Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ask Slashdot: Best Management Interface On an IT Appliance?

timothy posted about 6 months ago | from the one-you-never-need dept.

GUI 114

tippen writes "The management user interface on most networking and storage appliances are, shall we say, not up to the snuff compared to modern websites or consumer products. What are the best examples of good UX design on an IT appliance that you've managed? What was it that made you love it? What should companies (or designers) developing new products look to as best-in-class that they should be striving for?"

cancel ×

114 comments

Sorry! There are no comments related to the filter you selected.

Not enough Flash (3, Funny)

Anonymous Coward | about 6 months ago | (#46490939)

Not enough Javascript. Not enough external dependencies. Yeah, this totally needs to be more like modern websites.

Re:Not enough Flash (1)

Anonymous Coward | about 6 months ago | (#46491039)

It's a great point actually. The old Nokia IPSO routers used to have a web interface that was so simple it worked fine using elinks (and if you don't think that's useful; think you could SSH into the box, so if someone screwed the routing you could get in and use the GUI locally!).

There was this magic time in the middle when the interface worked both with links and had a bunch of "easy2uze" javascript.

Then later some marketing manager decided that they needed whizz-bang shit and messed the whole thing up by making it "more advanced". Worse still; they put in a CLI but didn't make it work.

Priority 1: works all the time. Works on any browser.

Re:Not enough Flash (2)

mwvdlee (775178) | about 6 months ago | (#46491145)

The two don't need to exclude each other.

Create a user interface that can do everything without javascript and without any flashy graphics, then add some CSS stylesheet to make it look nicer and flashier and add javascript to add more convenient ways of doing what you could already do without.

For example, take a classic list ordering GUI with up/down buttons. Works fine without javascript. Add javascript to make it also do drag&drop. It works better with javascript, but still works just fine without.

Web interfaces can gracefully degrade down to a very low level.

Re:Not enough Flash (1)

Anonymous Coward | about 6 months ago | (#46491169)

Web interfaces can gracefully degrade down to a very low level.

They usually don't, though. I'm waiting for the first router GUI which loads jQuery from the Google servers...

Re: Not enough Flash (0)

Anonymous Coward | about 6 months ago | (#46491547)

I just threw up
No router should ever load scripts from an external website. Are you nuts or ignor... Oh nd dr mind.

Wtf is wrong with slashdot? The ui is completely fucked

Re:Not enough Flash (3, Insightful)

Chris Newton (1711450) | about 6 months ago | (#46491571)

For example, take a classic list ordering GUI with up/down buttons. Works fine without javascript. Add javascript to make it also do drag&drop. It works better with javascript, but still works just fine without.

Web interfaces can gracefully degrade down to a very low level.

Yes they can, but not for free.

This sort of idea makes us geeks feel warm and fuzzy inside, but the reality is that you're talking about implementing two completely different versions of that UI feature. Doing so takes time and money, and you’d be spending that time and money purely to support a use case that probably represents a negligible number of users (people who want to run these UIs but have JS disabled).

Of course portability and compatibility are important for user interfaces, but this is a cost/benefit question. There is a line beyond which the results do not justify the effort, and any resources you’re spending past that line aren’t being spent on implementing other features or improving the usability elsewhere in your UI.

Re:Not enough Flash (1)

Antique Geekmeister (740220) | about 6 months ago | (#46492553)

I'm afraid that this usually means two entirely different interfaces, with overlapping features and writing to the same configurations. That is more than twice the development cost, since they involve distinct styles and expertise to develop or manage and the _negotiation_ between the two styles is an added cost. And it makes debugging more than twice as expensive, since tests have to involve both sets of interfaces and switching between them.

This is prohibitively expensive: the result is usually that the "plain" interface lacks critical features that are only available in the more sophisticated tool.

Re:Not enough Flash (1)

AlphaWolf_HK (692722) | about 6 months ago | (#46494933)

Actually I really like the way the freeware router firmware Tomato is designed. It uses AJAX, which is primarily javascript driven, but it works quite well. The UI alone makes Tomato a great firmware, but it's also more powerful feature wise than the competition (e.g. DD-WRT.)

