Am I the only one that prefers on - prem to cloud based infrastructure?

Posted by Ferocious888@reddit | sysadmin | View on Reddit | 423 comments

I’d rather have an on - prem server with ad and gpo than using intune / anything cloud based

Reply to Post

Reply

423 Comments

[-]

replicatedhq@reddit

We prefer it, but for some pretty obvious reasons....

Reply

[-]

replicatedhq@reddit

On prem is for sure coming back - we are working with a ton of AI companies to offer their software in secure environments. They're getting a ton of demand from enterprise customers who are demanding it due to data security concerns. We're not seeing a push due to cost savings yet, but I think that's on the horizon too.

Reply

[-]

iamtechspence@reddit

I’m an on-prem hold out too. Long live Active Directory 🤓

Reply

[-]

mat-ferland@reddit

You're definitely not alone. The real answer is it depends on the workload and the team size. If you have competent infra people and predictable capacity needs, on prem is often cheaper long term. Cloud wins when you need elasticity or your team is too small to handle the ops burden of running your own gear.

Reply

[-]

Assumeweknow@reddit

Hybrid is nicer in many respects. But On prem server is far more powerful still.

Reply

[-]

ansibleloop@reddit

Yep, absolutely fuck managing Exchange or SharePoint or any of that shit

Reply

[-]

Lost_Term_8080@reddit

Not sure why anyone had problems with Exchange since Exchange 2007. If you read the documentation, build it the way the documentation says, support it the way the documentation says, refrain from doing stupid stuff in AD, it was pretty much a zero-touch system between patches. There were a handful of bad patches, but who really is patching exchange in the first few hours anyways?

Reply

[-]

Assumeweknow@reddit

You mean don't use minimum spec? But rather 3-5 times that. It really does like having 128gb or better.

Reply

[-]

Lost_Term_8080@reddit

more recent versions of exchange were a lot less memory hungry. I believe they recommend only up to 32 or 64 Gb RAM now. MS has always provided some form of hardware requirements that in early versions were a bit light, but the exchange servers I found with most problems were typically not near even the understated requirements

Reply

[-]

Assumeweknow@reddit

Actually, now they actually recommend 128gb as the minimum. Which means 256-384gb if you want it to run great.

Reply

[-]

Assumeweknow@reddit

Echange 2019 for 400plus users saved 50k a year against office 365. Never touched it except for updates for 6 years it just ran. Honestly i got nothing against on prem exchange.

Reply

[-]

BatemansChainsaw@reddit

I've helped run and manage an exchange cluster for almost 16 years and can't for the life of me imagine what problems people have to hate it so much. Make your backups and test them. That solves nearly all problems.

Reply

[-]

DiligentPhotographer@reddit

People who managed poorly configured SBS boxes at MSPs, probably. Once we moved all clients to dedicated exchange VMs/DAG all the weird issues went away.

Reply

[-]

ScreenOk6928@reddit

It basically boils down to either: - Skill issue - People think running an on-prem exchange server is the same in 2026 as it was in 2006

Reply

[-]

bahbahbahbahbah@reddit

Definitely! Finally migrated to 365, but the 4 years I managed our Exchange 2016 server were pretty fuckin smooth besides a handful of issues. I’m definitely seeing that managing Exchange Online is more difficult and cumbersome in MANY respects.

Reply

[-]

ITGuyThrow07@reddit

They day I killed my last Exchange server was wonderful.

Reply

[-]

crane476@reddit

As someone still managing an on-prem Exchange server, I 100% agree.

Reply

[-]

Old-Flight8617@reddit

I like the hybrid approach. But for big operations on-prem in some stuff still makes sense. It should go without saying that costs are also driven by companies trying to push some customer to cloud.

Reply

[-]

Admin6740@reddit

Isn't hybrid the same as "on-prem in some stuff "

Reply

[-]

Old-Flight8617@reddit

https://preview.redd.it/du3wzvkl8irg1.jpeg?width=216&format=pjpg&auto=webp&s=b09b423c2fd3a6f6a6d877aaeb2742d1209cade2

Reply

[-]

Legionof1@reddit

I honestly wouldn’t mind ditching AD if Microsoft would give us entra/intune for servers.

Reply

[-]

AdmRL_@reddit

That's what Azure Arc is.

Reply

[-]

YourTypicalDegen@reddit

Yah how is azure arc, probably something we will look into in the next 5 years. But trying to get user devices to be full cloud first.

Reply

[-]

UncleToyBox@reddit

I'm perfectly happy not having to maintain our M$ headaches beyond basic configuration. Leaves me plenty of time to manage our on prem systems.

Reply

[-]

iworkinITandlikeEDM@reddit

More powerful how?

Reply

[-]

Assumeweknow@reddit

Seriously management of ad and updating all aspects attributes of user such as manager office locations etc. Then letting it update into entra... which still cant take all attributes. Still better and even ties into hr better. Entra attributes are weak, slow, and break frequently requiring powershell manual updates. At least with ad its literally as simple as field to field in sql.

Reply

[-]

AuroraFireflash@reddit

Hybrid is the way. Do on-prem or cloud when it makes sense from financial, operational, reliability, compliance, legal perspectives. I don't miss dealing with on-prem hardware. I'd probably go co-lo or rent hardware in a data center these days. Let someone else replace failing disk drives at 2am on a Monday.

Reply

[-]

Assumeweknow@reddit

Eh raid 10... honestly, ive had anything from 24 drive to 4 drive raid 10s and ive yet to lose an array. Ive got 30 or 40 of them out there and i think ive replaced 6 drives in 8 years.

Reply

[-]

Mindestiny@reddit

Yep. It's something this sub frequently forgets. It's not about "more power," it's about using the best tool for the job at hand and meeting defined requirements. I cannot possibly imagine thinking on prem is the way to go for things like managing endpoints for a hybrid workforce. VPNs for everyone? Constantly desyncing from AD? GPO not pushing/updating? No remote wipe? That's a nightmare compared to MDM.

Reply

[-]

jon13000@reddit

There are many of us left. 20 more years im trying to hold out.

Reply

[-]

MaelstromFL@reddit

Don't worry, currently the model is turning to on prem cloud. Been in the business since the 1980's and have watched it bounce back and forth a number of times! The tide is turning, slowly, but I am doing more on prem than cloud provider work now...

Reply

[-]

DisastrousAd2335@reddit

Same here.. started working in the industry in 84. Been watching it bounce. In the 00's it was still all on prem, 10's - shove it to the cloud, by 30's - bring it all back on prem. Already starting to swing that way the last couple years.

Reply

[-]

TheJollyHermit@reddit

It's one of the sine waves of policy/strategy/technology that swings back and forth as things change and corrections are made... Centralization/decentralization, in sourcing/out sourcing

Reply

[-]

makeitasadwarfer@reddit

Thin desktops, fat desktops. Repeat.

Reply

[-]

malikto44@reddit

It goes remote... it comes back... repeat. It has been that way since offices used a serial frame-relay for their mainframe terminal which was located in another state. Some things are going to stay in the cloud though. E-mail is a lost cause for having on-prem, because of spam and blackholing. Until we can get an inexpensive, effective backup medium, cloud backups will remain a viable alternative, especially for smaller loads like under 20 TB. However, there is a point where the cloud is just too expensive. For example, storage over 1.5 PB can result in so much storage costs, that it becomes cheaper to have one's own LTO-10 silos. Similar with computer power. I've worked at a startup which did a complete 1:1 forklift, and when they were spending under six digits a month for a data center, start going over the million dollar a month for their cloud bills. Needless to say, the startup isn't around anymore. The cloud is a resource. Local stuff is a resource. Sometimes stuff gets cheap locally, sometimes it is better to do it remotely. I prefer local, but I like packing my own parachute and having physical control of the data.

Reply

[-]

Assumeweknow@reddit

Email is easy, just push everything through 3rd party filter and limit exchange to that third party filter IP.

Reply

[-]

malikto44@reddit

That is true, there are SMTP server providers, where I can just have mail go through there.

Reply

[-]

Assumeweknow@reddit

For the exchange, still a fan of appriver.

Reply

[-]

flummox1234@reddit

I think you mean. C Suite: We can save so much more with cloud. Workers: Moves to cloud. ... C suite gets bill ... C Suite: We can save so much by going on prem. Have you seen these cloud bills? Move us to on prem Workers: 🙄 A tale as old as time.

Reply

[-]

codewario@reddit

We told leadership the bill to expect. They told us to shift "everything" to public cloud anyways. Now we are in a hybrid state after a few years where a few teams were migrated, got the sticker shock we warned about, and now only the teams who really *need* public cloud get it. Everything else is done via our private cloud solution.

Reply

[-]

flummox1234@reddit

It was never about cloud. They got their bonus on the genius cost savings shift to cloud. Now it's time to get that bonus for the genius cost savings shift back.

Reply

[-]

No_Initiative8846@reddit

I believe every part of this statement, after one year of a cloud service, the renewal increased over 30%

Reply

[-]

syntaxerror53@reddit

With the current AI farce, moving back to on-prem is equally becoming as expensive. Until the weasel goes pop and crashes mightily, and costs come tumbling down and everyone can sigh in relief.

Reply

[-]

poorest_ferengi@reddit

If oil stays over $100 a barrel all these data centers relying on fossil fuels will be way less profitable. We're in for a correction at best and the bubble popping at worst(for them not necessarily us after the economic shock smooths out)

Reply

[-]

Icy_Conference9095@reddit

Yep; I quoted a server out in December and it is now 250% what I quoted in december. They won't even give us a deliverables timeline because the 32GB RAM I need isn't in stock at Dell. lol Going to be a long few years.

Reply

[-]

ProgressBartender@reddit

I give it 2-3 years before the implosion

Reply

[-]

Icy_Conference9095@reddit

I await it patiently. :)

Reply

[-]

timbotheny26@reddit

I'm hoping it'll happen sooner rather than later. OpenAI just shut down Sora and (I believe) cancelled their deal with Disney, and then a bit before then I think I remember reading Nvidia cancelled a big contract, Microsoft making public commitments to reduce Copilot integration, etc. I think it really is coming, I just wish it would happen faster.

Reply

[-]

archiekane@reddit

A tale as old as IT and capitalism.

Reply

[-]

zonz1285@reddit

I had the cost argument when I was told to build 14PiB scalable to 28 PiB solution and a new “idea guy” came in and said we should have done cloud for less money. I was like “yea you’re crazy if you think 28PiB in cloud is cheaper”

Reply

[-]

flyguydip@reddit

If a CTO just let things be, why would everyone pay them a bunch of money? Once things are stable, introduce a new cost saving technology to migrate to until it's stable. Then start migrating back, rinse and repeat. It's an infinite money glitch. Board members don't notice because they rotate out faster than the technology rotates back and CEO's/Presidents wanna see bigger budgets to brag to their pals about how much money they spend.

Reply

[-]

gscjj@reddit

I hear this a lot, but I haven’t been or interviewed with a company in the last 10 year whose goal was to move any significant workloads back on-prem. I think we’re past the “move everything to cloud” phase, and companies with an on-prem presence will maintain, but even then cloud spend outweighed their on-prem spend. And most younger companies are 100% cloud.

Reply

[-]

JohnPaulDavyJones@reddit

I’m not trying to make myself too identifiable, but I can tell you firsthand that one of the largest healthcare provider chains in the country was working to move back to on-prem back at the tail end of 2024 because their Snowflake costs had gotten way larger than they had budgeted for. I was on staff for it all the conflicts over cost and then the final decision to begin the return. I can also tell you that USAA halted their full migration to cloud last year, four years into the migration, because of an inability to control costs. I could be wrong, but I think they’re still in that limbo. They’re not going back to fully on-prem though, since their prior model was highly integrated with HDP, and they’re still a major HDP customer.

Reply

[-]

Scrug@reddit

For large businesses with a predictable workload on prem makes so much sense. Cut out the middle man and do it yourself.

Reply

[-]

Sea-Aardvark-756@reddit

I have only worked in businesses like this, they all had a cloud push eventually because job-hopping leaders don't care about long-term costs and can usually get good initial deals. There is no person who truly cares about a company enough to ask what happens in 10, 20, or 100 years. Probably why most companies rise and fall within that time frame.

Reply

[-]

Assumeweknow@reddit

Every time they go cloud, I always put in the terms that it must be reversible or we get some stupid amount of money. Those terms have bought me a few servers.

Reply

[-]

gramathy@reddit

I work for a hospital. Nearly everything is on-prem. The only ongoing costs are licensing and power. We don't have to worry about elasticity, overage charges, or any other bullshit that comes from a cloud deployment, plus we can operate without internet if we really have to.

