Dual CPU lets you have more cores of a particular family of processors. If you run a large amount of busy VMs concurrently then it might be handy.

However, this does not come for free. Compared to a single CPU with an equivalent number of threads, dual CPU has more complex memory access, and you don’t want VMs and their memory to bounce between CPUs.

If you need it you’ll know it. If you don’t know if you need it then I would not recommend it.

Unless you run samba on them you won’t see the Linux machines on Windows as a network computer.

Here you go https://www.dell.com/support/manuals/en-ca/poweredge-r730/r730_ompublication/supported-configurations-for-the-poweredge-r730-system

That thing is going to be chugging power. Also note that it uses SAS drives, so you can’t just use consumer SATA drives in it. ALSO 410s are from the 2009-2011 era. Do you really want to depend on a 10+ year old PSU? What’s the cost going to be for you to find replacement parts?

Depending on the capabilities of your network you should be able to set up QoS classes to prioritize certain traffic. Many off the shelf systems have out of the box rules for streaming content.

Depends on the ratio. Producing and shipping new hardware has its cost too.

An open port is like a door on a building. It allows people from outside (the Internet) to go to the attached room on the inside (the service you’re exposing).

Now is that’s the only room in the building (the computer is not used for anything else), and the building is alone in the middle of an island with no land access (the computer is separated from the network, like in a DMZ) then the second worst thing an attacker can do is squat in in and rifle through your papers (the configuration files). The worst thing they can do however is start using your address and the utilities you paid for to start some unsavoury business (make it part of a botnet).

But if the server is not segregated from the rest of your network, they’ll start running into other rooms/buildings, getting their hands at anything they can. Your accounts, your identity, etc. You’ll be living in a really bad neighborhood, being shaken down for everything you have at every corner.

Now for the type of door you’re putting on a building: if you just port forward it’ll be like a screen door. It keeps the bugs out, but any person can open it with ease or crash through it, and they can see what’s inside by just standing in front of it (server fingerprinting). If the services you run have a vulnerability it will be exploited. If you don’t have a firewall or intrusion detection it’ll be like putting a combination lock on the door and never checking if someone is trying all the numbers. The attackers WILL just keep trying until they succeed, and they’re really fast at it.

So it’s not like you should never put a door on a building, but the door should be reasonably secure, with the appropriate strength, deadbolt, and depending on what you run a receptionist (reverse proxy) and security guard.

Looking at the 2023 Q2 BackBlaze report, it seems you should absolutely avoid 10TB drives.

Wasabi. Backups is literally their use case

Wasabi position themselves as a backup service. Their contract stipulates that downloads should not exceed uploads.

Can you have the cert be generated on a server and then sync it to your hardware with scripts or ansible?