And the answer is... (1)

namgge (777284) | about 6 months ago | (#46490959)

a command line.

Re:And the answer is... (1)

msauve (701917) | about 6 months ago | (#46490971)

That's like saying "a GUI." The OP was asking for a specific interface. My vote's with Junos, and its support for piping, commit confirmed, hierarchical structure, etc.

Re:And the answer is... (1)

Hognoxious (631665) | about 6 months ago | (#46491179)

That's like saying "a GUI."

No it's not. His post was funny.

Re:And the answer is... (4, Insightful)

Anonymous Coward | about 6 months ago | (#46490995)

I would agree. The best appliances have good CLIs and REST interfaces. Otherwise they are just a mess of crap. Have you ever seen a SAN interface? Or Vmware? Or Microsoft System Center? (if anyone can figure out what the hell is going on in that interface I would love to know.)

The best of the crappy interfaces is probably something like Qnap, they have great IOS interfaces, and the regular web interface is decent.

Re:And the answer is... (3, Interesting)

mysidia (191772) | about 6 months ago | (#46491059)

I would agree. The best appliances have good CLIs and REST interfaces. Otherwise they are just a mess of crap. Have you ever seen a SAN interface? Or Vmware?

Yes.... NetApp DataOnTap's SSH shell + OnCommand and VMware ESXi SSH console and .NET vCenter client are some examples of Companies designing management interfaces properly.

If you think THOSE or bad............. then I got a ton of devices with crappy CLIs and GUIs to show you.

*Now VMware is moving in the crappiness direction with their whole deprecation of the .Net client, and shiny new crappy Web1.5 Flash-enabled webUI developed using Adobe flex, but newer vSphere not in production, so don't count the horrible unusable web "UI" against them just yet.

Re:And the answer is... (1)

DeSigna (522207) | about 6 months ago | (#46491491)

I'd have to agree. VMware VI Client (the .NET one) is very well designed and thought out, but I'd add the HP 3PAR Management Console into the list of well-done management tools.

It's been a while since I used NetApp though. NetApp and 3PAR's management toolkits crap all over HP MSA/EVA or the various IBM SAN consoles for usability.

Re:And the answer is... (1)

Antique Geekmeister (740220) | about 6 months ago | (#46492597)

As an older programmer, I'm fond of some very good quality, older tools such as "webmin". Not all the modules added to it are excellent, but its very clean and very flexible for many core system utilities such as BIND based DNS. It's also much more robust than any configuration tool that relies on a separate, manually configured back end database.

Re:And the answer is... (2)

mysidia (191772) | about 6 months ago | (#46495227)

It's been a while since I used NetApp though. NetApp and 3PAR's management toolkits crap all over HP MSA/EVA or the various IBM SAN consoles for usability.

Yeah... welll.... I believe even Cisco's CLI, Dell Equallogic's management console, and even Nexenta craps on what HP provides with MSA/EVA.

I also hate the UIs of small business storage vendors, and I am thinking of a storage vendor targeting mid-sized companies in particular, where the management UI has pretty limited functionality, you don't get CLI access ("It's for your own protection, honest! [Or to secure our intellectual property!]"), AND you are limited to same basic Share/Volume setup/removal and told to "Call support" to request that they SSH in using remote support tunnel to perform any more advanced operations or configuration changes, such as setting up or turning off the replication between multiple systems, OR recover/remount the cluster filesystems after a backend Ethernet failure, or change your frontend IP addresses.

Of course, this Support requires continuous subscription payments, just to be able to make changes to your own configuration, and somewhat exorbitant costs just for software updates as well ------ this turns out to be important, because if something breaks during a software update, no mechanism is available to revert, and you have to call support.

In general: I hate the mentality of a number of vendors that they can push out a product that is not easy to administer, at low prices that will encourage management to buy: use a generic Linux system, but keep Shell/Root access to themselves (no CLI for the end user, just a menu), and require/insist engineers wait on their product support teams as a crutch for the product.

The same applies just as well to products that aren't well documented, or that require voluminous documentation to understand their UI sufficiently to perform basic operations.

