https://7f57629a.jeremiahwindle.pages.dev/blog/Recent content in Blog on Jeremiah WindleHugoen-usWed, 01 Apr 2026 00:00:00 +0000https://7f57629a.jeremiahwindle.pages.dev/blog/msp-to-enterprise-skills/Wed, 01 Apr 2026 00:00:00 +0000https://7f57629a.jeremiahwindle.pages.dev/blog/msp-to-enterprise-skills/Four years in an MSP seat gives you something that’s genuinely hard to get in enterprise IT: breadth under pressure. When you’re responsible for network infrastructure across 40 different organizations simultaneously — each with different tools, different configurations, and different stakes — you develop a kind of situational awareness that pure deep-dive engineers often don’t have. But it also leaves gaps. Real ones. This post is an honest accounting of both.https://7f57629a.jeremiahwindle.pages.dev/blog/siem-platforms-compared/Wed, 18 Mar 2026 00:00:00 +0000https://7f57629a.jeremiahwindle.pages.dev/blog/siem-platforms-compared/Most SIEM comparisons are written by vendors or analysts who’ve seen the demos. This one is written by someone who’s used these platforms in production — ingesting real logs, tuning real alerts, and investigating real incidents across dozens of client environments. Here’s what actually matters. The Three Platforms I’ve had meaningful production time with: Kibana (ELK Stack) — primary SIEM at my current MSP for security operations across municipal government clients Perch Security — co-managed SIEM platform purpose-built for MSPs, used across 40+ client organizations Splunk — exposure through client environments and hands-on study; included here for completeness against the standard that everyone measures against Kibana (ELK Stack) Kibana is the visualization layer on top of Elasticsearch and Logstash — the “K” in ELK.https://7f57629a.jeremiahwindle.pages.dev/blog/conditional-access-policies/Sat, 28 Feb 2026 00:00:00 +0000https://7f57629a.jeremiahwindle.pages.dev/blog/conditional-access-policies/Conditional Access is one of those features where the gap between “we have it enabled” and “we have it configured correctly” is wide enough that attackers drive through it regularly. I’ve managed CA policies across 100+ organizations at two MSPs. Here’s the framework I’ve landed on. The Foundation: What CA Actually Is Conditional Access is Entra ID’s policy engine. Every sign-in attempt hits it, and the policy evaluates conditions — who is signing in, from where, on what device, to what application — and makes a decision: allow, block, or allow with requirements (MFA, compliant device, etc.https://7f57629a.jeremiahwindle.pages.dev/blog/ccna-study-plan/Thu, 15 Jan 2026 00:00:00 +0000https://7f57629a.jeremiahwindle.pages.dev/blog/ccna-study-plan/Target date: June 2026. Here’s the actual plan — resources, schedule, lab setup, and where I’m struggling. Why the CCNA Matters for Me Specifically I’ve been managing Cisco Meraki, Fortinet, and UniFi networks across 40+ client organizations for four years. I can configure a FortiGate firewall policy, troubleshoot a VLAN trunk, set up a site-to-site VPN, and triage a flapping BGP session at 2am. The CCNA doesn’t teach me most of this — I’m already doing it.