Results 1 to 7 of 7
  1. #1
    Master Untangler
    Join Date
    Oct 2013
    Posts
    113

    Default Most system administrators prefer firewall GUIs over CLIs

    Well, duh...

    But seriously, I only prefer CLI on routers and switches (Hint: Cisco gear). But for FW and UTMs, GUI wins simply for its ability to show rich visualization and reporting on what's happening.

    https://www.zdnet.com/article/most-s...uis-over-clis/

  2. #2
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,716

    Default

    CLI wins when you need to manage a fleet. No one wants to repeat steps in a GUI on 40 (or more) different devices, and CLI opens the door to scripting the changes.

    GUI wins for a single device. Most organizations have one main firewall.
    f1assistance likes this.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 14.2.2 to protect 500Mbits for ~450 residential college students and associated staff and faculty

  3. #3
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,129

    Default

    Quote Originally Posted by jcoehoorn View Post
    CLI wins when you need to manage a fleet. No one wants to repeat steps in a GUI on 40 (or more) different devices, and CLI opens the door to scripting the changes.
    Not necessarily. The trend is to push policies and rules to multiple sites from one location. The reason we built Command Center. You see this in other GUI management devices also like VMware vCenter. I rarely log into a specific box directly anymore.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,716

    Default

    Quote Originally Posted by jcoffin View Post
    The trend is to push policies and rules to multiple sites from one location.
    Command center is great! It's definitely a step forward.

    But CLI scripting still wins in a fleet situation because it allows you to deviate away from one-size-fits-all policies to use conditional checks to apply different rules in different places based on situations. CLI scripts are Turing-complete in a way GUI environments will always struggle to match.

    But again... this isn't Untangle's usual market. Organizations with dozens of switches will still only have one gateway firewall. There might be two for redundancy or even few more at the odd branch office, but it's still a relatively small number compared to things like switches or APs.

    To me, though, the really interesting future is software-defined networking, which promises the best of both worlds. Switches have APIs you can use to make changes from a script, just as you could in the CLI era, but the front end of that "script" might be a web dashboard built from scratch or adapted from templates by corporate IT doing exactly the things your organization needs it to do.
    Last edited by jcoehoorn; 10-30-2019 at 09:11 AM.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 14.2.2 to protect 500Mbits for ~450 residential college students and associated staff and faculty

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,680

    Default

    Organizations with dozens of switches are switching to Meraki at record paces...

    With routers so primitive they can only have 1 WAN IP address. I'm not so sure the "future" is complexity. I think the future is outsourced "security" where you pay for someone else to have the liability and stop caring.

    Consider this: https://www.forbes.com/sites/kateofl.../#1335affe3d38

    80% of the American public exposed to ID theft for the rest of their lives, because a senior level exec decides "admin" was an appropriate password to a God level database login. That is our market... THAT is "large business". A place where sys admins can't even uniformly enforce decent password policies.

    And most SMB owners I work with think they're magically immune until they get hit... So it's not like the thinking is any different.

    And we the people won't even put them in jail for this, just "fine" them some paltry amount and move on.
    Last edited by sky-knight; 10-30-2019 at 11:01 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Untangle Ninja YeOldeStonecat's Avatar
    Join Date
    Aug 2007
    Posts
    1,531

    Default

    GUI has been catching up fast. One of the reasons I love Ubiquitis Unifi products....centralized multi-tenant dashboard, and in each tenant, a wonderful Unifi controller system that touches all the devices properly...from the gateway, to the switches, to the APs....with a few clicks of the mouse and strokes of the keys. Wanna roll out another VLAN? Whip it up, create a profile, push the profile, boom, done before you inhale and exhale 6 times...all devices properly provision.
    Resident "Geek on a Harley" in Southeast Connecticut, USA.

  7. #7
    Master Untangler CMcNaughton's Avatar
    Join Date
    Feb 2015
    Location
    Denver, CO
    Posts
    107

    Default

    Call me spoiled after ~5yrs at Untangle, but yeah... #TeamGUI 100%
    Jim.Alles likes this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2