Re:And the answer is... (0)

Anonymous Coward | about 6 months ago | (#46495425)

(the .NET one)

As nicely as it is designed, there in lies the problem.

junos cli (2)

BestNicksRTaken (582194) | about 6 months ago | (#46490977)

better than ios, easily parsed by scripts, regex support etc.

Netscreen OS (1)

David_Hart (1184661) | about 6 months ago | (#46492301)

I agree with you about Junos. It is a very good CLI. However, for GUI interfaces, not much can beat ScreenOS....

Focus upon usability, not looks ... (3, Insightful)

MacTO (1161105) | about 6 months ago | (#46490991)

For usability, you need to look at your target market. This means that you should be asking the people who will buy your product, rather than the people on Slashdot. (If we are your target market, at least let us know what you are developing so that we can provide meaningful input.)

Re:Focus upon usability, not looks ... (1)

Hognoxious (631665) | about 6 months ago | (#46491185)

This means that you should be asking the people who will buy your product

They're the last people you should ask. http://simpsons.wikia.com/wiki... [wikia.com]

Re:Focus upon usability, not looks ... (0)

Anonymous Coward | about 6 months ago | (#46491949)

You don't ask them. You let them use different copies of your UI and watch how they use it.

Are there good any ones? (0)

Anonymous Coward | about 6 months ago | (#46491017)

I work as storage consultant in system integrator, and I can't recall good UI design it either complicated or have heavy graphics that making it slow. However, you touch appliance once in 6 month or less, so it doesn't need to be pretty or fast, just get the work done. Modern interfaces are all generally ok, can't say that one is significantly better than another. I personally, like NetApp for good old Unix CLI.

Take a look at Synology's DSM (2)

Anonymous Coward | about 6 months ago | (#46491021)

The best full featured modern UI on an appliance I have ever seen. I like it because it is easy to use. http://www.synology.com/en-global/dsm/index/overview

Re:Take a look at Synology's DSM (3, Informative)

PsyMan (2702529) | about 6 months ago | (#46491101)

I would have to agree with you, Synology for their NAS range is very intuitive for non techy people, shame the hardware underneath is a bit underpowered for what it could be. For SOHO though you could pretty much run one as the main server. Great GUI for a linux backend. XPEnology is pretty good too though, best of both worlds when installed on to a mid end PC (thinking i5 / low end Xeon ?) not entirely legal though I suspect. I guess the usibility is why their NAS's hold their price second hand as it can't be the power of the hardware or reletively slow network transfer rates that keep them popular. Hmm, where have we seen that before ? Apple ?

Re:Take a look at Synology's DSM (1)

PsyMan (2702529) | about 6 months ago | (#46491119)

Must get a spellchecker :P

Re:Take a look at Synology's DSM (0)

Anonymous Coward | about 6 months ago | (#46491195)

The problem is the management who buys the product is not the tech who use the product. I have seen too many admin GUIs that have more mouse-clicks than a FSP. If you need to deploy multiple devices, you need to be able to import a config file which is cloned and edited by hand (or script) *outside* of the device.

A CLI is also a good thing if you can pipe in from STDIN.

Web based GUIs are basically for semi-technical folk.

Hurmph..

Re:Take a look at Synology's DSM (0)

Anonymous Coward | about 6 months ago | (#46492919)

Well to be honest, DSM is built on Linux - which can be "rooted" for more control. telnet, ssh, etc more than possible.

As a "techy" person, I enjoy the DSM interface. Sure there are shortcomings, but for the most part it's more than functional.

Re:Take a look at Synology's DSM (2)

otis wildflower (4889) | about 5 months ago | (#46496189)

Synology is busybox-based, with md/lvm tools etc., and for the most part behaves properly. The GUI is handy for remote access and management (with self-signed cert), and is pretty functional for all but the corneriest of corner cases.

This past week I needed to ssh in in order to e2fsck my storage prior to lvextending it. Kinda disappointed I had to do that, but the fact is that I could and did. Also, since the RAID is in software, in theory I could pull my 7 drive RAID out and stick it in another linux box and vg(im|ex)port it.

My 1812+ has adequate power for pushing ~100+MB/s with its dual-core Atom and 3GB (it took a spare laptop SO-DIMM), and runs at a pretty low wattage rate vs. a handbuild mid tower. It can't transcode, but I have WDTV Live boxes that support most codecs fairly well for that.