Reply

[-]

Mono275@reddit

What are you using for charting? Most of the big charting apps are really good at convinceg the C suite that they can host their app better than the local guys. (I come from a hosptial background and have worked with Epic, Cerner, and Mckesson among others). We did do most other stuff locally especially radiology apps with how big imaging files are now. Their just isn't a cost effective way to do that remote that I'm aware of.

Reply

[-]

gramathy@reddit

I manage infrastructure rather than applications, but I do know we use Epic. The closest thing to cloud services we use is Umbrella.

Reply

[-]

Mono275@reddit

> I know some of our radiology is remote Oh yeah I know lot's of radiologists that work from home. I was speaking more of storing your images in the cloud that's not cost effective, both from a storage and network usage stand point. It's been a while since I left healthcare, but most radiology apps had a website that could be used to access the images.

Reply

[-]

gramathy@reddit

Ah, no that's all on prem

Reply

[-]

QuantumRiff@reddit

I wonder how many of these stories are still true with hardware at least tripling in cost this year, and some software like VMWare skyrocketing in cost in last 3 years

Reply

[-]

Cheomesh@reddit

Exactly.

Reply

[-]

billy_teats@reddit

Missing budget is a poor reason to leave the cloud. Being able to do it cheaper and maintain adequate support is a good reason. Did they do a real cost analysis of the migration and continued support on prem, or just say the cloud is too expensive do something else?

Reply

[-]

JohnPaulDavyJones@reddit

The healthcare provider did a full CBA, but I don’t know about USAA. That said, I do think the decision was a little forced by a data analytics director who had a history of making bad financial decisions and was twitchy about it. He really has no reason to be in his job except that the CFO was his mentor; he has zero technical, interpersonal, or leadership ability.

Reply

[-]

MaelstromFL@reddit

USAA just made a big VCF license push. Also, can't say how I know...

Reply

[-]

gscjj@reddit

Right I’m sure there’s a lot of companies that overextended themselves during the “‘move everything to the cloud” phase, but the general outcome is still some level of hybrid with cloud cost optimization. A return to what they used before but not expanding the footprint of on-prem.

Reply

[-]

Icy_Conference9095@reddit

We're trying to move from Vcenter to proxmox for most things. That said; for major systems like our ERP, we're trying to push a cloud provided solution with SLA's. We're still murdering ourselves with dynamics GP

Reply

[-]

donith913@reddit

Agreed. This is where people get mixed up. For applications where you’re responsible for the infrastructure, on-prem isn’t going away for every use case. Some is cloud because the requirements make sense, some is on prem because it makes sense. But complex business systems like ERPs that need global performance and high availability? I see a LOT of companies preferring to leverage SaaS there. It’s just not their core competency. People want to focus on a business outcome, not infrastructure. People conflate SaaS and IaaS I guess is what I’m rambling about 😆

Reply

[-]

snark42@reddit

37Signsls is the well known example of getting off the cloud to save 7 figures a year in 2023. https://world.hey.com/dhh/we-have-left-the-cloud-251760fb

Reply

[-]

Lv_InSaNe_vL@reddit

It's all a matter of cost. When the cloud came out it was cheaper than having to maintain/run/upgrade hardware and having the people on staff to manage it, but cloud services have started getting so so so expensive that it's getting cheaper to just hire someone to run a file server on prem again. Except email. I will never go back to on prem email haha

Reply

[-]

Dear-Supermarket3611@reddit

It’s not just about costs… when every millisecond matters, cloud simply is unfit. Just to make an example: How can you track every stroke on over 70 Lines that works at 360 strokes per minute using an in cloud solution? It’s simply impossible!!!

Reply

[-]

davy_crockett_slayer@reddit

I go where the money is. Kubernetes pays 150-200K+ with stock. I'd rather earn 200-500K TC than mess around with 80-120K with on-prem. I don't want to work forever. The tech industry is where the money is, and I follow the money.

Reply

[-]

steveatari@reddit

Thats so much money compared to what I make as someone who hasn't chased money. Oof.

Reply

[-]

davy_crockett_slayer@reddit

Yup. Follow the money. Get the skills people will pay top dollar for.

Reply

[-]

MaelstromFL@reddit

I am old, lol... I'm just putting in my time till the numbers add up! I used to chase the money and have put in my time. So 200k to pay the bills until the mortgage is paid off is just fine with me.

Reply

[-]

davy_crockett_slayer@reddit

Fair enough! No point in learning new things if you are ~5 years away from pulling the plug.

Reply

[-]

TKInstinct@reddit

On Prem Cloud? Isn't that just on prem then?

Reply

[-]

MaelstromFL@reddit

Ues, but a little different. We are adding automation so the system works very similar to cloud providers. More like being your own cloud provider versus standard on prem.

Reply

[-]

Cheomesh@reddit

Like, private cloud?

Reply

[-]

MaelstromFL@reddit

Yes

Reply

[-]

Turbulent-Falcon-918@reddit

Not quite the 80s because in the 80s i was in the back of a classroom that never had lights plugging away at cobal and basic… netscape public baby from the era before certificates when someone would say hey i saw website put my name on it can we do that :p ( dawn of js :p) but even i have seen it go from client , to local machine , to vdi and back , more times than i can track lol .

Reply

[-]

MaelstromFL@reddit

Yep, I remember the great upgrade of VT-100! Lol

Reply

[-]

woodrax@reddit

The company I work for prefers on-prem due to both security and cost.

Reply

[-]

Draculalol@reddit

Where is this magical place?

Reply

[-]

Jakestechjourney@reddit

Each has their tradeoff. I also prefer AD + GPO to intune tbh. Though remote work can lead to tons of quirks that Intune (in theory) solves

Reply

[-]

jupit3rle0@reddit

Yes minus Exchange on prem. EXO is a thousand times less of a headache.

Reply

[-]

FedUpWithEverything0@reddit

9 for me... Anxious as things move very fast

Reply

[-]

moldyjellybean@reddit

This is the way. You own your own data, MicroSlop or AWS can’t steal your data/ideas stuff and make an AMZN basics clone. Or just give up your data or keys at any request without a court order. It’s just numbers really. I helped a non profit, bought a 3 ish year old C blades chasis with each blade maxed with ram, and networking I then bought a 2nd chasis with extra power supplies and partial filled with blades in case they needed any parts. This was around covid and 5-6 years later they’re still running not 1 day of downtime. This entire setup cost was similar to a year of costs on Azure. So after the 1st year their costs are minimal. The costs I’ve seen some people run on AWS are jaw dropping. I’ve run into sysadmin who have no idea how to rack a server/pull it out, use a KVM, get into bios settings/ilo/ipmi settings update the bios/ilo, use a console cable, know their way around UPS, trace cables, troubleshoot hardware etc. I don’t even think admins now could physically do it.

Reply

[-]

syntaxerror53@reddit

Never setup a prod server, but can do half of what's mentioned. Helped rack servers, used KVMs for checking servers or settings (AD, Net, etc), basic troubleshooting. Just never got the opportunity to get into the Server Admin side.

Reply

[-]

crashonthebeat@reddit

I'm a newer admin and I hate the cloud.

Reply

[-]

Pisnaz@reddit

There are tons of us, many fought hard and still are, but marketing teams hold more sway over a lunch than admins hired to manage systems. Nowadays they can even get the marketing spiel down well enough a lunch os not needed.

Reply

[-]

OkEssay4173@reddit

20? I am getting out this year

Reply

[-]

jon13000@reddit

I’ve been doing this for 20 years and have maybe 14 years left but probably 20. I spend too much money and had kids on top of it.

Reply

[-]

anonpf@reddit

If I get my way, on prem until I hit 90

Reply

[-]

DisastrousAd2335@reddit

13 for me bro....

Reply

[-]

melshaw04@reddit

I work for a fortune 5 company that spends millions on cloud that’s still trying to understand why they have outages when Azure or AWS has an issue. I think it’s hilarious

Reply

[-]

Warm_Protection_6541@reddit

Yeah probably, I have 5 years of on prem and 5 years of intune. 100% intune and its not close.

Reply

[-]

Real-Victory210@reddit

Obviously not.

Reply

[-]

wired43@reddit

You are not the only one. IMO, Cloud providers are scammers that try and trick the population into thinking Cloud is more reliable.

Reply

[-]

BeyondBreakFix@reddit

On-premise is better in terms of cost, doesn't even have to be in person management either as you can use wireguard or tailscale to remotely manage your servers over a zero trust vpn. Wireguard isn't the easiest thing to configure but it's not super hard either if you look at docs or tutorials. Tailscale is plug n play using wireguard underneath, just install agent on server and sign in with Microsoft account or Google etc to authenticate when you try to access devices.

Reply

[-]

BoysenberryDue3637@reddit

I'm retiring slightly early because of the migration to the cloud. Going to cost 3-4 times more than on-prem but here we go. When the CIO announced that, I gave them a date. My last day will be 4/4.

Reply

[-]

Big-dawg9989@reddit

Nope I prefer on-prem as well

Reply

[-]

Tall-Geologist-1452@reddit

All depends on use case and what is the best for the Business.. I personally like cloud better.. I can spin up 30 servers before you get a quote for the hardware to host them... then shut the down when i am done and do not have any hardware laying around not used.. can scale up and out easily ..with convenance comes cost there is no bought about that but that is the cost of running a redundant work flow.. availability zones, region pairs .. infra as code.. if you really wanted you can replicate from azure to aws and back and forth .. yes the advantages comes with cost..

Reply

[-]

pthomsen91@reddit

Cloud is great for some things but it just seems that all the cloud infrastructure operators I know had no fucking clue what is going on.

Reply

[-]

null_frame@reddit

The only thing I fully push for cloud is Exchange Online. The rest is on-premise.

Reply

[-]

alwyn@reddit

even as a dev I do.

Reply

[-]

Dear-Supermarket3611@reddit

Here’s another one. I’m very jealous of my data, and when every millisecond counts, cloud simply can’t play

Reply

[-]

sryan2k1@reddit

The cloud is a tool. It should not be ignored, nor worshiped. You should learn it, because your peers are. Used correctly, like any tool it is pretty fantastic. We keep a bunch of shit in AWS S3/Glacier for under $1TB/month. Where else are you getting triple redundant cloud backups for that cost? Vendor SaaS is pretty neat too, since that becomes "not your problem"

Reply

[-]

wosmo@reddit

The cloud is just outsourcing. It's the right choice for some roles, and the wrong choice for others. If you want to outsource support and inhouse engineers, you already understand the distinction.

Reply

[-]

SirLoremIpsum@reddit

> The cloud is just outsourcing. It's the right choice for some roles, and the wrong choice for others. If you want to outsource support and inhouse engineers, you already understand the distinction. I wouldn't call it outsourcing. It's just that there's little benefit in personally managing things in house. Like email. Where's the advantage to hosting your own exchange server in house in 2026...? Would you say having that in the cloud is outsourcing? I wouldn't. Its not a competitive advantage for the business. It's just a service that works

Reply

[-]

DiligentPhotographer@reddit

People outside the US who are worried about data sovereignty.

Reply

[-]

In_Gen@reddit

My Exchange environment has been up 100% of the time for the last 5 years. Can Microsoft say the same about 365? No they cannot.

Reply

[-]

WeirdlyCordial@reddit

I've spent 0% of my time patching Exchange in the last 5 years Can on-prem admins say that? No they cannot

Reply

[-]

Mrhiddenlotus@reddit

No, it's not. There's cloud capabilities that simply aren't replicable without an extreme level of investment.

Reply

[-]

Kanduh@reddit

Using Entra and Intune is not outsourcing anything. They are tools, just like Active Directory and SCCM. You can use Entra and Intune while still having on-premise resources in a hybrid state. Regardless, it’s still on YOU to manage and secure the tools. You don’t subscribe to Intune and Entra and Microsoft sets it all up and manages it for you, same as Active Directory and SCCM. They provide the tools, you do the rest.

Reply

[-]

deacon91@reddit

>The cloud is just outsourcing. It's not just outsourcing. Unless you work at a major company with sizeable datacenter footprint, you cannot get the same level of elasticity, functionality, and capacity that of a major cloud provider. There's also plethora of companies where the value/risk proposition of doing on-prem infra is not worth it.

Reply

[-]

Frothyleet@reddit

>We keep a bunch of shit in AWS S3/Glacier for under $1TB/month. Where else are you getting triple redundant cloud backups for that cost? That kind of illustrates one of the potential pitfalls of these cloud tools, too - like, that sounds great, and it is great in some use cases. But if you needed to restore all of that data, or god forbid you wanted to restore it *quickly* - you could be spending ungodly amounts to do so. Which, again, is fine if it meets your use case. But people gotta learn how to work with the new tools.

