Technical Articles on Alfred van Ster

The Global Troubleshooting Framework: Identity vs. Platform

Mon, 20 Apr 2026 00:00:00 +0000

A strategic diagnostic approach to cut through the noise of L2 escalations by distinguishing between User Identity and System Platform domains.

The MSP Triage Map: Which Logs to Check (And When)

Thu, 15 Jan 2026 12:00:00 +0200

A master reference guide for identifying the correct logs to resolve common MSP service desk escalations.

NAT Demystified: The Engine of Modern MSP Networking

Thu, 15 Jan 2026 11:00:00 +0200

A comprehensive guide to NAT types, use cases, and common MSP troubleshooting scenarios like Double NAT and Hairpinning.

The VPN 'Ping Paradox': Solving IP Subnet Collisions

Thu, 15 Jan 2026 10:00:00 +0200

Why can you ping a server but not access its data? A deep dive into IP subnet collisions in remote work environments.

The Human Factor: Why Great Backups Fail During Disasters

Sat, 10 Jan 2026 10:00:00 +0000

You can have the most expensive, lightning-fast immutable backup array in the world, but if your lead engineer is panicking and your documentation is trapped inside the server that just went down, your architecture has failed.

In my experience as an L2 Escalation specialist, I’ve seen that the “Human Element” is the most unpredictable variable in any Disaster Recovery (DR) plan.

1. The Paradox of Digital Documentation

Many teams store their “How-to-Recover” guides on the very infrastructure they are trying to recover. If the SAN is dead, your recovery PDF is dead too. The Fix: I advocate for “Out-of-Band” documentation—secure, offline, or cloud-native copies (like an encrypted Git repository or a physical “Break-Glass” binder) that are accessible even when the primary network is dark.

Resilient Data: Architecting a 3-2-1-1 Backup Strategy for MSPs

Mon, 05 Jan 2026 10:00:00 +0000

In modern infrastructure, “Backup” is not a task—it is a foundational pillar of security. For an MSP managing hundreds of endpoints, a simple file-copy isn’t enough. Here is how I architect systems to survive ransomware and site-wide disasters.

1. The 3-2-1-1 Framework

I advocate for an evolved version of the classic 3-2-1 rule, specifically designed for remote-first workforces:

3 Copies of Data: Primary, local secondary, and offsite tertiary.
2 Different Media: Utilizing localized NAS storage for fast LAN recovery and cloud-native repositories.
1 Offsite Location: Ensuring data is physically separated from the primary site.
1 Immutable Copy: Utilizing S3 Object Lock or Air-gapping to ensure backups cannot be deleted by compromised credentials.

2. The Infrastructure Stack

My preferred approach utilizes a unified management plane to reduce “Shadow Data”:

Securing the Perimeter: Why I chose a VPS over Shared Hosting

Wed, 01 Jan 2025 17:00:00 +0000

Most portfolios live on shared hosting—cheap, easy, but restricted. For my infrastructure, I chose a Virtual Private Server (VPS). Here’s why a Systems Engineer treats their “home on the web” like a production environment.

1. The Isolation Advantage

On shared hosting, you are at the mercy of your “neighbors.” If another site on the same IP gets hit with a DDoS or runs a malicious script, your site slows down or goes dark. On my VPS, my vCPU and RAM are mine alone.