Re:Take a look at Synology's DSM (0)

Anonymous Coward | about 6 months ago | (#46492901)

+1 - the newest (5.0) is a pretty good upgrade so far.

None (1)

Charliemopps (1157495) | about 6 months ago | (#46491025)

UI's suck... pretty much all of them. In order to look pretty they do away with functionality. Give me telnet access, command line, don't make your commands stupid and we're good to go.

Re:None (4, Interesting)

msauve (701917) | about 6 months ago | (#46491079)

s/telnet/ssh/

I prefer my critical infrastructure management to be somewhat secure.

SNMP (0)

Anonymous Coward | about 6 months ago | (#46492647)

Yes, a command line would be nice. A real one, not a stateful TUI without refresh posing as "command line" just because it's run over a serial--yes, I've had to work with that, it's not pretty. But I still rather have my scripts be able to fetch monitoring data using the de-facto industry standard than having to reinvent the wheel. Turns out this is a solved problem, even if it's full of yesteryear's XML. Give me SNMPv3 along with that command line.

Re:None (1)

dfn5 (524972) | about 5 months ago | (#46495963)

s/telnet/ssh/ I prefer my critical infrastructure management to be somewhat secure.

It could be kerberized telnet.

What if you need to reboot (0)

Anonymous Coward | about 5 months ago | (#46496115)

and can't telnet or ssh in,

General goodness (5, Informative)

bertok (226922) | about 6 months ago | (#46491049)

Specific examples are hard to come by, but I've noticed the general trend that differentiates the "good" from the "barely usable"..

* Scalability. For example, a good interface will pop up a "search" box for finding a security group in Active Directory. A bad one will let me chose security groups from a list or a drop-down. Both look equally good when the developer is working in a test environment. The latter will crash when used in a million-object directory. Similarly, check out the DNS management dialog box in Windows, or some Oracle tools. Both will show you "all" objects up to some limit (e.g.: 5000), but then provide a filter option to allow you to narrow down the "search" to prevent the GUI from melting if you look at a database with 500K tables. Yes. It happens. A lot. More than you think. Really.
* Annotations. It's 2014 for Christ's sake! There is absolutely no reason not to include a general "note" or at least a "description" field with every. Single. Thing. Seriously. All of them. I'm not kidding. Look at VMware's vSphere interface as an example of this done reasonably well but not perfectly. They at least allow custom columns so you can tag things systematically. Better yet, newer versions of Microsoft's Group Policy allow annotations on every single setting.
* Versioning. For example, Citrix NetScaler keeps the last 'n' versions of its configuration automatically (5 by default I think). Why the fuck Cisco can't do the same with their 1KB but omfg-they're-ultra-critical-to-the-whole-goddamned-enterprise config files I just don't understand. Maybe they're trying to save precious bytes...
* Policy. Good examples are Cisco UCS Blades and, of course, Active Directory Group Policy. Settings should trickle down through hierarchies. I should never have to set the exact same setting five hundred times. Settings should set-and-unset themselves automatically based on the scenario, e.g.: replacing a blade should not involve having to reconfigure its BIOS settings by hand. A typical bad example is 99% of Linux, where every setting has to be either manually set or set via a script. A script is still manual, just faster. No! Smack yourself in the face! A script is NOT a replacement for a policy engine. Don't breathe in, ready to go on a rant about how great Linux is, and how easy it is to manage, because it's really not. Scripts are a "write only" management tool that result in impossible-to-reverse-engineer solutions that can only be replaced wholesale years down the track.
* Help. I'm not really a storage engineer, I just... dabble. However, I've set up labs with IBM and EMC kit, no problem. The one time I got asked to create a simple logical volume on a Hitachi array, I walked away backwards and refused to touch the stupid thing. It seriously had 10 pages of settings along the lines of "L3 Mode: 5/7?" I mean... wat? So sure, I press F1 for help like a naive fool. It helpfully informed me that the setting configures L3 Mode to either mode 5 or mode 7. I can press "OK" to accept the mode setting, or "Cancel" otherwise. I was enlightened. Meanwhile, the same dialog box on the EMC array basically asks for where, what size, and what RAID level.
* Behind the Scenes. Some GUIs have 1:1 mappings with some sort of underlying command-line or protocol. Consoles based on PowerShell such as most Microsoft and Citrix products come to mind, most Linux/Unix GUIs, and Database admin tools. The better ones will have a "tab" or a pop-up somewhere which shows the "script equivalent" of whatever you're doing in the GUI. This is very useful, particularly for beginners, and we're all beginners with every product at least once.

