question No more computers

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
16,625
Location
USA
There is a rumor that next year all our company laptops will be taken away and then we will be doing everything with Muko 5 on our own "personal device." This sounds just awful. :( Any experiences?
 

MaxBurn

Storage Is My Life
Joined
Jan 20, 2004
Messages
3,245
Location
SC
Do you get some sort of monetary compensation for using your own machine? If so sounds great. Do they still think they are going to tell you what is OK and what they don't want to see?

No idea what Muko 5 is.

I wish I could get rid of the crappy company machines they gave me.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
16,625
Location
USA
I assume we will receive an amount that is less than the cost of a good laptop.
 

MaxBurn

Storage Is My Life
Joined
Jan 20, 2004
Messages
3,245
Location
SC
I assume we will receive an amount that is less than the cost of a good laptop.

I think I would still take that if offered. Assuming they aren't going to try and tell me what to get.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
21,564
Location
I am omnipresent
That sounds like a support/administration nightmare. Microsoft and Cisco both have tools for ensuring that systems have current security software and patch levels prior to negotiating a full network connection, but I can think of way too many problems with that policy to be comfortable.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
16,625
Location
USA
Well all they will support is the Moku 5 VM, which I assume has some security. The computer, OS, etc. would be the user's problem if what I understand is correct.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,737
Location
USA
A VM is how I do remote work with my company. I install a corporate windows 7 image with all their security, VPN, patches, AV, etc and then just run it as a VM on my personal machine. It runs better/faster then any of the equipment provided to me for desktop or laptop usage. I'd rather my company give an allowance to build my own system. They are otherwise migrating people to a VDI solution for reduced cost and administration. The problem is, this doesn't work well for engineering.
 

Howell

Storage? I am Storage!
Joined
Feb 24, 2003
Messages
4,740
Location
Chattanooga, TN
The problem is that they are now dependent on you maintaining reliable equipment and support contracts for your productivity. As usual some will be more motivated than others. Will they have loaner equipment available?
 

timwhit

Hairy Aussie
Joined
Jan 23, 2002
Messages
5,278
Location
Chicago, IL
What happens it the user's host system is compromised? Can't this in turn have deleterious effects on the virtual machine as well? Sensitive data will still need to be transmitted through a shared NIC.
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,511
Location
Horsens, Denmark
What happens it the user's host system is compromised? Can't this in turn have deleterious effects on the virtual machine as well? Sensitive data will still need to be transmitted through a shared NIC.

I'd assume that the VM establishes an encrypted link (VPN?) with the server independent of the host, and maintains its own AV and the like. Not completely secure, but neither is anything else given to a user.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,737
Location
USA
I'd assume that the VM establishes an encrypted link (VPN?) with the server independent of the host, and maintains its own AV and the like. Not completely secure, but neither is anything else given to a user.

This is how mine functions. The Guest OS has its own security and AV installed. The only way I can connect to work is by first establishing the VPN. I agree that is some virus or exploit gets into my base OS and knows how to target the guest OS, there is little I can do about managing that and need to rely on VMware for patching security exploits. Limited things I can do are to encrypt the guest OS hard drive to help reduce some exposure, but honestly, I do no work on the actual VM. I RDC and SSH in to everything at work and my work files never get saved on the VM. They all remain at work. Even if a key logger captured the VPN login, it changes every 60-seconds due to my RSA pin.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
21,564
Location
I am omnipresent
I assume you guys are using the Mandatory Access Protection feature that's baked in to Windows Server 2008 to do that stuff, in which case end users can get access to a provisional network with internet access to have updates and virus definitions loaded even if your VM is judged unfit for full intranet access.

That's one of the niftier things they put in Server 2008, but it still seems like a huge administrative headache to me.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,737
Location
USA
I assume you guys are using the Mandatory Access Protection feature that's baked in to Windows Server 2008 to do that stuff, in which case end users can get access to a provisional network with internet access to have updates and virus definitions loaded even if your VM is judged unfit for full intranet access.

That's one of the niftier things they put in Server 2008, but it still seems like a huge administrative headache to me.

I don't run server 2008 at home, so no. The few Server 2008 systems I do manage at work don't need this level of security. They don't hold any data that would be considered at risk for the company. 95% of our VM infrastructure these days are purpose-built SLES appliances developed, patched, and audited by a specialized team.
 

Howell

Storage? I am Storage!
Joined
Feb 24, 2003
Messages
4,740
Location
Chattanooga, TN
I assume you guys are using the Mandatory Access Protection feature that's baked in to Windows Server 2008 to do that stuff, in which case end users can get access to a provisional network with internet access to have updates and virus definitions loaded even if your VM is judged unfit for full intranet access.

That's one of the niftier things they put in Server 2008, but it still seems like a huge administrative headache to me.

We are not that paranoid. I review WUS & AV reports and go after machines that get behind.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
16,625
Location
USA
A VM is how I do remote work with my company. I install a corporate windows 7 image with all their security, VPN, patches, AV, etc and then just run it as a VM on my personal machine. It runs better/faster then any of the equipment provided to me for desktop or laptop usage. I'd rather my company give an allowance to build my own system. They are otherwise migrating people to a VDI solution for reduced cost and administration. The problem is, this doesn't work well for engineering.

I don't know how the VM thingie works, but I heard some Mac users will like it because the Moku 5 VM runs on them too. Apparently there is some other brand of the VM they are also considering. I hope the project does not occur as I would need to buy a laptop for that. In no way would I want anything work related on my personal laptop. I surely don't want a laptop with the dreaded Win 8 either.
 
Last edited:
Top