Reply

[-]

not-geek-enough@reddit

OP is remote but goes into the office anyway

Reply

[-]

Tall_Put_8563@reddit

while everyone is being bent over by cloud services, im chillin running and saving MONEY.

Reply

[-]

grey580a@reddit

intune is dogcrap. Let's be real. There's a lot of good options out there to manage devices besides intune. And the on prem vs azure debate... for me it depends. We do fine managing endpoints in locations just using entra and onedrive/sharepoint. And for others we do fine with on prem ad. Depends on what the client needs.

Reply

[-]

manilove__frogs@reddit

Intune is great, most of the hate I see comes from misconfiguration, like assigning stuff to dynamic groups instead of creating device filters.

Reply

[-]

grey580a@reddit

Didn't like intune. Stuff took forever just for simple tasks. Then again we have used connectwise and ninjaone. So I guess you really can't compare.

Reply

[-]

ParfaitDependent4696@reddit

The 'cloud bill' realization is finally hitting home. Everyone jumped into AI thinking it would be a magic wand, but now they’re stuck with massive subscriptions and tools that just 'generate text' without solving actual business problems. I’ve been building my suite with the 'on-prem' mindset—keep the tools focused, keep the workflows local where possible, and prioritize execution over just 'chatting.' If an AI tool doesn't save you more in time than it costs in compute, it's just technical debt. That’s exactly why we built our tools to be lean and task-specific

Reply

[-]

I-Made-You-Read-This@reddit

There for sure is a movement going back from cloud to on-premises IMO. It depends on the application itself IMO, not all things should be in the cloud. I think our brains just like on-prem because it's what we've learned and have been trained to use. It's hard to change that completely. and it depends which cloud you use. I've heard AWS is nicer to use than Azure for example.

Reply

[-]

Cereal____Killer@reddit

With the prices of servers lately I don’t know that I’m going to have any choice… the “cloud is cheaper” folks have found a friend in AI causing scarcity in the component market

Reply

[-]

TheJesusGuy@reddit

Never left.

Reply

[-]

FalconDriver85@reddit

Sorry, I’m on a different boat. On cloud I can spin up a service for a new project in minutes. And when I say “service” I mean something like an RDS, S3, Azure App Service… whatever. People from accounting asking for a 200TB storage plus backup for tomorrow? Megaboss has approved the project? Yeah, no problem, I’ll just stick a tag on the Azure file storage that says “Department”:”Accounting” and will resize it next month when they will come crying that they’re now spending couple thousand euro per month. I have a bias? Probably yes. When I transitioned from development to system administration, cloud was already old enough that people already understood that using Azure or AWS or whatever just to spin up virtual machines was the dumbest idea ever About GPOs no, sorry, I fu**ing hate them. How do I manage them programmatically? How do I perform a diff to see where they have been changed? Everything I can do on cloud I can manage with IaC. Intune policies, Azure RBAC permissions, AWS IAM policies… I can manage them via Terraform or any other IaC tool and not only make a diff between versions I deployed but also check for drifts. I’m getting sick anytime I have to deal with ADUC, ADSI, GPO consoles etc, with interfaces stuck in the early 2000 where you can’t just “search”: you have to click, click, right click, click, click, right click. In the year 2000 Active Directory was amazing. Truly amazing. But management tools didn’t evolve. There’s PowerShell… yeah, PowerShell… where tooling for managing things are still not ported to PowerShell 7, not cross platform, rely heavily on .Net Framework, a technology that is basically deprecated, and where Invoke-WebRequest still relies on the Internet Options control panel applet from Internet Explorer 5…

Reply

[-]

ZY6K9fw4tJ5fNvKx@reddit

People from accounting should know how much 200TB cloud costs.

Reply

[-]

FalconDriver85@reddit

Nope! 🙂 People from _governance_, the same team we infra nerds ask for assistance on licensing matters, know how much a 200TB file share on a premium FileStorage Storage Account cost. People from other departments just think 200TB will cost like 10x20TB hard disks over a couple years, because that’s what someone (not us) told them. Usually ends up with them copying all their files on a dedicated SharePoint site, because there was basically no need for a file share in the first place, but I digressed…

Reply

[-]

domagoj2016@reddit

No.

Reply

[-]

modernknight87@reddit

Nope. You are not alone. Another on-prem junkie here! Far less competition, and less hunting for your position.

Reply

[-]

Tracer8881@reddit

Yeah

Reply

[-]

FloweredWallpaper@reddit

Raises hand. 5 years until retirement. When I leave, they can do whatever they want, but given what the costs are, I suspect whoever they hire to take my place will either A) be good with it, or B) be young enough that they had little to no experience with an on-prem solution and start to figure out if they can move everything over.

Reply

[-]

TheDongles@reddit

I wish we could go on prem. I came into IT as my orgs were either moving to cloud from on prem/hosted. It makes me feel like I’m really not much of a sys admin when the extent of on prem comfort is a NAS or NVR. But they’d shit their pants with the cost of servers and storage right now. Hopefully these AI data center orders will fall through so ya boy can afford to replace the failing drives in his NAS at home. Though I’ve heard nightmares about managing on prem exchange. That still the case these days? Most folks I talk to are on EXO.

Reply

[-]

not_today88@reddit

It's cool until you have to buy new servers and infra. Have you priced things lately? I'd rather stay hybrid anyway and many of our critical LOB systems are SaaS or moving that way.

Reply

[-]

manilove__frogs@reddit

SaaS sprawl is real though, and companies can quickly grow to a scale where SaaS starts to make less sense due to licensing cost that don't scale.

Reply

[-]

HayabusaJack@reddit

I’m at a company that was purchased by a corp. The onprem gear is ancient and needs to be retired. The goal by purchasing was to put the environment in the cloud but the company has almost a petabyte of data which ended up costing almost $100,000 a month to host. The corp went, “whoops” and left it onprem but are balking at spending anything to replace the ancient onprem gear. Fun times. Years ago I looked at the cost of putting my personal remote server in the cloud and found it cost twice as much as I was already paying and nope’d out of it. I didn’t need the support infrastructure that came with being on AWS vs a physical server sitting in a rack in Miami.

Reply

[-]

manilove__frogs@reddit

Shouldn't be putting 'servers' in the cloud, use PAAS app services, container apps, etc... for legacy stuff you can do AVD and AzureSQL and things like that, purchase instance reservations for anything that runs 24/7, the other stuff can scale and shutdown on demand. We have some finance apps that only get touched once or twice a week, the AVD session host powers off at 6pm and doesn't start again until the first person tries to connect. Azure SQL similarly shuts down after 2 hours of no connections and starts up on connection request...they end up costing us tens of dollars per month, where always on servers would be hundreds.

Reply

[-]

NoneOfTheAbove999@reddit

We are on-prem because reasons, and that won't change for the foreseeable future. I like on-prem. Once you've outsourced your infrastructure, you don't control it any longer. I know, encryption, security, cost, blah, blah, blah. Someone else holds your life in their hands. We're sticking with on-prem.

Reply

[-]

Xibby@reddit

Best part of cloud infrastructure is everything can be deployed by Terraform. Worst part is learning what should and should not be deployed by Terraform. I have exceptions in Terraform thanks to the Crowdstrike incident… the official Microsoft fix for Windows Azure VMs cloned the OS disk, renamed it, new ID, etc. so Terraform wanted to destroy everything. Good times. The 90/10 rule… automating the first 90% is easy. The last 10% is the real challenge. We got so close to a new colo cage where we could IAC everything, router, firewall, networking… fully designed to the point where there was storage and subnets dedicated to legacy, manually created VMs and install software on them. Even diagramed the ticketing workflows for requesting changes to the IAC code.

Reply

[-]

manilove__frogs@reddit

You can IAC the virtualization of on-prem.

Reply

[-]

MyNameIsNotMud@reddit

Heck no, I've been on-prem for 34 years. But I'm retiring.

Reply

[-]

EverOnGuard@reddit

Meh, I like all of it. And I like being able to easily move between different platforms. On prem is great until you get audited by Microsoft. And how can we forget what Broadcom did to us? I’d take office 365 over Exchange on prem every day. But I understand what you mean. I’ve been an MCSE since Server 2000.

Reply

[-]

poser8@reddit

Anything that lives more than 3 years has no business in the cloud. IMHO

Reply

[-]

FireFitKiwi@reddit

No, that's normal. Someone else's computer only.makes sense when you have it over multiple regions and need that kind of uptime. Otherwise you're paying a premium for hosting and management layers to have it out of your hands.

Reply

[-]

Trust_8067@reddit

As a cloud provider, I prefer you continue giving me your business, but as an IT worker, yes and it is on prem infrastructure to me =)

Reply

[-]

VinceP312@reddit

I don't miss on prem anything.

Reply

[-]

autobahn@reddit

AD/GPO belongs in the cloud. The only way this makes any sense at all if your workforce is entirely based in an office and never works from home. Do I believe on-prem or bare-metal infrastructure makes sense in certain cases? Sure! But not for your windows architecture. Microsoft is all-in on entra and azure for that. Do I understand how someone would prefer it? Sure, doing things the same way you've done them for 20 years is definitely comfortable.

Reply

[-]

Junior-Tourist3480@reddit

No But it comes down to support. If you dont have a good team, then forget it.

Reply

[-]

killerpotti@reddit

As always it depends.. for example rarely anyone prefers email servers on prem. Saas all the way.

Reply

[-]

davidhk21010@reddit

Col-location datacenters are a great way to go. You own the hardware and don't have to worry about power, cooling and Internet access.

Reply

[-]

Rhythm_Killer@reddit

Services make sense in cloud, heavy compute and storage do not

Reply

[-]

t_whales@reddit

I like using both. We are hybrid and there is value to both.

Reply

[-]

GeriatricTech@reddit

No. It's the FAR better model and much more manageable.

Reply

[-]

MadMacs77@reddit

One big exception to this: Exchange. I’d never want to deal with on-prem Exchange ever again.

Reply

[-]

beritknight@reddit

Do we really have to have this same pointless thread every 2 weeks?

Reply

[-]

derpman86@reddit

It depends on the size of the organisation you are dealing with. My work deals with countless tiny businesses, many use to have an SBS box once upon a time and now are just on the cloud. Far easier to manage for smaller businesses. We still have many onsite situations where on prem makes more sense.

Reply

[-]

syntaxerror53@reddit

Each one has its use case depending on business and requirements. No one solution fits all scenarios.

Reply

[-]

derpman86@reddit

Yep, it is just my experience reading so many posts on here that many people just think it a corporate or large organisational context. There is a crazy hate for MSP's (granted there are quite a few shitty ones) and don't understand why a tiny business cannot have a sole dedicated i.t guy or team or run dedicated server environments any more.

Reply

[-]

evolutionxtinct@reddit

Nope the cloud sucks! Bring me back hardware I can smell!

Reply

[-]

Lonely-Abalone-5104@reddit

Nah I love the cloud but it’s expensive and onprem still has its place for certain workloads

Reply

[-]

checkpoint404@reddit

Nope. I hate cloud. Made a ton of money consulting with businesses bringing them back on-prem.

Reply

[-]

disclosure5@reddit

AD is specifically talking about AD and GPOs. Let's be real, the standard for GPOs the moment someone takes a laptop home is to ask them to start a VPN and cross your fingers that something will sync, and plenty of random nonsense just requires people walking into the office.

Reply

[-]

PowerShellGenius@reddit

Some T-Mobile 5G home internet setups have broken IKE/IPsec lately, otherwise Always On VPN with machine certs has been rock solid for us.

Reply

[-]

pdp10@reddit

Using all-UDP IKEv2 is safer, especially when the destination VPN gateway is IPv4-only. T-Mobile USA's mobile network is basically all IPv6, so connections to IPv4 destinations have to go through NAT64. With original IPsec-ESP, the IP type 50 has no port numbers, meaning clients can't as easily share IPv4 source addresses in pools. I'm not guaranteeing that's been an issue for you, but I am recommending ensuring that you're using IKEv2 or another tunneling protocol using UDP, or TCP if there's no UDP option.

Reply

[-]

PowerShellGenius@reddit

I am using the IKE VPN with a Windows Server running the RRAS role, and the built in always on VPN client functionality on Windows clients. I will have to look into whether this supports IKEv2 over UDP.