Really, GUI design is -- or should be -- a science, and not a trivial one! It integrates serious engineering constraints, business restrictions, project management priorities along with the fuzzy complexities of both individual psychology and the complex dynamics of interacting groups of people. It's done woefully wrong even by the largest corporations. In practice, it boils down to the developers not having administrator experience, or a realistic test environment. The best GUIs I've seen were usually those were the developers were working against production systems at scale. That's both rare, and by no means a guarantee...

Re:General goodness (0)

Anonymous Coward | about 6 months ago | (#46491205)

You sir, explained the best. Code monkeys never ask Rack monkeys what issues they face on the real field.
Some monkeys are exceptional like Steve Jobs. Cheers.

Re:General goodness (2)

Chris Newton (1711450) | about 6 months ago | (#46491303)

Code monkeys never ask Rack monkeys what issues they face on the real field.

That’s not entirely fair. As a guy making UIs, I love hearing from the front-line what the users actually want, what they like and what they would like to see improved.

However, most development roles aren’t naturally customer-facing, and the focus for most people between the customers and the developers is usually on features (and commercial matters like pricing, of course), so this is the information that will naturally flow through an organisation and drive development.

Likewise, from the user’s side, often the people who are in contact with suppliers and making buying decisions aren’t the people who are personally going to get that 4am wake-up call to actually use these products. If there are things that matter and they aren’t obvious in the way that a tick in a feature column or a discount on a price are obvious, someone has to tell the guys doing the buying/negotiations so they can pass it on.

Basically, picking up more general usability issues like the ones bertok mentioned above either takes an exceptionally enlightened and well-structured organisation where this kind of information routinely gets passed on as well, or it takes guys at both ends of the chain who form side channels to get the little details through, and this goes on both the supplier and the customer side.

Re:General goodness (4, Informative)

bertok (226922) | about 6 months ago | (#46491727)

I love hearing from the front-line what the users actually want, what they like and what they would like to see improved.

This.

It's surprising how little feedback there is in the real world.

One of the best experiences of my career (when I had a developer hat on), was sitting in the room where Level 1 and 2 support staff were on the phone, supporting a system that I had built and was doing Level 3 support on. Until then, it would not have occurred to me that a good 20% of their time was wasted on looking up contact details. No problem, I integrated a one-click contact-lookup function into the dashboard system. They loved it. I never would have thought that "fast search" (think milliseconds) was a "feature" until I saw how important it was for a helpdesk person to not have to wait for anything while talking to someone interactively.

Things of that nature resulted in a UI that -- while a bit quirky from a developer's perspective -- allowed them to get their jobs done efficiently! It was all really simple stuff to implement, but I wouldn't have ever gone down that path if I didn't have that direct feedback and on-site observation of user behavior.

Re:General goodness (1)

skids (119237) | about 5 months ago | (#46496765)

I never would have thought that "fast search" (think milliseconds) was a "feature" until I saw how important it was for a helpdesk person to not have to wait for anything while talking to someone interactively.

I was pretty much going to give up on the idea that anyone would ever bother making software work reasonably fast again, when I had the pleasure of discovering one of our new products is actually relatively snappy in most respects. The surprising thing was it was written in Java, which while technically capable of being fast, usually doesn't lead developers down the path the fastness.

Not having to wait for half a second or more for everything to happen during multi-stage interactive operations makes things sooooo much more tolerable, even when you're not on the phone with and end-user and/or lower-tier tech.

Re:General goodness (2)

Chris Newton (1711450) | about 6 months ago | (#46491243)

Thank you for the insightful post. I create user interfaces professionally, I share many of your frustrations with the generally poor standards in the industry, and I find it reassuring that at least some people who use the kind of tools I build do actually value good usability!

