[mdlug] Need ideas for a "telepresence" box

Jeff Hanson jhansonxi at gmail.com
Sun Jan 27 17:57:07 EST 2013 

On Sun, Jan 27, 2013 at 2:07 PM, Adam Tauno Williams <awilliam at whitemice.org
> wrote:

> There is a perfectly good reason companies insulate their technicians
> behind obstructionist management;  primarily it shields them from
> dealing with a constant stream of 'exception requests' that will turn
> the entire network into a collection of one-off hacks.  I strongly
> support obstructionist management.  And remember they are the one's
> paying those technicians, not you, and they are usually getting paid
> from the IT budget not matter what department or divisions hopeless crap
> they are forced to work-on/deal-with.  <rant mode="you should probably
> ignore this part">Every department wants to somehow turn its lack of
> management and/or poor management from an HR into an IT problem, then
> the managers can go golfing and bitch about how IT takes so long to
> solve their problems</rant>
>
> The best solution when dealing with an immovable wall of is to just deal
> with whatever the problem is yourself.  You can usually get a DSL drop
> or other connection into a facility if the cellular option doesn't work
> out.  I've never witnessed too much grief in getting a 'stand alone'
> ISDN or DSL drop to a piece of equipment; they just route it through
> their building and say "from here it is your problem".  Which is exactly
> what you want; everybody is happy.  A stand-alone drop is usually
> installed with the help of Facilities, not IT, and Facilities is rarely
> buried behind so many defenses.
>
> Being a former sysadmin I agree with the policy goal but not the
implementation.  Using a secondary firewall to limit the connectivity of
third-party equipment to a specific outgoing port is relatively safe, even
if that port is shared with other traffic.  Alternatively they could use a
VLAN and achieve similar results.  Restricting VPN access to a
manually-initiated outgoing connection makes it easy for them to control
also.  It may be that their techs don't know how (or management doesn't
trust them) so their default answer is "no".

More information about the mdlug mailing list