Tower Server and Network Opinions
-
If you want high end server hardware (like HPE or Dell) but want entry level prices (like SuperMicro or Lenovo) look to xByte (add appearing on the right currently) as they provide refurbed enterprise Dell gear, full warranty for a fraction of the price of new and bring a lot of experience and expertise to the table along with it. And they are active here in MangoLassi so you don't even have to reach out to them through another channel, you can talk to them right here on the community. They even have their own forum category here.
-
@scottalanmiller Sounds like Lenovo needs a beating haha, I heard Dell has allot of bloat ware however...
-
@christophergault said:
@scottalanmiller Sounds like Lenovo needs a beating haha, I heard Dell has allot of bloat ware however...
Well.... a couple things about the bloatware...
- It only applies to consumer equipment, not stuff we would see in IT. Just stuff for home.
- It only applies to things like consumer laptops and desktops, not servers of any type.
- You never accept anything setup or installed from your server vendor as a basic practice, so no matter what they install on there it should not matter as you would never see it.
http://mangolassi.it/topic/5474/never-let-the-vendor-set-up-a-server
-
Nine years of posting daily about this stuff results in having an already written article and long already hashed out discussions on every topic that you can imagine. It's amazing how many industry best practices that were never mentioned prior to SW and ML coming into existence are pretty well documented and established now.
-
@scottalanmiller That makes sense, however my father (owner of the business) has had a bad experience with Dell and has used Lenovo in the past and loves them. What could we do about the potential "Lenvo hacking" if we end up going with the TD350...
-
Not having the vendor set up your server goes far beyond installing the hypervisor. You would never let them set up the BIOS, RAID or any setting on the machine whatsoever. You need to be confident that you have documented every step and can reliably repeat every step to go from spare parts to working server to back to your original configuration. And you need to know what that configuration is. This is one of the things that drives me crazy with Dell's website - it forces you to give them configuration details that make no sense for them to have.
-
@christophergault said:
@scottalanmiller That makes sense, however my father (owner of the business) has had a bad experience with Dell and has used Lenovo in the past and loves them. What could we do about the potential "Lenvo hacking" if we end up going with the TD350...
Nothing really. It was built into the BIOS and you have to trust them to give you a clean image, which you can't.
They made a point to say it only affected some laptops, but then it was found to affect others so who knows what was and wasn't affected.
-
@johnhooks Well that is great, what type of private data have they been caught for stealing?
-
@christophergault said:
@johnhooks Well that is great, what type of private data have they been caught for stealing?
I don't know if anyone really knows what they captured. But if I remember correctly a lot was sent unencrypted. Is that correct @scottalanmiller?
-
@christophergault said:
What could we do about the potential "Lenvo hacking" if we end up going with the TD350...
Nothing. It's like asking "what can we do about letting a thief into the bank". You are letting a thief in. Sure, you can watch him, but you've intentionally let someone into the place you are trying to protect knowing that they will steal from you if you slip up. What's worse, is that you are hiring them to be the guard. So you are paying them to be the guard, trusting them to be the guard, but you know that they are the thief and you are just hoping that you guard the guard so well that the guard can't steal from you.
In any IT circle, once you have malware on your machine it is compromised and the only sure way back is scorched earth - meaning ground up rebuild. Because Lenovo has been doing very shady hardware level tricks to get around even that and has only been caught a few times suggests that they are still doing it, will keep doing it and are getting better and better at not getting caught.
Ask him if he feels that any data that passes through this server is not something he wants to voluntarily send to China. Not that Lenovo will get your data, but it kind of has to be assumed that they can and they are only putting in that capability for a reason.
So... does he want a Chinese backdoor to his company? I presume the bank accounts will be exposed here, for example. And customer data. And customer products.
-
@christophergault said:
@johnhooks Well that is great, what type of private data have they been caught for stealing?
None, if they got it they got away with it. They hijacked network data so in theory, they have gotten or have had the option to get absolutely everything.
-
@johnhooks @scottalanmiller Well why the hell would IBM sell their servers to Lenovo if they knew of this?
-
@johnhooks said:
@christophergault said:
@johnhooks Well that is great, what type of private data have they been caught for stealing?
I don't know if anyone really knows what they captured. But if I remember correctly a lot was sent unencrypted. Is that correct @scottalanmiller?
That's the thing, they only got caught setting up for the thefts. How much they got away with no one knows. How much they are stealing right now, no one knows. All we know is that they keep at it and companies keep inviting them to attempt to get their data too.
That's the thing about hacking. You never know what they got. You just sometimes get lucky and cut them off.
-
@christophergault said:
@johnhooks Well why the hell would IBM sell their servers to Lenovo if they knew of this?
Why would IBM care? Not their problem. This issue has no connection to IBM in any way. Far more importantly, why would people keep buying Lenovo now that they know this?
-
@scottalanmiller Well it seems that Lenovo will be shutting down soon...
-
@christophergault said:
@scottalanmiller Well it seems that Lenovo will be shutting down soon...
No, that's a very big misconception about how the market works. Companies that do horrible things to their customers rarely take that much damage from it. Lenovo has made crap products and provided horrible support for fifteen years but people still love them and buy them all the time. They've gotten caught being the most underhanded, evil company in the industry several times in the last year and yet people defend them and buy them anyway. Even people who knew that they did this after about a year start to forget that it happened or, in several cases, I've seen people confuse which vendor had done it.
Consumer memories are not long nor sharp and many consumers are so fan-boy driven that they don't care what their vendors of choice do that this kind of stuff really does not often hurt the companies in question for more than a very short term. Lenovo hasn't even taken enough heat to bother changing their name, something that almost universally shields companies from anything but legal action, and sometimes even that.
-
In the real marketplace, you actually often make more money treating customers poorly. It costs far less, generates more profits and marketing does more to create consumer impression that does corporate action.
-
@scottalanmiller Damn that really sucks dude...
-
@christophergault said:
@scottalanmiller Damn that really sucks dude...
Consumers suck, just how it is. Gives It a job
It's our job to remember what vendors did what, which we can trust, etc. Also important to note, and I hate that it comes down to things like this, but all other major vendors are in countries with legal protections for consumers (US, Japan and Germany.) Every enterprise vendor is in those countries. Except for Lenovo, they are in China and beyond legal reach. They can be far more reckless and openly hostile with no means of touching them. -
The market doesn't come down to Dell and Lenovo. To nearly all IT shops, Lenovo doesn't even exist (and never did, the recent events didn't affect them much as they were never a good vendor) and the big two were HPE (formally known as HP) and Dell. Those are the two big ones. Along with SuperMicro they pretty much represent the SMB market.
Big shops needing mini computers and bigger use Oracle, IBM and Fujitsu too.
Cisco exists and is a straggler but their products are poor, convoluted and not a good value, especially in the SMB so are normally ignored even though they are good enough to make the short list.