The one big thing I would add to your points is that whatever kind of user interface you’re building — CLI, GUI, API, whatever — it’s always going to be limited by how well thought-out the underlying configuration model is. If you have a system that requires 745 interacting settings to be correct before it works, and the guy who changes those settings is doing it at 4am after his pager woke him up, you’re unlikely to see a happy ending no matter how polished the presentation of those 745 settings might be in any UI. It never ceases to amaze me how many UIs don’t get their fundamentals down first, and just think it’ll be OK as long as the UI is pretty, compatible with Brand X, compatible with Scripting Tool Y, compatible with Management Protocol Z, or some other useful but second-tier benefit.

Please do share any other rants, general frustrations, examples of things that were really useful, or other similar comments you have. These kinds of threads are gold for those of us who work in the industry.

BIOS Settings (1)

nuckfuts (690967) | about 6 months ago | (#46492511)

I press F1 for help like a naive fool. It helpfully informed me that the setting configures L3 Mode to either mode 5 or mode 7.

This reminds me of the "help" feature in every system BIOS I've ever worked with.

Re:General goodness (1)

skids (119237) | about 5 months ago | (#46496705)

Why the fuck Cisco can't do the same with their 1KB but omfg-they're-ultra-critical-to-the-whole-goddamned-enterprise config files I just don't understand. Maybe they're trying to save precious bytes...

They've started to in IOS 15.x. They even have started (gasp) to take mac address formats other than xxxx.xxxx.xxxx on some of their show commands.
(This day and age all network ready equipment should take pretty much any mac address format from IETF to colon delimited to even less seen stuff like xxxxxx-xxxxxx, but yet still does not, it's pathetic)

Having worked with a bunch of cisco-like devices I have to say cisco still has the best CLI I've seen so far among the major vendors. Being able
to pipe commands and output through a grepish utility is rarer than you might think, and a lot of the ciso workalikes do not have nearly the
discipline Cisco has about making sure you can paste or copy the text config file in and have an identically functioning device (minus just the private keys.)
Then again I haven't had a chance to work with Juniper yet which I've been told is pretty good.

* Behind the Scenes. Some GUIs have 1:1 mappings with some sort of underlying command-line or protocol. Consoles based on PowerShell such as most Microsoft and Citrix products come to mind, most Linux/Unix GUIs, and Database admin tools. The better ones will have a "tab" or a pop-up somewhere which shows the "script equivalent" of whatever you're doing in the GUI. This is very useful, particularly for beginners, and we're all beginners with every product at least once.

Not only that but in the NMS sector it would be super nice if they'd stop trying to just push all the configs out to switches and started allowing mods to be made on the CLI and the NMS to notice and integrate them. Sometimes you just want to have certain portions of the config controlled by switch-local configs, because they are easier to administer that way.

I'd add auto rollback to your list. All interfaces to networking equipment should offer the ability to apply changes, and have them take effect and then, if you do not confirm to make them permanent, revert the changes in a X minute window, like unto what the PC user does when changing a video mode. It's an essential last line of defense against human error, because most networking equipment can strand itself because it is managed in-band to save cash. (The number of NMS's that don't know how to renumber the far side of an interface first before the near side is like 99% of them, BTW)

keep it simple (1)

redback (15527) | about 6 months ago | (#46491063)

Anything that doesnt require java, flash, silverlight, or god knows what else.

Anything that works in all browsers.

Re:keep it simple (1)

Golden_Rider (137548) | about 6 months ago | (#46493085)

Anything that doesnt require java, flash, silverlight, or god knows what else.

Anything that works in all browsers.

This. Seriously. Any management GUI which requires Java deserves to die in a fire. Because when you need to use it - which for some management GUI like a storage box which is configured once and then left alone until something needs to be changed might happen once every couple months - you can be ABSOLUTELY SURE that the computer you are sitting at either has no Java runtime environment at all or one which is the wrong version. At work, I have special VMs sitting around which I can fire up in case I need to connect to one of those ancient remote management boards which need Java 1.4.1 or stuff like that, and I have to be careful not to accidentally update those machines.