Reply

[-]

Own_Back_2038@reddit

464xlat breaks some Ike header. The fix is to use an IPv6 server endpoint

Reply

[-]

PowerShellGenius@reddit

Our uplink is a small-ish local ISP. Great customer service compared to the bigger ones, but IPv6 is not a thing in their network whatsoever :(

Reply

[-]

Own_Back_2038@reddit

Haha yeah same issue here… we’ve been trying to get lumen to give us an address but literally have been unable to get them to help us for like a year.

Reply

[-]

hainesk@reddit

This is good info. I have been trying to use a VPN (Wireguard or OpenVPN) through a Mint Mobile hotspot via a cell phone (T-Mobile network) and on a computer it always drops the download speed to 0 while upload still seems to work. On my tablet though it seems to still work? I can't figure it out...

Reply

[-]

pdp10@reddit

It can't be the encapsulation and NAT64 with Wireguard and OpenVPN, because both use UDP and the latter can optionally use TCP. It's really just original IPsec that causes concern for mainstream use. GRE could have the same issue if anyone was using that for multi-hop tunneling any more.

Reply

[-]

Moyer_guy@reddit

Why would you expect a user to enable the vpn manually? We provision laptops with the vpn installed, preconfigured, and always on. Most people never know about it unless there's an issue which should be rare if set up correctly.

Reply

[-]

PowerShellGenius@reddit

The biggest issue is going to be mindless box checkers who don't accept compensating controls, because they don't know enough about how things work to evaluate them. Anyone who knows how things work and understands common attacks will say a certificate whose private key lives in the TPM of your work laptop, which is a strong credential you literally cannot give away to a remote attacker without shipping them your laptop, is a much stronger VPN credential than a password + an easily-phished TOTP or pop-up authenticator app. But to an insurance broker with no tech background selling cyber insurance, if the checkbox says "MFA for VPN access", the TOTP will make them happy, and asking them to escalate to someone who even knows what a certificate is to evaluate your controls, will slow things down and make the CFO who handles insurance angry that you don't just "comply".

Reply

[-]

Cheomesh@reddit

In your TPM example, the second factor of authentication is still the user logging in, correct?

Reply

[-]

PowerShellGenius@reddit

The user must log in to use the laptop, yes. They must possess the company laptop that has the cert, and use a password (or PIN) to log into it, before that employee can access the network. However, one can argue it's not MFA because technically the DEVICE is accessing the network remotely when it is at the login screen. (That is why password resets work for off site users with AOVPN)

Reply

[-]

Cheomesh@reddit

Ah, so the fact that there's communication through the network prior to/ without a user having logged on or authenticated is the argument that this solution is not MFA?

Reply

[-]

PowerShellGenius@reddit

Exactly. It's effectively two factors standing between a human and having network access. But the VPN itself is only enforcing the device factor before allowing at least some access.

Reply

[-]

Cheomesh@reddit

Roger, thanks for the scenario, I think I would have tripped on that as well. I'd be inclined to say this isn't 2FA for VPN access.

Reply

[-]

checkpoint404@reddit

I'm not sure to be honest. With Always On VPN I don't have any of the issues others are complaining about. When and if the user comes to the office the VPN automatically disconnects. Updates released via WSUS work, GPO's work, etc.

Reply

[-]

13Krytical@reddit

Bingo, seeing where others experience tops out and they go easy route first hand. Just hand your jobs to MSPs if you dunno how to do networking…

Reply

[-]

disclosure5@reddit

Insulting people's networking while commenting on WSUS pushing Windows Updates down a VPN from a server to remote users is a weird flex.

Reply

[-]

Frothyleet@reddit

Managing updates via WSUS does not inherently mean you are pushing the content via a local cache.

Reply

[-]

Cheomesh@reddit

Why

Reply

[-]

Visible_Spare2251@reddit

This made me actually lol. I do not miss any of that stuff.

Reply

[-]

13Krytical@reddit

Not a flex? I was adding to the conversation.. based on OP OP not just the comment. Sysadmin should know networking if you ask me, not a flex, nothing weird.. just my view. I believe we see people experience issues like you described, due to a lack of experience with networking most commonly. VPN connectivity, being a part of the networking I’m talking about in this case, even more so since it’s server based networking…

Reply

[-]

checkpoint404@reddit

I own an MSP, we do a ton of co-management. They have some in house IT guys but they generally lack actual Networking Knowledge, etc. Most of these are in the Medical Field but it's not exclusive.

Reply

[-]

gscjj@reddit

Right your experience depends on something that probably isn’t your primary job responsibility as a sysadmin

Reply

[-]

dustojnikhummer@reddit

Because not every company works the same way. My job is connecting to various clients, each with their own VPN and remote desktop solution. Having an always on VPN + another client would be a disaster. Sure, OpenVPN and Wireguard don't mind each other, but try AnyConnect and GlobalProtect at once.

Reply

[-]

Moyer_guy@reddit

I mean yeah. Everyone has different requirements for their job but your situation sounds very unusual, you're an MSP, or at least IT for multiple places with very different environments. I'm more referring to end users. I can't imagine expecting them to manage their own network/vpn connections. If that's what you're doing I don't envy you.

Reply

[-]

dustojnikhummer@reddit

Not an MSP, more of a software provider. And yes, lot of my work time is spent helping our users keeping their VPN clients alive... it's indeed really annoying.

Reply

[-]

MrShlash@reddit

Defense in depth. Just in time. Users must authenticate to use VPN.

Reply

[-]

Legionof1@reddit

Two tier is the best, if you haven’t authenticated then you get connected to a remediation zone that gives you access to GPOs and SCCM. Once you authenticate then you function as normal.

Reply

[-]

Syde80@reddit

That's how we do it. Prelogin connects with computer cert auth, post login it reauths using user cert. All happens in the background without the user even knowing it's there.

Reply

[-]

Moyer_guy@reddit

We use device based authentication. Easier to manage.

Reply

[-]

GilgameDistance@reddit

GlobalProtect see public IP, GlobalProtect connect to VPN

Reply

[-]

Syde80@reddit

This is exactly our setup. Global protect always on VPN using auto enrolled cert based auth. Once it's setup it is near zero effort for us to maintain and our end users don't even know it's there. Their ability to disconnect it is also blocked... So as long as the machine is internet connected the vpn is connected. It's also pretty cheap to run. We bought a low end PA firewall that is dedicated to just global protect.

Reply

[-]

Ferocious888@reddit (OP)

This has been the one caveat that I have to deal with, is hybrid users, but assuming they’re not fully remote, I just enable (I forget the specific gpo) the gpo that stores domain logins

Reply

[-]

Kanduh@reddit

Why do you prefer on-prem AD and GPOs vs Entra and Intune? It might help to give more information instead of just stating one is better than the other. I would argue managing users and computers in Entra and Intune has far more benefits compared to managing them on-premises in AD and with GPOs. No server hardware to manage. No server OS to service or update. No VPN or security to worry about with remote devices needing to talk to a DC. More capabilities with Intune and Autopilot. Better support from Microsoft. Intune and Entra are included in the most popular licenses (M365 BP and M365 E3) so there’s no additional cost. Entra provides SAML for enterprise applications without any additional hardware or software needed, and is supported out of the box for nearly all enterprise applications at this point. Guest/external users are easily managed from Entra. Conditional access policies provide robust controls for all cloud applications.

Reply

[-]

Cheomesh@reddit

If one had an all on prem environment, how does one begin integrating Entra to begin the migration?

Reply

[-]

Kanduh@reddit

Entra Connect sync is what you need. Most places already use it to sync users; you’ll want to sync devices as well so they can be managed within Intune. Hybrid is nice because you’ll still have all the users and devices in AD as your source of truth, but still be able to take advantage of Intune

Reply

[-]

Cheomesh@reddit

Ah, I remember Entra Connect. Prior to that you need a commercial Azure account for the business and some kind of setup out there - that's the kinda first step I was curious about.

Reply

[-]

BatemansChainsaw@reddit

> prefer on-prem AD and GPOs vs Entra and Intune the granularity with polices just isn't there with entra or intune

Reply

[-]

fatalflaw87@reddit

Cached credentials.

Reply

[-]

jaydizzleforshizzle@reddit

This, there’s plenty of reasons to not use cloud and host on prem, but ad/gpo is not the one to stand on. Be it because Microsoft has essentially all but EoL it, or entra/intune is just generally easier and better to use.

Reply

[-]

Cheomesh@reddit

They called the Intune equivalent Configuration Profiles, yeah? I've sat through some classwork for Intune but ally sys admin years were on-prem still.

Reply

[-]

jaydizzleforshizzle@reddit

Yup and this is where the dudes joke above about the “s” in intune stands for speed. It’s not a force pull mechanism, it has delays because everything is going through Microsoft’s global proxy, and to handle their scale they have heavy time gates, this leads to situations where you’ve pushed a config or app and the device hasn’t phoned home yet. This tends to be why people still want a RMM, as that is a more dedicated line. Intune is about baseline configuration, although it’s getting better at active remediations and response.

Reply

[-]

Cheomesh@reddit

Thanks, while I have some of the theory down the lack of direct experience keeps those kinds of things out of mind for me.

Reply

[-]

RikiWardOG@reddit

Intune the s stands for speed

Reply

[-]

checkpoint404@reddit

Yup....

Reply

[-]

MrShlash@reddit

What is your usual recommendation for IAM? Cloud, on-prem, hybrid?

Reply

[-]

checkpoint404@reddit

Om-prem for the most part, although a few businesses my MSP manages do indeed have a hybrid setup.

Reply

[-]

0xmerp@reddit

Curious what you use as your IAM. I looked into it a lot and could not find one that was truly enterprise ready. ADFS is outdated as fuck, Shibboleth is basically going to require someone whose full time job is managing it, Authentik did not appear to be fully enterprise ready though great for a homelab.

Reply

[-]

Frothyleet@reddit

I think most people who use on prem as their primary IDP are syncing it up with a SSO tool like Okta. Honestly if you are trying to get SSO going with SaaS providers and you are stubbornly trying to make it work, you either have to have a crazy edge case I can't imagine, or you're just being a "fuck the cloud!!!!" contrarian.

Reply

[-]

0xmerp@reddit

I assumed most businesses are some form of hybrid like that. Seemed like “Nope. I hate cloud” suggested they were going for a full on prem including an on prem SSO gateway so I was wondering how that would work while still being even remotely up to date on good practices. You lose conditional access, you’re extremely limited on MFA options, just seems like an objectively poor choice all around even if you dislike cloud services.

Reply

[-]

MrShlash@reddit

What SSO do you use for on-prem? There are limited options tbh it has been a struggle dealing with ad fs

Reply

[-]

benderunit9000@reddit

Sell shovels

Reply

[-]

imtoowhiteandnerdy@reddit

The only thing I hate about the cloud is that it has a high learning curve. Writing effective terraform code is a PITA but once you get used to it it's not that bad.

Reply

[-]

itworkflowguy@reddit

Fully with you on this. Cloud definitely has its place, but for a lot of smaller environments I still find on-prem way more straightforward to manage and troubleshoot. At least when something breaks, you usually know where to look first.

Reply

[-]

SusAdmin42@reddit

I prefer the hybrid approach, especially for small-medium sized businesses. Email? Straight to the cloud. I have a boss who’s dying to get off of on-premise infra, but I just can’t agree.

Reply

[-]

Hollow3ddd@reddit

It is nice to run gpo update and easily update these. Too much junk gets piled into them though imo. They have historically been the root cause of most login delays. It would be nice if they updated the pushing and options, but all that time is pushed into intune now.

Reply

[-]

Altruistic-Map5605@reddit

Depends on what it is. As a network engineer I like to manage all my switches and firewalls by hand on prem but wireless I like being in the cloud without an on-prem controller.

Reply

[-]

fnordhole@reddit

No.

Reply

[-]

According_Pattern_43@reddit

I will move companies back to on-Prem for free I hate the cloud crap so much. It was amazing back in the day to work on these things and know where your stuff is exactly.

Reply

[-]

planedrop@reddit

Reality is hybrid is the best way to go, there are some things that are better done in the cloud for a lot of places, such as a website. But yeah, for AD I want on prem, and same with anything that needs real power behind it, which in fact could be a website that requires a lot of horsepower, but more often is storage and other stuff like that. But, also there are good use cases for other cloud services for like backups and shit, though I presume most people that are all about on-prem already know that and are really talking about the big 3 providers and putting things like VMs or serverless setups in the cloud.

Reply

[-]

Money-Skin6875@reddit

I’m a hybrid lover. One offs, small IT applets, a pair of DC, fixed assets, test environments…all on prem. The rest? Cloud.

Reply

[-]

maryteiss@reddit

This is what we see a lot too in client infrastructures. The conversation is less on prem v. cloud and more weighing which is the best fit for what.

