The first thing you should know when jumping into the realm of Cisco products is about CLI. About 10 years ago when I jumped back into the computer world after being out of it for nearly a decade I saw a sysadmin using the black box in Windows to do basic things and I laughed. Shortly after that I saw another using the terminal window in Linux and I laughed. Then I saw someone using a terminal window in MAC OS and I was scratching my head. Over time I came to notice this happening on servers, standard desktops, network infrastructure, web and cloud management platforms, all over the place really. I was under the impression back around 2000 that these black windows that brought you to a command prompt were old school and hearkened back to my MS-Dos days. As I brought myself up to speed with operating systems and interconnected devices I found that the command line interface (CLI) was not a pretty way of doing things, but a powerful way of doing things quickly. In additional to being more powerful than the graphic user interface (GUI) it is also faster.
Most people these days want to see a pretty GUI and click around for a while until they get to what they need. The fact is when you do things that way you sometimes do not get all of the options meaning that some things can only be done in CLI. Here's a case in point: For you Windows 7 Home edition users, have you ever tried to go into your user accounts and enable the system administrator? The administrator is a built in account and comes in handy during virus infestations because it usually remains a clean account from which someone can clean. I spent about 15 minutes once trying to figure out how to enable that account before I hit CTRL + R, typed in cmd, and at the command prompt typed in "net user administrator [make up password here] /active:yes" it was enabled in less than 45 seconds. In some cases there might be permissions issues when doing this, but overall many things can be done very quickly when you know what you are doing.
Cisco enterprise products run the same way. In many of the new products there are GUIs that you can enable if you want to, but doing so can open the switch, router, or device up to other security problems. When you enable a GUI in a router you are activating http on port 80. What's wrong with doing this? Nothing if you know how to secure your device, but even though the CPU and memory can probably handle this if you are looking to keep your resource overhead down you probably would not want to activate services that are unnecessary. You can often tell the difference in the field between the experienced and the inexperienced techs in many cases by their desire to use either the CLI or GUI.
Many people are daunted by Cisco's CLI, but really it's not that bad. In future articles I will go into how it works, some of its quirks, and how to start programming your network. Though it is not thought of by end users, network design/function is just as important as the applications or resources that it brings to you.
No comments:
Post a Comment