It is super annoying to find out that just to be allowed to click that one button, you first have to get a Java runtime (in the right version!) and install it, because sometimes you do not have an Internet connection available so you have to mess around with a USB stick, you introduce additional security risks by installing Java, most likely you accidentally forget about NOT leaving that Ask toolbar install option selected and have to clean up afterwards, etc.

CLI (1)

kjhambrick (111698) | about 6 months ago | (#46491093)

bash ; GNU tools ; ssh

Mega management user experience (0)

Anonymous Coward | about 6 months ago | (#46491109)

I found out rj-45 plugs have this mega management user interface. I can control the whole internet with one little tab thingie.

Snapgear (1)

dbIII (701233) | about 6 months ago | (#46491125)

Snapgear had a really nice GUI front end to iptables on their firewall/routers. Considering how iptables could lend itself to end up like a mess of spaghetti if handled badly that's quite a feat.

not up to the snuff (0)

Anonymous Coward | about 6 months ago | (#46491153)

> not up to the snuff

Like your English. Do you shake your head from side to side when you talk?

Ui != Ux (1)

Dan Askme (2895283) | about 6 months ago | (#46491165)

Windows XP
Debian + LXDE

Both on my IT appliance (the PC).
Both simple, fast and designed for functionality and not some new buzzword called "user experience".

Try Isilon's OneFS UI or InsightIQ (0)

Anonymous Coward | about 6 months ago | (#46491241)

Very intuitive, especially insightIQ, you can just drag performance graphs left and right drill down on things over and over with a click and easily export data to csv with one click.

simple and automatable (1)

vginders (521915) | about 6 months ago | (#46491257)

* A simple web frontend for manual things, that simply works in modern browsers
* A complete and easy (no SOAP please, yes I'm looking at you BIG-IP/F5) API and/or cli that can be driven from automation tools, and that provides easily for idempotency.

Re:simple and automatable (0)

Anonymous Coward | about 6 months ago | (#46491399)

Kind of late, but hey..getting there :)
https://devcentral.f5.com/articles/icontrol-rest-101-getting-started#.UyRPTPl_t1Y

Synology NAS raids (0)

Anonymous Coward | about 6 months ago | (#46491259)

Can't get any better than the Synology raid.

It's a delight to use and runs in the browser, has extensive help with everything, is written *right*, so background tasks like copy etc. can proceed without the client logged in. It supports lots of users and keeps their stuff separate.

Really it's how software should be.

http://www.synology.com/en-global/dsm/index

Slashdot Beta! (0)

Anonymous Coward | about 6 months ago | (#46491295)

No joke!

HP's OA and VC interface (0)

Anonymous Coward | about 6 months ago | (#46491357)

The management tools for the HP blade enclosures are some that I use on a regular basis that don't leave me screaming in frustration. They use panes well and don't clobber your context on a drill-down. They are extremely dense but the top 20% of functions is never more than 2-3 clicks away. And the obscure settings you last touched 6 months ago can usually be found within 15 seconds. Help function is not totally useless. It's unfortunate that it's built with Flash forms, but it does seem to be Firefox/Linux tolerant.

ANSI color (0)

Anonymous Coward | about 6 months ago | (#46491421)

Basically just nice color CLI.
I like lynx and aptitude.
Not really appliances, but i like 'em.

A power switch (1)

tlambert (566799) | about 6 months ago | (#46491445)

A power switch

If you need UI beyond that, then there is something wrong with the default settings for your device.

For a networking or storage appliance, it should get on the network using stateless autoconfiguration.

If a system on your network wants to use it, it should find the services the device offers via service discovery.

If you need access controls, the device itself should find your directory service on your network via service discovery.

The only thing you should possibly have to deal with explicitly is pairing with the directory service, and if that's necessary so that you can't be MITM'ed by someone making unauthorized use of your network, it should be a momentary contact button and an LED other than the power LED on the front of the device, combined with a serial number affixed to the device. Think "Bluetooth keyboard/headset pairing".

If you administer anything at all, it should be your directory server, mostly to establish accounts, and ACLs for the accounts, which are then used to authenticate the machines that consume services advertised by the appliances and servers on your network, and on the peer machines/clients which establish authentication sessions after you hit ctrl-alt-del, or login to the login window after boot.