Reply

[-]

FuelSignificant1466@reddit

imo the real shift isn’t cloud vs on prem its treating both as tools instead of ideology lol

Reply

[-]

lweinmunson@reddit

Everyone wants the cloud until they see the bill.

Reply

[-]

Midnight_Rain1213@reddit

I'm in manufacturing. Very little of our infrastructure is in the cloud. If you have enough remote locations, the network just isn't robust enough to run from the cloud. :)

Reply

[-]

arensb@reddit

Eh. Both have their place. With on-prem hardware, you have more control, and that gives security officers warm fuzzies. So no, I'm not going to say you're wrong for preferring on-prem, certainly not without knowing more about what you're doing.

Reply

[-]

kiddj1@reddit

No because I'm not managing windows servers

Reply

[-]

Sp00nD00d@reddit

Nope, definitely not the only one.

Reply

[-]

Unable-Entrance3110@reddit

We are a mix. But, yes, I do prefer hosting myself, if possible. Though, I guess I don't really miss hosting publicly accessible stuff like Exchange, FTP and VPNs. I don't think we will ever move away from on-prem entirely though since we are a CAD shop and work with a lot of large, latency-sensitive, files.

Reply

[-]

Siphyre@reddit

Every tool has its purpose. Intune is great when there is no vpn or internal resources to access. Or if you need to manage devices that might not connect to the vpn often while remote. AD/GPO is great if they never leave the building.

Reply

[-]

joedotdog@reddit

Fuck the cloud.

Reply

[-]

UrgentSiesta@reddit

You must not be paying the bills, then.

Reply

[-]

brm20_@reddit

No you’re absolutely not the only one

Reply

[-]

dedjedi@reddit

"any other Carpenters not like their hammer? If a random Rock was good enough for my pappy, it's good enough for me"

Reply

[-]

dlongwing@reddit

There is no cloud. It's just someone else's computer. I definitely prefer on-prem and I think most of the conversation around cloud is marketing smoke... There's a lot of businesses pulling back from the cloud because the reliability isn't better than on-prem and the cost-benefit doesn't add up. Nonetheless, there's still a lot of focus and investment in cloud infrastructure. Intune is garbage, but if you need to jump jobs they'll pass on you if you don't know how to admin Intune. It pays to stay on top of widely-used technologies. I'm with you though. Give me a GPO over intune any day of the week. Far more reliable.

Reply

[-]

EnvironmentalBug5525@reddit

The "cloud" is just someone else's computers, it's just a fancy name for letting someone else handle the hardware. I hate it except in a few cases where it makes sense, in most cases when you look at the cost benefit, it's usually a loss.

Reply

[-]

joverclock@reddit

as others have pointed out. its all a big circle. Too many variables on how the business works to decide one way is better than other right now but with current and projected hardware pricing I will put my money on letting someone else pay for upgrades and maintenance.

Reply

[-]

jpnd123@reddit

CapEx vs OpEx, depends on how the company wants to runs things. There are times for one or the other. One leans towards quick turnaround and agility, the other has cost savings but needs proper planning.

Reply

[-]

ZY6K9fw4tJ5fNvKx@reddit

Leasing is a thing you know. If you really want OpEx.

Reply

[-]

spazmo_warrior@reddit

no. next question?

Reply

[-]

ZY6K9fw4tJ5fNvKx@reddit

Cloud never solved a problem I actually had.

Reply

[-]

AdmRL_@reddit

Nope, a properly managed and setup M365 & Azure environment is a dream to work with. That said any on prem environment is a lot better than the average SMB's 365 & Azure setup which is often a massive bloated pile of shite.

Reply

[-]

Obvious_Mode_5382@reddit

No tire not alone in that

Reply

[-]

No_Yesterday_3260@reddit

Depends - If it's in a datacenter that you yourself have access to etc. through a VPN/MPLS etc. But stuff like Azure and such I'm not a fan of - Lack of control, slow interfaces etc., absolutely hate it.

Reply

[-]

uninspiredalias@reddit

We have a hybrid environment and I think I'm good with that. Some things I'm happy to offload, others I don't want to let go of. Intune in particular I have found unreliable for our specific (although very limited) needs, so I'm sort of peeling that back. I may push forward again later when I have more time to really dig into it.

Reply

[-]

Nonaveragemonkey@reddit

Nope. Hard to maintain control of the information if the machines it lives on aren't yours.

Reply

[-]

Iseeapool@reddit

Same here. I hate golden handcuffs and that’s litteraly what cloud is about.

Reply

[-]

acidlink88@reddit

It's all based on company and workload

Reply

[-]

ninjaslikecheez@reddit

With the whole trust lost by US nowadays in Europe, I very much prefer on prem. But so far nobody wants to move.

Reply

[-]

ErrorID10T@reddit

Definitely not the only one. On prem is significantly more reliable and about 20% of the cost of the cloud if you do it right.

Reply

[-]

Euler007@reddit

Not having exchange and SharePoint on premise is a lot less taxing on my time.

Reply

[-]

vesko18@reddit

I see you work only in an office and have never touched an exchange server or had to replace faulty storage in the other side of the city at 2AM.

Reply

[-]

FortuneIIIPick@reddit

I selfhost, all my equipment is here.

Reply

[-]

b33pb00p101@reddit

Depends if I have maintain a quickbooks/exchange server again.

Reply

[-]

evendedwifestillnags@reddit

Yeah rightworks and others are in business for a reason. F QuickBooks

Reply

[-]

CraftedPacket@reddit

Right Networks is garbage for quickbooks. We host clients that need quickbooks enterprise in our private cloud. Most of their networks are a hybrid with office 365. Quickbooks online just doesnt have the same feature set as quickbooks enterprise. But their constant broken updates are a PITA.

Reply

[-]

evendedwifestillnags@reddit

Yeah peoples experiences vary but, Man I wish I owned a garbage 140M company.

Reply

[-]

dodexahedron@reddit

Quickbooks would be an upgrade, here. Sage 50 Quantum for Manufacturing.🫠 We intend to move either to quickbooks advanced or Microsoft Dynamics. I will be so happy not to have Sage anywhere in my environment. It is literally the only thing that has generated trouble tickets since Jan 1st internally, here, aside from the user who dropped a dime in their keyboard and couldn't figure out why weird things kept happening on screen (due to the keys it would cause to briefly jam down) until they finally looked down at the keyboard...And then the ticket promptly resolved with an apology. 😆

Reply

[-]

Lv_InSaNe_vL@reddit

At my last job we supported a custom winforms application written by someone who hadn't been at the company for a few years that basically clobbered together some sort of Safe 50 api and then connected it to a msql database 🙃

Reply

[-]

JerryRiceOfOhio2@reddit

on prem is better if you know what you're doing

Reply

[-]

Intrepid_Ring4239@reddit

The cloud is great. When it's down there's nothing whatsoever you can do about it at all other than wait alongside all your users until someone/somewhere fixes it. When your on-prem stuff breaks it's all on you and there's no sleeping until it's back up.

Reply

[-]

mohillic@reddit

i'm an on-prem guy, the cloud is useful for some things but definitely like to keep things within reach.

Reply

[-]

GullibleDetective@reddit

No, and this isn't an uncommon thing at all

Reply

[-]

CoolNefariousness668@reddit

Personally live in the hybrid world and cannot really see that changing for a long, long time yet.

Reply

[-]

BasicallyFake@reddit

im in the full hybrid bandwagon. Put stuff where it makes sense.

Reply

[-]

liar_atoms@reddit

You're not alone.

Reply

[-]

XB_Demon1337@reddit

Depends on the service. AzureAD/Entra are great so you don't need to worry about VPNs just for AD authentication stuff. Azure servers? That is hit or miss. If it is just a web server, then not a big deal and actually pretty good. Anything more than that? Can be a problem. Doing any kind of networking with Azure can be a pain. With Enterprise Apps and all the connections you can make for tools these days it is difficult to not go with AzureAD.

Reply

[-]

Infinite-Land-232@reddit

Take a number

Reply

[-]

sonicc_boom@reddit

Yes almost everything except Exchange and Sharepoint.

Reply

[-]

Redemptions@reddit

There is something about holding the bare metal in your hands, the sound of snapping in a dozen RAM modules, the smell of electronics coming out of their anti-static bags, the pain of rail lube getting in that fresh cut, the 'tink, tink, clunk' of your last spare cage nut falling down the rack onto the floor under your UPS. The feel of whatever that material they make the crash carts out of, while you push it down the aisle as it quietly goes thud thud thud as each wheel crosses the grooves between raised floor tiles. The heat pouring off the back of your rack while your body goes cold, realizing you have absolutely no idea which damn server is down because the UID light is covered with a waterfall of patch cables thicker thicker than vines in a jungle. But I'm a manager now and there's a bigger picture. The "there's never enough money in the budget to buy replacements or renew our maintenance" is so tiresome, I have embraced cloud infra. If leadership wants something, they pay for it, and there is no ability to 'not buy something' this month. Our SAAS stuff is always patched, or hardware will be as fast as leadership wants to pay for, and I don't have to have an engineer spend 90 minutes in the datacenter diagnosing the slightly dim amber light on a server. While platform/infra components still require hands on; being able to utilize serverless DBs and file system nodes, automated server deployments and tools, there is theoretically more time to tackle issues we've avoided looking at. I know that despite AWS & Microsoft's larger attack surface, they are going to have an overall better security stance. They will have a security team with width and depth that I will ever be able to afford. They have FAR more financial and reputational risk than my org does and generally commit resources to protect those. There are outages with both and they are LARGE with lots of media reporting, but when I look through some of our incidents when we were on prem, not only were they multiple days, it frequently involved paid incident calls with MS, an MSP signal flare, and always overtime. We have an outage now, the team doesn't have to stress, IT leadership just needs to have good communication and make sure that expectations are managed. Then, we have AAR, look at what we could have done to reduce the impact on us (almost always 'Leadership would need to pony up extra cash for greater redundancy and tooling), and we go about our day. In the mean time, I haven't taken a young engineer away from their spouse and child for two days straight, I didn't have to call anyone on vacation, and they don't burn out as quickly.

Reply

[-]

TheWeakLink@reddit

Nope! I’m with you! I just started at a new place and I’m trying to bring back a bunch of stuff back in house. The Azure spend is getting ridiculous, we could be buying brand new servers every 3 years or less at our rate of spend.

Reply

[-]

recoveringasshole0@reddit

![gif](giphy|lSDFetrqeeY0rCi3Ss)

Reply

[-]

smilNwave@reddit

I completely agree but I’m leaning towards the hybrid camp now. It’s not my money and plus having an emergency backup vm in cloud has saved me time and time again lol

Reply

[-]

19610taw3@reddit

I like on prem because ... it's my job. If there's nothing on premise , I have no job haha. I understand the accounting benefits of cloud.

Reply

[-]

Soggy-Instruction303@reddit

Philosphie LTSC on va tout faire pour tenir pour la gestion du wsus car intune et leurs abonnements à la con ...

Reply

[-]

PositiveBubbles@reddit

Intune is dogshit to SCCM lol

Reply

[-]

hacman113@reddit

No you’re not. I very much take the view of “right tool for the job”, and there are plenty of situations where on/prem/colo is absolutely superior to public cloud.

Reply

[-]

Turbulent-Falcon-918@reddit

No — but for a different reason : i miss on premise work because you could just show up do the thing and leave and not have to kiss ass so much to people who should be banned from touching technology for the good of society :p

Reply

[-]

SOHC427@reddit

Just ran LiveOptics and looked at the cloud cost estimates it provided. Ranged from $60K-$75K monthly. With the cost of hardware these days, that's not outrageous.

Reply

[-]

Calm_House8714@reddit

It really depends, I get the benefits of total control. But as far as security goes if can push to 100% cloud native apps all integrated into a single IAM (and access only allowed through that IAM) it really allows a lot of attack surface reduction. You can have a network with no exploitable local servers. No locally exploitable printers or IOT devices (because if using a cloud solution your device should only allow/or be allowed traffic to it's specific cloud service). Your firewalls can be configured to flat out deny any incoming connections. You can restrict endpoint communication to your gateway only. No inter-device traffic or VPN access to your network to worry about. Your main focus becomes IAM, permissions management etc. If done right, you can make any form of lateral movement damn near impossible. Vulnerabilities in cloud services do happen, but a lot of the times if access can't happen in the first place, then the vulnerability is mitigated. We flat out deny any access from unregistered devices to any app, and we don't have a BYOD program of any kind. Remote work is seamless. You just take your laptop and work. IMO: a service like Entra Internet Access, Nordlayer, Permiter81, Zorus etc is incredibly beneficial when dealing with a lot of remote work. Obviously other controls EDP, SIEM, **END USER TRANING!!!!** are still of paramount importance. But you can massively reduce what an attacker is able to accomplish with a compromised device.

