Starting own IT consultancy - Gathering list of tools required and recommendations
-
@Ambarishrh for Mac remote desktop look at Apple Remote Desktop
-
@larsen161 said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@Ambarishrh for Mac remote desktop look at Apple Remote Desktop
That's for controlling MAC which is on the same network
-
Yes, I would presume you have access to the local lan via VPN and then access is available to those 'local' machines.
-
@larsen161 said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Yes, I would presume you have access to the local lan via VPN and then access is available to those 'local' machines.
that would suck, you never want to be on a VPN with clients.
-
I got to know of Anydesk, recently, by a local Sophos channel partner .. I quite liked it ... While, it's not as polished as Teamviewer, it has small foot-print, and work pretty smooth ...
@scottalanmiller said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@larsen161 said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Yes, I would presume you have access to the local lan via VPN and then access is available to those 'local' machines.
that would suck, you never want to be on a VPN with clients.
Why would one, never want to be on VPN with clients ?
-
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
I got to know of Anydesk, recently, by a local Sophos channel partner .. I quite liked it ... While, it's not as polished as Teamviewer, it has small foot-print, and work pretty smooth ...
@scottalanmiller said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@larsen161 said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Yes, I would presume you have access to the local lan via VPN and then access is available to those 'local' machines.
that would suck, you never want to be on a VPN with clients.
Why would one, never want to be on VPN with clients ?
There is a significant amount of risk involved.
-
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
that would suck, you never want to be on a VPN with clients.
Why would one, never want to be on VPN with clients ?
Okay, there is an obvious exception to the "never" which is... when you have a dedicated work station for each client (this could be a VM.)
The reason that you never want to VPN with clients is that you don't want to be exposed to anything that they might have on their networks, you don't want to expose them to anything that might be on your network and you certainly don't want the legal liability of cross exposure between clients. It's a security risk and a management nightmare.
And it's not effective in any case, because there are no systems that effortlessly transition from network to network. If you are using a Windows desktop, for example, you will not be able to join the AD at different client sites, so the value and logic of VPNing in is lost.
VPNing is slow, cumbersome, ineffective, insecure and potentially causes legal exposures that no IT firm should want to have. And I know companies that will fire MSPs for even accepting VPN connections from customers because it means there is a security risk across the board. The MSP can't secure themselves if they are at the mercy of the least secure of all of their clients, combined.
-
Okay, I kind of agree to the part about the security risk ... But, steps can be taken, at both ends, to reduce this type of exposure... All our clients, have most of the recommended/necessary layers of security, and the same holds true, at our end ...Agreed, none of that is %100 fool-proof .. But, then, by that same definition your or your client's network could get infected/attacked, even without VPN ...
-
We use VPN extensively, to provide remote support to our clients... We have an 8mbps Internet connection, but a lot of our clients have connections as low as 2 mbps; but we've never found VPN to be slow, cumbersome, or ineffective ..
-
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Okay, I kind of agree to the part about the security risk ... But, steps can be taken, at both ends, to reduce this type of exposure... All our clients, have most of the recommended/necessary layers of security, and the same holds true, at our end ...Agreed, none of that is %100 fool-proof .. But, then, by that same definition your or your client's network could get infected/attacked, even without VPN ...
Absolutely, but that risk is multiplied, and fast, when you use a VPN. It's a totally unnecessary exposure. I can't believe that any customer, anywhere even allows it, yet many demand it.
The only real step that you can take is having dedicated machines (or VMs) per customer. As someone who has worked in finance, I can tell you, any vendor that tries to use a VPN is an ex-vendor. In the SMB space it is common. I have no idea why, but it is. In the enterprise, it's frowned on very strongly.
-
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
We use VPN extensively, to provide remote support to our clients... We have an 8mbps Internet connection, but a lot of our clients have connections as low as 2 mbps; but we've never found VPN to be slow, cumbersome, or ineffective ..
Can you work on many clients at the same time? if so, how do you isolate them from one another effective? How do you make it fast and efficient to connect when they all use different VPN technologies (ZeroTier, Pertino, OpenVPN, Cisco IPsec, etc.).
We use direct remote access technologies and often can be working on two clients faster than client with VPNs can even connect. Maybe there is some cool VPN management system out there, but to do VPN you need two steps for any action rather than one. You can't make any connection or do any work until after the VPN is in place. And the number of security processes that must be maintained at both ends is big and it means that you must have 100% control of 100% of the clients (that use VPNs) or you take on way too much risk.
