Possible to buy the White House?
Just shows that people with big money still try to buy the White House, we will see if he is successful.
27 publicly visible posts • joined 8 Sep 2015
From an user management perspective Notes was a pure horro, I supported a system which provisioned users to Notes and it was absolution a mess.
Then companies decided to drop Notes for Exchange and Sharepoint as Microsoft told them it would be better, well yes that was something everyone believe right.
I got an Apple Macbook Air 11" from 2011 (i5) which is too slow for macos to be intersting, but it runs Ubunto Desktop 20.04 LTE without problems. What is intertsting is that the Apple TB1 GbE adaptor works without a flaw .. also it's nice to have an linux when the rest does not want to do what you want it to do.
I've been around long enough to see AD and Group Polices to evolve and for someone who work with Directories for a living, I mush say that AD suck - it was basically a wrapper around NT domains, these they have changed alog but still, it's a horrible design.
Group Policies is a blatent mess and no one with a sane mind would ever venture into it, but it's what Microsoft gave people and they have to live with it.
Interesting read from a write which misses the most obvious about IAM and why it is so difficult do right. The tool of the trade is mostly something like NetIQ Identtity Manager (I do not work for the company) (or something else which can be changed to fit the organization), then this is connected to something like Okta for provisioning (and authorization) , Okta is then using the on Prem-AD (or Office 365) for Authentication.
And as a previous comment said; all identities start from the HR system ... and nothing should be done manually - people make mistakes (often).
RBAC can be done with online tools like NetIQ Identitty Application or Sailpoint - does not matter as long as it's online and that users can request access (roles/premissions) which are granted "now".
Any organization who is using tools like Excel for RBAC administration will at some point end up in a management nightmare.
The biggy, which no one talks about is "red button", if an employee is let go, then the identity needs to be locked down immediately, which only works with systems which act on events - which many of these systems do not.
And lets not forget about Access Governance ... reporting, a tool which suck out all the information and will report if there are things (rights) which should not be there, and especially if they are assigned to people who should not have them.
IAM is complicated, and require knowledge not only about the choosen tool, but also about all the systems which you connect it to (AD, LDAP, SQL, Unix, Cloud, REST, SOAP, etc, etc, etc.).
But it's madly fun to do....
What many don‘t remember is that the AppStore made Apple a wealthy company. The iPod made them richt, the AppStore and iPhone/iPad made them filthy rich.
If they loose part of the income from the AppStore then suddenly they will no longer make billions every quarter, and that is for them not acceptable.
I done feel sorry for Epic Games, but for the humble developer, who maybe sell a few thousand apps on the app store for less than 5$ a pop, having the Apple tax being lowered will make a serious change.
What is interesting is that Huawei got some fundamental patents in connection to 5G, without licensing these patents there will be no 5G role out, and Nokia and Ericsson are at least 1 year behind Huawei in development of 5G ...
This is political, and is being used by Trump to get China to move on the Trade agreement, which he want to "fix", but it might end up causing the rollout of 5G to be delayed by years.
I still remember when IPv4 started becoming popular back in the early/mid 90's, back then it was wooooo complicated - especially for the people who came from DEC, IPX or what ever was used back then (IPX over routers was basically crap), but I guess we all more or less mastered IPv4 reasonable fast.
Over the years I've been trying to ger my head around IPv6, and I am still not able to find a IPv6 for Dummies which can explain me the basics in a reasonable easy and understandable way - I do this for fun, not for work...
They have made IPv6 overly complicated, it's like you have to know more or less everything, before you start with the stuff, otherwise you'll end up having a network which might work, but you don't know why - and if you connect it to the internet you can't hide behind a NAT'd firewall - which is really really bad.
And don't get me started on the notation, I've entered thousands of IPv4 address on my keyboard, on a numeric keyboard everything is there 0..9, and a '.' - everything which is needed. Try that with an IPv6 address ... right... see, got my point.
I guess the universe is waiting for the next IP stack, which probaly will be an IPv16, which will be fully automatically discoverable, and have a functional (and understandable) security build in. Well I can always hope.
IPv6 is there, but how many people know enough to implement it securily...
Any ISP who has IPv4 only Routers has not upgraded their hardware since before 2012 ... the question is if they have current code on them, and if they have the latest IPv6 stack. But any serious IPS can support IPv6 on the router side, and any homeuser should have Routers which support IPv6.
When one thinks that in Germany the norm still is 15mb/s for anyone who live outside larger population zones, then yes, the 200mb/s would be impossible to reach.
In some countries is the "normal" minimum speed 100mb/s; try to discuss that with German Telekom - they still live in the last century. They are quite proud of them self, as they are now upgrading to a minimum speed of 50mb/s ..... and the prices are almost 2x to what it cost in countries like The Netherlands and Scandinavia.
There is nothing worse than using diffrent Authentication Services where the password is not synchronised ... Why on earth does organisations no have a proper solution in place to handle identities and passwords ... it's not that difficult. And that also moves the discussion into identity / access management life cycle management.