Reply

[-]

Library_IT_guy@reddit

Some things make more sense in the cloud, but for standard AD, DHCP, DNS, GPO, that kind of stuff... I prefer on-prem. I guess the one nice thing is that with cloud, I would not be personally responsible for backups and updates to that stuff. We'd just be paying a service to do that. On the other hand probably higher risk of downtime due to them screwing something up.

Reply

[-]

jstar77@reddit

Yes and no.... Moving Exchange to the cloud was a 100% quality of life improvement. Moving devices to Intune has been a net negative administrative experience but has been mostly transparent for end users. The biggest problem that I am finding for mid sized orgs is that every service is moving to the cloud.... Except for almost everyone they need you to spin up a VM on prem to make their cloud service work.... So I have both the expense of maintaining on prem infrastructure and paying for cloud services.

Reply

[-]

thebbtrev@reddit

Problem is that all the Dunning-Kruger bozos in IT leadership read cloud solves everything in some Economist article and drank the hell out of that Kool-aid.

Reply

[-]

Simmery@reddit

Now they are reading AI bullshit and giving the side-eye to all of us.

Reply

[-]

thebbtrev@reddit

Are you nuts! AI doesn’t make mistakes anymore, and soon it will just do your job for you! /s

Reply

[-]

syntaxerror53@reddit

And it doesn't moan, demand a pay rise or take a sickie, except when "DNS" has a hissy fit. /s

Reply

[-]

Sea-Aardvark-756@reddit

Brought to you by the same prophets who thought most companies would be fully remote by 2020, using VR/AR headsets by 2024 with NFT avatars in their meetings attended from a self-driving car they purchases with cryptocurrency. The one thing you can count on is the people who will benefit from technology being adopted making horrible predictions about its adoption.

Reply

[-]

aenae@reddit

Boss yesterday: You should use AI, it will speed up your work a lot! We: We already use AI quite a bit. But it just doesn't understand our code because of 25 years of tech debt. As we already said, we need more developers to maintain this! Boss: Just use more AI! And i saw this AI feature on $random site, can you implement that? We can do a race, to see which department can vibe code it the fastest for their site! And i want feature X, and feature Y but all you do is complain about 'maintenance'.

Reply

[-]

Mrhiddenlotus@reddit

There's just as much dunning-kruger that's anti-cloud. Just look at this thread.

Reply

[-]

OzymandiasKoK@reddit

Gartner quadrants...

Reply

[-]

anfotero@reddit

I've regarded the cloud as bad idea since its inception and I've not changed opinion.

Reply

[-]

CPAtech@reddit

For certain workloads it's a good idea. For others it is not. Use the right tool for the job.

Reply

[-]

Hsensei@reddit

Email stays on the cloud everything else can stay on prem. Just make sure you have a robust backup policy with off-site as well. Also need to make sure you have a plan for ramsomware. The biggest hurdle to keeping it local is the massive cost of upgrading hardware when it's needed. Especially now, last few server quotes have been astronomical.

Reply

[-]

largos7289@reddit

I'm old and old school LOL, so yea, but also see the benefits of cloud. I don't know if you could talk me into going back to on premise mail servers again and at this point i don't even know if i remember half of what i use to with them.

Reply

[-]

Chronos_The_Titan@reddit

I think it depends, I love on-prem in the long term for control and ease of access. But both has their place as a business grows and shrinks.

Reply

[-]

phatbrasil@reddit

On Orem is getting back into fashion. Now with cloud native processes. Erm. AI synergy hybrid cloud .... Sorry needed to hit my quota of buzz words

Reply

[-]

plazman30@reddit

I love how they pushed us all to Azure and then noticed a massive increase in costs. Now we're being asked to power off test servers when not in use, need to justify why my server really needs 64 GB or RAM in it. My RAM, CPU and storage gets audited monthly and I get an "unnecessary cost" report. And I go though the same BS. Yes, my server needs 64 GB of RAM. And it needs it for 10 days a month only. The rest of the month, 8 GB would be fine. But you don't have a process in place that allows me to increase and decrease RAM easily, without a lot of paperwork and a 2 week lead time to make that kind of change. So, you get stuck with the bill. My server needs 64 GB of RAM and connects to a 16 TB database and it's mission critical. That has no business being in "the cloud." It needs to be on-prem and on it's own physical hardware. Yes, the app is a pig. No, there are no alternatives. We just need to deal with it.

Reply

[-]

WeirdlyCordial@reddit

There’s downsides to the cloud, but it’s not my money, and it is my time, so I don’t miss late night patch windows and I don’t miss trying to get remote clients who lost vpn reconnected and I don’t miss janitoring Exchange (tbf it got a lot better by 2016 which was the last version we had on-prem but still) and I love being able to update firmware on office network devices without worrying about some VP who is working late night and can’t have VPN go down ever and I like that downtime isn’t my problem So, overall, nah

Reply

[-]

MyWorkIsNotYetDone@reddit

So much this. I don't ever want to patch another damned server again.

Reply

[-]

_litz@reddit

Cloud is like renting vs owning. You do nothing but pour money into someone else's pocket.

Reply

[-]

MetalEnthusiast83@reddit

No, my employer is renting the server space. If they give me the budget for it, I don't give a fuck. I don't want to spend time maintaining hardware.

Reply

[-]

gixxer-kid@reddit

Have to disagree on that take. You buy hardware then pay for support over the top of it, then buy extended warranty when the time comes. All throughout the hardware cycle you’re hoping nothing breaks otherwise that’s more cost. The cost and time of maintaining said underlying hardware = £££ Operationally, if you spec and buy hardware what happens after 12-24 months when it’s no longer fit for purpose and can’t scale? More hardware? You’re bound by the hardware limit. The cloud is expensive but when right sized, it CAN make so much more sense to budgets. I think most organisations would benefit from some Sort of hybrid approach.

Reply

[-]

evendedwifestillnags@reddit

I understand you but don't take this the wrong way nothing but love here; but sometimes renting is better.... Sometimes leasing a car is better... Depends on what you want

Reply

[-]

dodexahedron@reddit

Based. (That's what the fellow kids would say, right?) I love me my on-prem stuff that benefits from being on-prem, for various different reasons. Hard to beat tue speed, flexibility, agility, control, and extremely low incremental costs of on-prem stuff, once the infrastructure is in place. And spinning up a prototype of something is effectively free. But I also love me my cloud stuff that benefits from the sheer economies of scale that benefit my organization disproportionately. For example, there's the smorgasbord that is MS 365 E5/F5, which gives so much more than we ever had before, at a fraction of the minimum licensing cost of all of it otherwise if on-prem, and with very little administrative overhead, and without the resource consumption of those systems. And the cost is largely offset by the fact that we were able to drop most of our volume agreement for Windows Enterprise + SA, because E5 covers those licenses already, making it a no-brainer.

Reply

[-]

dancunn@reddit

But it's not my money or my pocket.

Reply

[-]

Nakatomi2010@reddit

My boss put me and a couple other guys into a quasi "stand by" role because he realized that building for the cloud is nuking some skill sets, and he doesn't want to lose them. We're basically at a time where people are missing the "Figure it out" gene, so the speak. You can sit me down and say "Fix this", and while my initial reaction will be "WTF? I know nothing about this", I'll ultimately John Wick the problem through sheer frigging will. This is something a number of folks the next generation of IT workers coming up the pipe are missing. Cloud based solutions has basically made people not need to remember commands and code and such, they just pick things through various drop down menus and move on with life. We've moved away from "There's a problem, you need to fix it" to "There's a problem, we need to wait for the vendor to fix it". My boss realized that the "Figure it out" folks are becoming a rare breed, so me and a couple other guys were tossed into a "Figure it out" department of sorts so that the skillset isn't lost within the organization. That said, the more we push things into the cloud, the more we're seeing a need to have things go back to being on-prem as well, and disconnecting from the cloud is going to be a pain in the ass. The current carrot on a stick for Cloud services is AI integration via LLMs and such. I'm trying to head that off my deploying an LLM on-premise and pointing some things to it. The end state of a lot of organizations will likely be a hybrid of on-prem and cloud based stuff. Even for LLMs, I expect we'll use cloud based LLMs for things we're ok with leaving the org, and on-prem LLMs for things that we're not ok with leaving the org.

Reply

[-]

Due_Capital_3507@reddit

Hell no. Would rather have InTune than GPO. GPOs are flaky and will never work off premises.

Reply

[-]

Ok_Consequence7967@reddit

Not alone at all. On-prem gives you control, predictability and you're not at the mercy of a vendor changing pricing or going down and taking your whole operation with it. Intune has come a long way but GPO is still hard to beat for granular control when you know your environment well. Cloud makes sense for some things but the "cloud everything" mentality got pushed hard by vendors with obvious incentives. A lot of companies are quietly walking parts of it back now.

Reply

[-]

Apprehensive-Pin518@reddit

absolutely not.

Reply

[-]

bondguy11@reddit

The only people I know that prefer cloud are those whose job is to manage things in the cloud. Everything works way better when you have onsite Infrastructure.

Reply

[-]

groupwhere@reddit

Definitely. Just don't call it on-premise (shudder).

Reply

[-]

GhoastTypist@reddit

On prem I still think is a tad bit more secure than cloud. Accessibility, if its in the cloud then your access to that data is just behind an identity handler. If its on-prem you need to attack more layers to get through. Maybe I'm completely wrong about that, its just how I think of security and accessibility.

Reply

[-]

Smiles_OBrien@reddit

Depends on what it is. We're in Hybrid AD right now, I like having accounts local, but I also like Autopilot and Intune for getting devices deployed. Everyone says don't go Hybrid for devices. But other than some convenience features missing it hasn't caused us any issues. Email - never on-prem. Let that be someone else's problem (in my industry anyway) Everything in moderation.

Reply

[-]

MekanicalPirate@reddit

I will say i am more comfortable with on-prem. Willing to be open minded with cloud, but our transition to it has been very selective. Don't think it's realistic to expect to become 100% cloud.

Reply

[-]

jsand2@reddit

The majority of our servers, including AD, is on prem. We do have O365, our backups, and other things in the cloud though. I think I prefer having them split.

Reply

[-]

achristian103@reddit

Cloud lets you WFH easily. On-prem has its perks but not enough for me to prefer it or want to go back to dealing with it primarily.

Reply

[-]

SevaraB@reddit

Cloud services, on-prem infrastructure. “Cloud infrastructure” is just an argument waiting to happen with FinOps wonks trying to nickel and dime you to death asking if you *really* need that many VMs in *that many* availability zones.

Reply

[-]

BackPackerNo6370@reddit

I've been running on on-prem cloud for 8 years now, and hybrid exchange. I won't go back to either other option.

Reply

[-]

mgerics@reddit

Me me me

Reply

[-]

Horsemeatburger@reddit

It depends, really. I'm not sure there is any person in our business who looks back favorably to running on-prem Exchange servers or any of the other email solutions we used to have, all which were a PITA. Also, no longer having to manage a local office suite or chat/meeting app is a bonus, as is shared online storage, and collaborative editing of documents now works so much better than with the legacy apps. For everything more complicated, we stay with on-prem. Everything which is business critical is on-prem. We do have some workloads in the cloud but they are accessory workloads or non-critical stuff which benefits from the scalability, but that's it. The majority is on-prem, and all data which is stored in cloud storage is mirrored on-prem. This is because for more or less stable workloads, cloud has shown to be excessively expensive, and the SLAs offered aren't robust enough for us for anything that's critical. So we use cloud where it makes sense for us and in a way which ensures that, should the cloud go down, our business is still able to operate.

Reply

[-]

ohyeahwell@reddit

Good lord no, any time I mess with AD/GPO it feels like extreme caveman times. Entra/Intune/Autopilot all the way.

Reply

[-]

bingblangblong@reddit

That'll be £10,000 per month please

Reply

[-]

picturemeImperfect@reddit

Both

Reply

[-]

lerliplatu@reddit

The non profit I am at is selfhosting their emails and it is really an headache sometimes.

Reply

[-]

bingblangblong@reddit

Nope, I keep as much on-prem as possible and as much open-source as possible. We use m365 because self-hosted email is just worse.

Reply

[-]

shimoheihei2@reddit

I've had my own physical home lab for 30 years and I still enjoy tinkering with it. I've tried all the clouds of course, I have to use them for work, but they have no soul. Also the cloud always ends up being more expensive in the long run, to the eternal surprise of executives.

