Community discussions

MikroTik App
 
atakacs
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Mon Mar 07, 2016 5:39 pm

Cloutik feedback ?

Tue Apr 13, 2021 7:46 pm

Hi

Not seeing much discussion about this service here.

Anyone using it ? Feedback ? Issues ?

Thanks in advance !
 
joegoldman
Long time Member
Long time Member
Posts: 605
Joined: Mon May 27, 2013 2:05 am

Re: Cloutik feedback ?

Wed Apr 14, 2021 1:45 am

You could do the same, by essentially running a VPS and having all your mikrotiks VPN back to it or send info / run scripts.

Its putting control (And a lot of information) in someone elses hands

If you are having large outages - then its useless

Cost is not great - website is poorly made which doesn't bode well for the product if you ask me.

I'm guessing it allows remote code execution of some sort (I'd need to look at what initCloudtik actually does) - so if they are hacked, you'd get hacked.
 
User avatar
vecernik87
Forum Veteran
Forum Veteran
Posts: 786
Joined: Fri Nov 10, 2017 8:19 am

Re: Cloutik feedback ?

Wed Apr 14, 2021 4:21 am

No serious network techs will ever use third party cloud service to manage their own devices. Thus, no discussion needed.

Its a nice toy but thats about it. For anyone concious about security, it is another unnecessary attack vector.
 
Cablenut9
Member Candidate
Member Candidate
Posts: 216
Joined: Fri Jan 08, 2021 5:30 am

Re: Cloutik feedback ?

Wed Apr 14, 2021 7:10 am

No serious network techs will ever use third party cloud service to manage their own devices. Thus, no discussion needed.
What about UniFi?
Serial question asker
 
User avatar
vecernik87
Forum Veteran
Forum Veteran
Posts: 786
Joined: Fri Nov 10, 2017 8:19 am

Re: Cloutik feedback ?

Wed Apr 14, 2021 8:41 am

Thats exactly my point. In the past, unifi cloud was optional (so it can be considered same as 3rd party). Then they released UDM and guess what? It is compulsory. You can't set up the device without cloud. (therefore even serious networking people had no choice...)

Now they got hacked and literary everyone who has UDM is vulnerable thanks to this stupid cloud nonsense. Hack can happen to anyone and adding 3rd party cloud just opens another door which you can't close.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7424
Joined: Mon Jun 08, 2015 12:09 pm

Re: Cloutik feedback ?

Wed Apr 14, 2021 11:53 am

It could be interesting to use such a feature but indeed you can easily deploy it yourself using a VPS, CHR, maybe dude, and some simple setup.
In fact I sometimes wondered why MikroTik does not make a private VPN available as part of IP cloud.
There already is the feature to register a DDNS name, there is a feature in Quick Set to setup an incoming VPN server, what would be natural is to have some feature to have a device setup a VPN connection (as a client) to IP cloud, identify it as being part of some customer-defined network (e.g. using a certificate), and then the admin would be able to reach that group of devices on a private network even when they are on dynamic addresses, are behind NAT, etc.
You can deploy this yourself (see above) but to offer it as a service as part of the IP cloud could be very useful for remote management.
 
atakacs
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Mon Mar 07, 2016 5:39 pm

Re: Cloutik feedback ?

Wed Apr 14, 2021 2:48 pm

Thanks for the feedback so far.

I understand & appreciate the limits / issues that such a concept is raising. What I wanted to hear was actualy first hand experience with it (or equivelent product).

Out of curiousity, how are the "real pro" handling this when you have hundreds of devices to maintain ? All by custom, self developed scripting ?
 
pe1chl
Forum Guru
Forum Guru
Posts: 7424
Joined: Mon Jun 08, 2015 12:09 pm

Re: Cloutik feedback ?

Wed Apr 14, 2021 5:23 pm

Of course it depends a lot on what kind of maintenance you require and what level of automation you need or want to have.
In my case the routers are all in a network that uses public IP addresses and is internally connected both by WiFi links and VPN connections to a central router, all fitted with automatic routing (BGP).
So it rarely happens that I would not be able to access a device. I do not need the functionality of a "cloud VPN service", but I fully understand that others do.

Then there is the next layer of "configuration maintenance, upgrading, etc". I have not automated that. The devices and setups are a bit too diverse to easily do that, and are not all managed by the same person.
I normally do not do "en-masse updates", due to the risk. When I happen to be logged in to a device (using winbox), I sometimes upgrade it. And I regularly view lists of version numbers in IP->Neighbors to keep an eye on ancient versions known to be vulnerable.
 
joegoldman
Long time Member
Long time Member
Posts: 605
Joined: Mon May 27, 2013 2:05 am

Re: Cloutik feedback ?

Fri Apr 16, 2021 2:40 am

Out of curiousity, how are the "real pro" handling this when you have hundreds of devices to maintain ? All by custom, self developed scripting ?
I have self-developed scripts to help with management - but I wouldn't be closed to an application like Cloutik that you linked - but my requirement would be preferably for source code access, and importantly self hosted BEHIND my edge, so I can firewall it and monitor it, and make sure only those who need access can get access. The gripe with all cloud products is never generally the product itself, its putting control into someone elses hands.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7424
Joined: Mon Jun 08, 2015 12:09 pm

Re: Cloutik feedback ?

Fri Apr 16, 2021 11:46 am

The gripe with all cloud products is never generally the product itself, its putting control into someone elses hands.
Indeed. And not only because you may give them credentials that they then may leak and cause your network to be compromised, but also because such a service could be terminated at any time (or could become too expensive to use) and leave your network in an unmanagable state.
 
Znevna
Member Candidate
Member Candidate
Posts: 259
Joined: Mon Sep 23, 2019 1:04 pm

Re: Cloutik feedback ?

Sat Apr 17, 2021 9:07 am

By how that website looks, that service "screams": pay me to fuck up your router. And whoever pays them deservers to be left out of his router(s).
Thats my feedback.
And to everyone else that is confused about the topic, he ain't talking about IP Cloud from MikroTik, but about some shady website offering a shady service.
Cheers.
MTKEK Certified by IRC

Who is online

Users browsing this forum: No registered users and 136 guests