-
@scottalanmiller said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Okay, I kind of agree to the part about the security risk ... But, steps can be taken, at both ends, to reduce this type of exposure... All our clients, have most of the recommended/necessary layers of security, and the same holds true, at our end ...Agreed, none of that is %100 fool-proof .. But, then, by that same definition your or your client's network could get infected/attacked, even without VPN ...
Absolutely, but that risk is multiplied, and fast, when you use a VPN. It's a totally unnecessary exposure. I can't believe that any customer, anywhere even allows it, yet many demand it.
The only real step that you can take is having dedicated machines (or VMs) per customer. As someone who has worked in finance, I can tell you, any vendor that tries to use a VPN is an ex-vendor. In the SMB space it is common. I have no idea why, but it is. In the enterprise, it's frowned on very strongly.
Not common in just SMB space, I've seen it with Large Enterprises too ..
Would say that the same risk applies, when an employee working from a remote location, connects via VPN ?
-
Yes, 100% control of 100% clients (If the client approves of it, and most do) ... We do this for remote support for most of our clients, where we have setup their IT infra... The VPN technology used is same for most, but yes, some are different .. But, no host ed VPN, for sure ..
We are comparatively a smaller company, with a comparatively smaller client-base .... For, most parts, one person from our end, is connected to just one client.. However, I think multiple simultaneous VPN connections have been made... I recollect, a colleague doing something with routing table to accomplish this ...
-
Haven't read everyone else's recommendations but I think Wireshark and Metasploit are great tools that anyone in IT should familiarize themselves with. I'm working on that now as well.
-
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Yes, 100% control of 100% clients (If the client approves of it, and most do) ... We do this for remote support for most of our clients, where we have setup their IT infra... The VPN technology used is same for most, but yes, some are different .. But, no host ed VPN, for sure ..
We are comparatively a smaller company, with a comparatively smaller client-base .... For, most parts, one person from our end, is connected to just one client.. However, I think multiple simultaneous VPN connections have been made... I recollect, a colleague doing something with routing table to accomplish this ...
That becomes super complex if the clients have overlapping IP address ranges. When we were tiny we tried to get clients to all have different IP spaces. That doesn't scale well (often failing at the first client as people just won't change.)
-
@scottalanmiller said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Yes, 100% control of 100% clients (If the client approves of it, and most do) ... We do this for remote support for most of our clients, where we have setup their IT infra... The VPN technology used is same for most, but yes, some are different .. But, no host ed VPN, for sure ..
We are comparatively a smaller company, with a comparatively smaller client-base .... For, most parts, one person from our end, is connected to just one client.. However, I think multiple simultaneous VPN connections have been made... I recollect, a colleague doing something with routing table to accomplish this ...
That becomes super complex if the clients have overlapping IP address ranges. When we were tiny we tried to get clients to all have different IP spaces. That doesn't scale well (often failing at the first client as people just won't change.)
In this situation you have to setup translations of your own. I connect to a hospital that does that. They have a translation inside their Cisco router for the connection to me.
-
My own MSP lasted like three months. Honestly, I didn't market hard enough to get anough billable clients to completely supplant my 9-5 salary.
But...lesson learned.
My tools I used were LogMeIn for remote access. The remote client was great to help folks from my iPhone/laptop. For ticketing, I used an excel sheet. Ghetto, I know.
For invoicing and proposals, I used Google Docs.
Ghetto. I know. -
@FrostyPhoenix said in Starting own IT consultancy - Gathering list of tools required and recommendations:
My own MSP lasted like three months. Honestly, I didn't market hard enough to get anough billable clients to completely supplant my 9-5 salary.
Starting an SMB is hard. Starting an MSP is one of the hardest SMBs to do. It's a nearly impossible market without competition, and there is a lot of competition!
-
@scottalanmiller said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@FrostyPhoenix said in Starting own IT consultancy - Gathering list of tools required and recommendations:
My own MSP lasted like three months. Honestly, I didn't market hard enough to get anough billable clients to completely supplant my 9-5 salary.
Starting an SMB is hard. Starting an MSP is one of the hardest SMBs to do. It's a nearly impossible market without competition, and there is a lot of competition!
Even if you are wanting to run a mostly local business.
-
When our company was considering a move into the MSP space, we talked to a lot of other MSPs. (None of who were competition for us.)
And we heard about the same from every one of them ... they wanted to get the heck out of the MSP business.