Reply

[-]

AdWerd1981@reddit

Yep - same here. Eeking out as long as I can before we're purely reliant on cloud. Our practice management is now cloud based and I hate not having the control over whether it works or not. AWS goes down or has issues, our PMS is inaccessible... and I have users stamping on me asking why I can't get it back up and running like I used to with the old system. Gah!

Reply

[-]

Mrhiddenlotus@reddit

They're both good for different purposes. Hybrid is the way.

Reply

[-]

JustClickingAround@reddit

You are not alone

Reply

[-]

420GB@reddit

> prefere on-prem to cloud Definitely. > prefers GPO to MDM Policies Hell no. While Intune is so bad (slow sync, missing policies, hard to troubleshoot) that it's roughly equivalent to GPOs (which work, are powerful and easier to troubleshoot, but require line of sight to a DC) generally speaking the inability for a policy engine to connect to and manage devices that aren't on a VPN is ridiculous and unacceptable in 2026. You need something that works over the WAN, even if it is self-hosted like say AirWatch / Omnissa or whatever it's called now

Reply

[-]

Coupe368@reddit

Cloud was a really good deal, almost too good, then once you are locked in they just crank up the rates and now your budget doesn't make sense. For most things, Cloud is far more expensive after 36 months than just buying the equipment and hiring the staff. Because cloud is just someone else's computer. Its great for short term cost cutting for management to get those quarterly bonuses, but long term its just bad math. Not to mention it opens you up to stupid stuff like MDM attacks.

Reply

[-]

CheeseOnFries@reddit

I prefer it too - we actually switched to on-premise so costs were more or less static, and in the long run end up being cheaper for us.

Reply

[-]

Comfortable_Place465@reddit

On-prem AD/GPO still wins for complex environments where you need "actual" control. That said, if you're dealing with ERP infrastructure decisions, worth checking out [ERP Pilot](https://www.erp-pilot.com) \- it's vendor-neutral and helps identify technical dealbreakers before you're locked into some cloud-only nightmare. How big is your environment? u/Ferocious888

Reply

[-]

jorel43@reddit

Yes you are

Reply

[-]

thatpaulbloke@reddit

It's the right tool for the right job, as always; the issue with IT in particular^1 is a rush towards something whether it's the right choice or not and I've seen it so many times in the last forty years as everything had to be centralised, then everything had to be decentralised, then everything had to be on servers, everything had to be virtualised, everything had to be public cloud and now everything has to be AI. Public cloud is the right solution for some companies some of the time, particularly if they need to scale up and down a lot. I used to have a Hyper-V development server in my house, but it's been turned off for a year now because it desperately needs upgrading and replacing it with Azure infrastructure when I need it costs me way less than buying a new server would. If you have a steady fleet of servers running at a consistent demand then on prem is probably the right way to go, but if you need something accessible from the internet (with all of the protections that requires) that will vary wildly in demand then public cloud might be an easier and cheaper solution. The trick is not to decide the solution^2 before you've even asked the question. ____ *^1 other industries have the "flock towards a thing" problem, but IT seems to suffer from it worse, probably because it can move so quickly; if a wonderful new process is invented for making bread then bakeries might want to use it, but they also have large, expensive ovens that take a lot of effort and money to replace.* *^2 that said, the correct solution will often turn out to be whatever you already have because retooling everything isn't going to make enough difference to pay for the changeover.*

Reply

[-]

Avas_Accumulator@reddit

I'm from an on-prem background, and thank God I am no longer. "The Cloud" or as The Butt for those with the extension that floated around back then has solved me so many scalability issues. And we can't act like uptime is higher without local, extremely heavy, lifting. Intune is good, Exchange Online is great, things like being to leverage Cloudflare with a click, no more smoke in the server room, no more late night pizza patching

Reply

[-]

SikhGamer@reddit

Everything is a circle.

Reply

[-]

AndyceeIT@reddit

No, you're not the only one who prefers on-prem. Now that "The Cloud" is no longer the hype train it used to be, I feel it's much less difficult to justify keeping hardware where it makes sense to do so. Having said that - I don't work in a vacuum. Sometimes a cloud offering is the better option.

Reply

[-]

jarojajan@reddit

everything has its pro's and con"s I used to be on prem only type of guy but recently we had a potential security breach... because of negligence of my colleagues (can't write stupidity) and I was glad we had our sensitive info in a cloud and not on prem. the security is like a chain and if your weakest link is too weak because of one reason or the other then its maybe better to go cloud where it is still harder to steal your data.

Reply

[-]

Unhappy_Clue701@reddit

We are currently repatriating servers from Azure to VMware. The new vSAN Ready Nodes from Dell are much better value than VXRails, so the cost analysis swung heavily back to on-prem. We’ll save well over £1m in the five year life of the new hosts, even after VMware licenses and datacentre hosting costs.

Reply

[-]

js_cloud@reddit

I am also getting more and more tired of Cloud / SaaS. Failure rate and recovery time are much higher than before. And in most cases you can't do anything. Most Cloud App troubles I answer with: Try again later. That is so stupid. But hey - C-Level can point fingers at someone else. And that's what it's all about: Someone else is responsible.

Reply

[-]

catwiesel@reddit

na man, I am all on prem, except for front facing services like webservers

Reply

[-]

AlexisFR@reddit

Do your company having it's own Datacenter counts as on prem?

Reply

[-]

eri-@reddit

The value offered by cloud solutions follows an inverse gauss curve in my eyes, related to company size. For really small businesses, its an absolute no brainer. You very likely don't have the IT skills to do it on prem and you certainly don't have the time to do so whilst running your business (almost) by yourself. For medium sized business the discussion becomes a lot more nuanced and dependant on what you actually do. On prem can certainly be an option, but so can cloud. It depends on a lot of moving parts. For enterprise, cloud basically becomes a necessity once again. It just offers so much more flexibility when your infrastructure has to be available across various countries or even continents.

Reply

[-]

Joe_Dalton42069@reddit

No, i prefer it too and there are many industries that require you to have on prem still.

Reply

[-]

kuahara@reddit

I'm hybrid. I'll never give up on-prem.

Reply

[-]

Ashtoruin@reddit

Yeah we use both. Some things make sense for us to run in the cloud. Some things make sense for us to run on prem. If you're using cloud for everything you're probably wasting some money. Now if we could just get rid of shitlassian products or at the very least shitbucket I'd be happy.

Reply

[-]

kukari@reddit

Saas is OK, but I don’t understand why I should put my infrastructure to cloud, pay 150x more to get more latency. I have two on-prem locations and they are so cheap and fast. I can understand why cloud is pushed so much, it’s good for seller, not gor buyer. At least with medium size business eyes.

Reply

[-]

Seedorf992@reddit

You are not the only one ☝️

Reply

[-]

0xmerp@reddit

It is a tool like any other. I make it clear to any service provider we work with that we have no interest in moving everything to the cloud (and many people have tried to tell us over the past few years how great it is that they no longer need on-prem servers at all), but I also won’t kneecap our company by refusing to use a cloud tool that is clearly superior to anything on-prem, or waste money doing something on-prem where the cloud option is simply a better option. Basically all the good IAM tools are cloud based tools. Or are you making it someone’s full time job to administer a Shibboleth instance? What MDM are you using that is fully on-prem and also works on all of your devices? Or do you just use GPO and no proper MDM? There’s a good reason people don’t do that anymore. SASE inherently includes a cloud component, or are you still using a legacy VPN? Are you using an EDR or still on legacy AV? All good EDRs are also an inherently cloud based service.

Reply

[-]

dustojnikhummer@reddit

Identity management? Hybrid. Actual server hosting? Onprem/rented datacenter with our hardware. GPOs aren't that hot if most of your workforce is WfH.

Reply

[-]

tejanaqkilica@reddit

In your example, they achieve the same thing. So, I don't really care which one I have to use. However the cloud comes with some added benefits where I don't have to care about the VMs running AD or any of the support that comes with it. Much easier backing up Azure and let Microsoft handle redundancy and failover.

Reply

[-]

VirtualDenzel@reddit

Always on prem. Cloud is just another liability.

Reply

[-]

imtoowhiteandnerdy@reddit

Honestly, there are so many cool things you can do with the cloud that you just couldn't do with on-prem. If you needed to scale your services horizontally it meant stacking and racking more physical servers. In the cloud you just have autoscale groups that scale out to horizontally scale your services, or scale in to lower costs during low peak periods. I realize that I'm just focusing on one aspect, but it's a big enough advantage for me. Also I do not miss managing iDRAC managing clusters of servers or managing kickstart profiles.

Reply

[-]

Interesting_Word99@reddit

I'm a Cloud Engineer and even I prefer on-prem.

Reply

[-]

Degenerate_Game@reddit

Cloud every day. Azure AD/Intune are fine. Something breaks? Easy Microsoft blame.

Reply

[-]

malikto44@reddit

I know this is the easiest, as I have had great luck with Entra, InTune, AutoPilot, etc. However, I do worry. If someone does take out Microsoft's auth core, so many businesses have the keys to the kingdom in Microsoft's hands, that the hack from an compromised Entra would be enormous, perhaps affecting almost all F500 corporations. If the attack was really savage, resulting in all Entra data gone, all Purview data access keys nuked, etc... it would be as costly to repair as a tac nuke hitting a data center. My dream is a private directory server like FreeIPA, and then a service like Okta using that as a the source of truth. Best of both worlds.

Reply

[-]

Degenerate_Game@reddit

It's a valid fear. I'd like to think they have a bit more segmentation than that and probably have more specialized things for F500s, but who knows. I'm sure it's outlined somewhere.

Reply

[-]

Geminii27@reddit

Pros and cons. With on-prem, you have access to the hardware directly, you're not paying for enormous amounts of daily data transmission, and you're not locked out of your server if your internet or cloud service goes down. With the pros of cloud, though, I personally like the approach of cross-boundary failover - let stuff that's better on cloud (like distributed user access) happen there, stuff that's better with on-prem (like server admin/config) happen there, and each one backing the other up in case of site/service failure. More expensive, and there's more to keep an eye on, but also more robust.

Reply

[-]

alee788@reddit

Everyone likes to forget about the cost of ISPs, power, cooling, network gear, racks, rent and then the actual servers. Oh and then you need to have someone LOCAL to that hardware on call 24/7. And then a bigger company on multiple continents.. the first team can’t really run the second location… linear scaling costs of management of IT?...gross. in the cloud… all of that is abstracted away and we PAYGO. And our small team of a few humans can scale management of many regions incredibly fast without scaling people. And they don’t have to be LOCAL to be on call. Just get on VPN and login to the portal. And the hiring pool is way bigger for the specialized skill set I need We can onboard a subsidiary in days… you wouldn’t have even received the hardware you ordered yet

Reply

[-]

KavyaJune@reddit

Earlier I used to check the server when something broke. Now I check the Service Health page and wait for it to get fixed.

Reply

[-]

deja_geek@reddit

Still fighting the good fight and keeping things on-prem. Company I’m at usually likes on-prem to be considered as the first option.

Reply

[-]

Aggravating_Pen_3499@reddit

We relocated our document management system from cloud back to on-prem, saving us approx. 20k per month. Needless to say we are Hybrid for now and the foreseeable future.

Reply

[-]

phillymjs@reddit

One aspect of on-prem that absolutely do miss is being able to learn something easily by spinning up a pirated copy of it on a spare machine or in a VM and just tinkering with it. With all this cloud crap you have to sign up for a limited demo or potentially whip out a credit card, if it's even possible to get access to some of these things as an individual.

Reply

[-]

DisastrousAd2335@reddit

I will never understand how companies would rather pay $120k/month for cloud servers vs. $300k (for hardware including 5years of licensing) for on-prem??? Even if you add elecrical, A/C, and cost of backup to local nas and streaming it to an immutable bucket or blob for X-(retention period), its still SOOOO MUCH cheaper than cloud. That must be 'Corporate Math 101'...or is it 'Corporate Myth'??

Reply

[-]

Daphoid@reddit

You're forgetting the cost of staff and expertise to maintain that on prem stuff. And as time marches on, a lot of the young people I interview (30 and under) have never touched on prem and no experience with it. THey don't know how to handle alerting / monitoring / caring for all aspects of that hardware system. And with us being 90% fully wfh globally? Now you've got to handle all that bandwidth from anywhere in the world. Handle imaging machines in the field, handle updates / scans / all that stuff. On prem is fine for some things, but to ignore the benefits of cloud (because there are indeed benefits) is foolish.

Reply

[-]

DominusDraco@reddit

The trick is to have too many legacy systems to go all cloud. That way you have to maintain both forever!

