from the ceiling kinda thing, it'd be awfully tough for Average Joe Hacker to waltz into a data center and plug a malicious USB in. Key cards, cameras, security guards, etc. are all something they'd have to pass through to get to the hardware.

My favorite, absolute favorite, thing is MANTRAPS.

Not to mention that they would have to get in, then identify how to get to the right customer's equipment, then figure out which of that equipment was the one that they were there to target. It is layer after layer of complexity to do this kind of attack - any kind of physical attack in this sort of environment. Just getting in the door, which you could potentially do with a tank, isn't enough. You still have to find the target. I've been in many a datacenter and figuring out which server is which is pretty hard in the sea of machines. They all look about the same.

Sure if you've been in there loads of times, know exactly where it is, know exactly what you are looking for it is one thing. But this requires more and more nearly impossible situations.

Whether it is colocation or even corporate datacenters, I have almost never had access to get to the equipment personally - and I'm normally the senior-most technical person overseeing those systems. It's not like you could grab any casual IT person and have them identify equipment for you.

Exactly. It'd be an Ocean's Eleven style heist just to get to the server and it'd have to be AN INSIDE JOB DUN DUN DUNNNNNN

PenguinWrangler

@JaredBusch I think over the next 5 to 10 years as the cost of a 1Gbps connection comes down and the availability of 1Gbps increases, speed of access will be less of a concern.

coliver

@PenguinWrangler said in The High Cost of On Premises Infrastructure:

@JaredBusch I think over the next 5 to 10 years as the cost of a 1Gbps connection comes down and the availability of 1Gbps increases, speed of access will be less of a concern.

I'm not so sure. As speed and access go up so do file size and quantity. I think we're going to get to the point where we have to ask if it makes sense to have fat clients sitting on a desk, instead of zero/thin clients calling back to a desktop pool somewhere.

ChrisL

@coliver said in The High Cost of On Premises Infrastructure:

@PenguinWrangler said in The High Cost of On Premises Infrastructure:

@JaredBusch I think over the next 5 to 10 years as the cost of a 1Gbps connection comes down and the availability of 1Gbps increases, speed of access will be less of a concern.

I'm not so sure. As speed and access go up so do file size and quantity. I think we're going to get to the point where we have to ask if it makes sense to have fat clients sitting on a desk, instead of zero/thin clients calling back to a desktop pool somewhere.

I saw today that Google has a new algorithm that reduces JPEG file size by 35 percent. Would there be a practical implementation for something like that in the IT/data world that would effectively reduce file size? We're moving at a blistering pace in terms of shrinking the size of nearly everything.

scottalanmiller

@coliver said in The High Cost of On Premises Infrastructure:

@PenguinWrangler said in The High Cost of On Premises Infrastructure:

@JaredBusch I think over the next 5 to 10 years as the cost of a 1Gbps connection comes down and the availability of 1Gbps increases, speed of access will be less of a concern.

I'm not so sure. As speed and access go up so do file size and quantity. I think we're going to get to the point where we have to ask if it makes sense to have fat clients sitting on a desk, instead of zero/thin clients calling back to a desktop pool somewhere.

They do, but not at the same pace. For example, the size of a desktop document has gone up since 1997 by a bit, but maybe 2x at most. But the speed of a LAN connection in that time has gone up 1,000x from 1Mb/s to 1Gb/s. And we are on the verge of 10Gb/s to the desktop. And the WAN has gone from 128Kb/s to 100Mb/s in that time, a similar increase.

Sure file sizes have grown, but not proportionally to network speeds. Even things like movie sizes have not grown that much. In 1997 a DVD was 5GB. A BluRay today is 50GB. That's only 10x in two decades.

Not only does the network get faster faster, but compression helps to keep file sizes at bay.

scottalanmiller

@coliver said in The High Cost of On Premises Infrastructure:

I think we're going to get to the point where we have to ask if it makes sense to have fat clients sitting on a desk, instead of zero/thin clients calling back to a desktop pool somewhere.

Why either? Why not web applications? In the vast majority of cases, any kind of "desktop service" is a bit silly. In cases where it is not, something is so dramatically "heavy" that we can't just say that fat or thin clients make sense. It's more complicated than that. But in the majority case, neither style desktop makes sense.

PenguinWrangler

@scottalanmiller we are looking at off loading our document management system. I work at a law firm and we create 3000 to 5000 documents a day easy. Talking to one vendor that is cloud based and they quoted us that we need 3 Mbps connection for 250 people.

scottalanmiller

@PenguinWrangler said in The High Cost of On Premises Infrastructure:

@scottalanmiller we are looking at off loading our document management system. I work at a law firm and we create 3000 to 5000 documents a day easy. Talking to one vendor that is cloud based and they quoted us that we need 3 Mbps connection for 250 people.

That's awfully small. I'd test that before going with that

ChrisL

@PenguinWrangler said in The High Cost of On Premises Infrastructure:

@scottalanmiller we are looking at off loading our document management system. I work at a law firm and we create 3000 to 5000 documents a day easy. Talking to one vendor that is cloud based and they quoted us that we need 3 Mbps connection for 250 people.

I think my parents still have their old dial-up modem laying around if you'd wanna use that instead

bigbear

@PenguinWrangler said in The High Cost of On Premises Infrastructure:

@scottalanmiller we are looking at off loading our document management system. I work at a law firm and we create 3000 to 5000 documents a day easy. Talking to one vendor that is cloud based and they quoted us that we need 3 Mbps connection for 250 people.

Is it a dedicated/bonded circuit to their data center or something?

Whats the budget for this, I think that makes all the difference in the world.