Reply

[-]

seanhead@reddit

All depends on what you're deploying. These days 99.9% of my stuff is on k8s cloud or on prem so it only effects me if I have a specific hardware need ( most recently 400-800gb Ethernet+gpus. That shit gets expensive if you rent it)

Reply

[-]

shaun2312@reddit

I always prioritise on prem, I've lost a few job offers because I've told them I would bring alot of their cloud based stuff back on prem

Reply

[-]

artekau@reddit

And many companies are moving back to onprem

Reply

[-]

dodexahedron@reddit

As Hock Tan said when Broadcom bought VMware, "the future is private clouds." Just not if you're a small account. Then fuck you, apparently. He is horrible for customers, but he is damn good for his actual stakeholders: shareholders. AVGO basically prints money. The market for any new buzzword always goes way overboard with it, for a few years at least. And then either when the next new shiny comes along or as promises that werent delivered on actuqlly wink into the brains of the PHB types, the market swings back and settles somewhere more reasonable in the middle.

Reply

[-]

moffetts9001@reddit

I've seen on-prem, cloud, and hybrid models work and not work depending on what the workload is. There is no singular solution to all problems.

Reply

[-]

Balasarius@reddit

Cloud is a scam -- somewhat. Their entire business model relies on engineers over deploying resources then forgetting about it or leaving the company, resulting in the company paying for wasted resources for years. The first clue that the cloud is not on your side is that AWS knows damn well who provisioned a resource -- but they don't tell you. (Cloudtrail is a pita and only goes back 90 days.)

Reply

[-]

AndyPandyFoFandy@reddit

Is it okay for a grown man to host his files in the cloud

Reply

[-]

ryanknapper@reddit

In many ways, if I’m responsible for it, I want to put my hands on it.

Reply

[-]

post4u@reddit

Funny. After almost 30 years doing this, I'm the opposite. If given the choice I'd never do anything on-prem ever again. Let the teams of engineers on other side deal with the plumbing and security. Give me multiple redundant Internet connections. Then for each cloud hosted service, give me enforceable SLAs. All that said, it really depends on the industry. I'm an IT manager for a large school district. If something here doesn't work, nobody dies or goes out of business. If I managed IT for a bank or hospital or other mission critical service, my opinion would likely be different. There are certainly sectors where on-prem is the better option.

Reply

[-]

BlotchyBaboon@reddit

I'm done with servers. I'm over it. I don't want to walk into a room and see an orange light on a drive bay. I don't want my idiot application vendor to tell me the reason their junk isn't working is because I need to run Windows Update first and talk to Microsoft because it certainly couldn't be their shiny perfect software that broke. I dont want to explain to Bob for the millionth time why he needs to run a VPN client first before he can get to his files at home. I don't want a drunk idiot smashing into a power transformer at 1am and knocking down power to my server room for a day. I don't want to explain to Karen why VMWare licensing is 10 times more than what was budgeted last year. And I certainly want nothing to do with an Exchange Data Store.

Reply

[-]

jks513@reddit

All the systems I support are air gapped and it’s annoying as heck that all the tools and even the OS just assume you have high speed 24/7 internet access.

Reply

[-]

cjcox4@reddit

Company: Seems like every year we spend $100K on our infrastructure, and every 7 years, it goes up to $900K for that year. We can't afford it. We're moving to the cloud and many partnered SaaS. Cloud and SaaS Bill for the month: $35K Cloud and SaaS Bill (after increases), for one month: $45K Company: See. Sure, morale sucks, but it's because you hate the cloud and it's been so good to us. Sure, maybe it's off by a 9 or two availability wise, but isn't it better? Company Fin. Dept: Have you ever done Cap Ex? It's too confusing. Now that everything is Op Ex... life is truly better. Oh, and a headcount reduction is coming, just fyi. Wait a minute, nevermind, some of our key experts are leaving the company. You're safe.

Reply

[-]

neighborofbrak@reddit

#TeamOnPrem

Reply

[-]

MReprogle@reddit

I feel like I am the outcast in this thread, but it might be due to hating hybrid and working mostly in Azure on cloud security. I far prefer locking down resources to only work with other resources via conditional access and using managed identities whenever I can. The bane of my job is having to deal with having to go from locking down things properly in Azure, only to see the AD permission sprawl and battle securing on prem users vs remote users. It isn’t “the best of both worlds”, but instead double the work to secure both. If I had my way, I’d bump identities and devices to Entra joined, move printers to the cloud and then just have Kerberos cloud trust so that users can still access on prem. Then, I would say it’s the best of both worlds.

Reply

[-]

englandgreen@reddit

Small team, 2 dozen sites, wide geographic spread? Cloud and SaaS all day long.

Reply

[-]

_araqiel@reddit

Nope. Fuck renting everything.

Reply

[-]

iama_bad_person@reddit

Nope. 2000 users, 100 sites nationwide. Intune/Entra is a GODSEND compared with what we had to do in the past.

Reply

[-]

commissar0617@reddit

depends... cloud email vs on prem? cloud 110% other applications... SAAS is nice, less to deal with, until it breaks. lift and shift? nahhh

Reply

[-]

ImNotABotScoutsHonor@reddit

On prem for life. The cloud sucks.

Reply

[-]

pc_load_letter_in_SD@reddit

Agreed OP

Reply

[-]

e_karma@reddit

For years I have been advocating on prem..I work in the middle east and AWS got hit ..now many businesses are finding out :)

Reply

[-]

Dave_A480@reddit

I wouldn't say prefer, more that I can work with VMware or KVM/Proxmox/etc about as well as I can do AWS.... At the end of the day there isn't that much difference in IaC terms - which is kind of the point.... Now if we are getting into SaaS vs self-host, then I definitely have a bias towards self host (I'd rather run my own RabbitMQ on EC2 than use AmazonMQ, and I'd rather do my own log/monitoring than Datadog).... But that's stuff like monitoring, auth, and so on - I don't really deal with email or MDM....

Reply

[-]

sys_dam@reddit

Do I prefer on prem in literally all cases except MFA services, yes. Is the future and money clearly heading towards cloud, yes. Both can be true.

Reply

[-]

wingyuying@reddit

you're not alone. cloud makes sense if you actually need to scale fast or run stuff globally but a lot of companies ended up there because it was just the default, not because they needed it. honestly most companies could run their stuff on one or a few dedicated servers. instead they're paying for hundreds of instance types, pricing pages that need their own documentation, savings plans you need a spreadsheet to figure out. and that complexity isn't accidental, every dollar you save is a dollar off the provider's revenue. and then there's lock in. it's the reason they give companies and governments boatloads of free credits to come on their platform. once you're deep in proprietary services its really hard to leave. on prem with foss and open standards you own your stack, you can swap things out, you're not dependent on one vendor's pricing decisions. cloud has its place but way too many companies are on it without ever really questioning if they need to be.

Reply

[-]

wosmo@reddit

I've always maintained that my core skill is scaring machines into behaving. Behave or we'll set $(wosmo) on you. I feel like the cloud allows 'instances' to laugh at that, in a way that being on a switched PDU didn't. I'm like an old-fashioned school teacher. If you want me to control your children, I need to be able to slap them up a bit.

Reply

[-]

mickymac1@reddit

I think it depends a lot on your industry. Our work is a mix of probably 70% on prem, with the rest remaining being SaaS subscriptions/Office 365. As we modernise our software we are starting to migrate more and more workloads to App Services or containerised platforms in Azure which is reducing our on prem dependency. Although I suspect we're probably still going to need our on prem infrastructure for at least another 2-3 years. My personal view is that I like having the equipment on prem as you don't need to deal with SaaS/IaaS suppliers with faults and aren't as reliant on internet connectivity, etc, however it is risky for the business having the equipment centralised in one location at a business premises hence our longer term goal is to move the data away from on prem. It's definitely not cheaper, but I'm sleeping better at night knowing I can blame Microsoft for downtime now :)

Reply

[-]

RandolphCarter2112@reddit

Not alone.

Reply

[-]

DDHoward@reddit

We use SaaS for only a small selection of our most mission-critical services. Previous iterations of my IT department allowed other departments to allow third-party developers to put a handful of custom-made services on IaaS platforms, at exorbitant cost. We've clawed the last of those back to on-prem earlier this month.

Reply

[-]

Orionsbelt@reddit

Depends, exchange cloud. On prem critical applications that have high bandwidth demands, file servers for cad/Ai/video/content ect. It's a mix. That said the economics of the current AI chip shortage and pricing on servers suggest Cloud might actually be more affordable in the short term which I hate to see I'd much rather on prem be more affordable

Reply

[-]

pdp10@reddit

[There's a conference May 5-6 in Paris.](https://www.reddit.com/r/sysadmin/comments/1rjosp0/the_next_premday_conference_is_may_56_2026_in/)

Reply

[-]

WinterIsComing___@reddit

Y el precio de la seguridad es impagable.

Reply

[-]

c0mpletelyobvious@reddit

I still run as much as I can on premise. AD, Exchange, even my MFA platform is all on premise.

Reply

[-]

NoSellDataPlz@reddit

I prefer a hybrid. There are some things that I prefer in the cloud (password manager, Exchange, M365 secure access, Entra, and Intune). And then there are things I prefer on-prem (file shares, DBs, LOB apps, VPN infrastructure, HVAC and lighting controllers, access control and security cameras, and backup service).

Reply

[-]

wtf_com@reddit

On-prem all the way.

Reply

[-]

7eregrine@reddit

I don't miss it. I sleep better at night.

Reply

[-]

webguynd@reddit

On-prem? Hell yeah. AD & GPO? No thanks, don’t wanna do that again. Give me metal & VMs any day but please no more windows server lol. Modern MDM for end user devices has been one of the best things ever. Haven’t had to physically touch a laptop for new hires in years, just order and ship direct to user.

Reply

[-]

totmacher12000@reddit

Nope. Still here lurking in the shadows of our racks.

Reply

[-]

Moyer_guy@reddit

You're not alone. I still struggle to see why you would want to go fully cloud based. We're somewhat hybrid and everything in tune/entra based is always so slow and inconsistent. I've also yet to see anything that provides all the functionality and speed of sccm, AD, and physically closer servers. So many people say it's just old school or an outdated way of thinking but I just disagree. Cloud tools certainly have their place especially in smaller businesses where you have less IT, less users, and smaller budgets but in my opinion they still don't scale quite as well.

Reply

[-]

ManyInterests@reddit

No, you're just old[-school].

Reply

[-]

KStieers@reddit

Get off my lawn

Reply

[-]

evendedwifestillnags@reddit

I'm not on your lawn I'm on the road verge the city government lawn on the other side of the sidewalk. Na na na na naaaaa nah

Reply

[-]

Aust1mh@reddit

As the bills climb ever higher, I believe org will look to return to On-Prem so don’t give up on that skill set. I’m also seeing a push to Linux and Libra Office options as MS screws over everyone.

Reply

[-]

MBILC@reddit

Wait till you work for a mostly / fully remote company...

Reply

[-]

thatfrostyguy@reddit

Nope. At this point on prem has a higher uptime and you are in control of your data. Another upside is your staff needs to know their shit. I've seen a really disturbing trend of IT staff with little to no actual understanding of how shit works. The amount of interviews that I have with IT folks that were cloud only were bottom of the barrel at best.

Reply

[-]

Slasher1738@reddit

Not at all. I think the cloud has a use, but for most businesses, on prem is ideal

Reply

[-]

ohfucknotthisagain@reddit

It's a different set of tools, and it's not particularly hard to adjust. So whatever, doesn't matter to me. Employer went all-in, saw the final price tag, and reversed course. Efficient on-prem infrastructure is cheaper than the cloud for most workloads that don't require massive, temporary, and on-demand scaling. Unless cloud vendors can contain their greed, there will always be on-prem work. Maybe less so in small businesses, where it's hard to justify full-time bodies to maintain everything.

Reply

[-]

madgoat@reddit

I prefer my own cloud instead of some other company’s computers.

Reply

[-]

KStieers@reddit

Nope. Had better uptime with on prem stuff. But the business doesn't care... they want wizbang features, so they get the downtime and higher costs with it.

Reply

[-]

Awkward-Candle-4977@reddit

You aren't https://world.hey.com/dhh/we-have-left-the-cloud-251760fb I'll put drc on cloud though due to low compute loaf in normal time and also acts as remote backup

Reply

[-]

disclosure5@reddit

Furthering the point I just made above.. DHH is running a large amount of Linux servers serving their own app. This is a wildly different scenario to the Active Directory environment serving in house staff OP is talking about.

Reply

[-]

clumsy84@reddit

Why?

Reply