Re:A power switch (1)

bill_mcgonigle (4333) | about 6 months ago | (#46492573)

For a networking or storage appliance, it should get on the network using stateless autoconfiguration.

Hey, man, you've given yourself away as being from the future.

pfSense is a good example of how to do an interface well for network configuration. I'm not sure that defining a network topology in a directory server would be easier or better.

IP address AND the power switch (1)

billstewart (78916) | about 6 months ago | (#46492837)

You've got to set an IP address somehow. Typing a MAC address into your DHCP server isn't a cool way to do it, and you need an address that you know from the outside, not just an address the device can use to talk to servers it already knows about.

The equipment I've been using recently added a front-panel LCD/pushbutton mechanism that lets you set the IP address; previous versions of the hardware required you to either log in with an RS232 console that got a shell prompt or else use a VGA monitor and keyboard (and stupidly, the default on some versions of it required you to use the VGA/keyboard to tell the device to use the serial console.)

And while almost all the rest of the administration gets done using a web GUI, the system (which ran a custom Linux) didn't have an X server, so you typically needed to bring a VGA monitor and keyboard AND a laptop; the current versions let you do a bit more from CLI, so that's slightly less annoying.

But if you want to reimage the box (which you have to do for major version upgrades), ALMOST all of the steps can be done via the serial console. Except for the one step in the middle, where the box remembers its IP address settings but forgets that you were using a serial console instead of VGA, so you still need to have a technician onsite with a VGA, instead of being able to use a modem.

Re:IP address AND the power switch (1)

skids (119237) | about 5 months ago | (#46496833)

Sometimes with these troublesome devices you'll find that it's on a server with a LOM board with fully functional emulated VGA, so it's technically possible to get them off the ground with nothing but an additional (trusted) ethernet connection. It's usually only worth figuring out how to do that if you have a lot of them, though, due to the large variety of LOM systems and their various nuances,

But yes, it always sickens me when a Linux-based device ships with nothing but local GUI config tools.

Re:A power switch (1)

skids (119237) | about 5 months ago | (#46496819)

You obviously only administer small LAN systems in low security environments.

Stateless autoconf, uPNP, zeroconf, prolific service discovery stacks, and non-local authentication databases are the very first things we turn off on any system that requires security-in-depth and rock-solid stability. These are all end-user/domain features that have no place in WAN, metro-lan, and border network infrastructure.

No web interface (0)

Anonymous Coward | about 6 months ago | (#46491469)

We do not want to connect through some silly web browser interface. We just want an SSH terminal connection with a sane command set. It really is the most powerful and clean way to implement a management interface for network and storage appliances. Additionally there must be premium documentation with lots of good hands-on examples.

Re:No web interface (1)

skids (119237) | about 5 months ago | (#46496845)

For the most part, yes, but there's something to be said for gui in the fwbuilder/ASDM space and for visibility operations. A minority of tasks are actually easier in a GUI, though it has to be a pretty good GUI or its a wash.

EMC Unisphere as a negative example (0)

Anonymous Coward | about 6 months ago | (#46491485)

The current storage array management tool from EMC, Unisphere, is a prime example of how NOT to design a friendly interface. Every 'submit' you hit will pop up 2-3 modal confirmation or status boxes. Every informational sub-pane you hit will have to get the columns resized to read all the contents. Functionality is scattered across multiple tabs - 'storage' will let you control all the settings of pools and luns except for storage groups. That's under the host tab. Reading performance data requires you to find a specific data file on the array, download it to the desktop, then open it in the browser. And this is only from 1 of the storage processors. If you want aggregate numbers download 2 files, open them in the 'merge' function, the re-open the merged file in the browser. If you want to look at several days of data, repeat the above process for each 12 hour period.

  EMC is very proud of Unisphere. Because it's an improvement over the previous tool, Navisphere. I recently taught a newbie to manage an ancient array in the lab with Navisphere - a Herculean task because it made no sense at all .....

relative URLs; Isilon vs. NetApp; F5 BigIP (1)

Anonymous Coward | about 6 months ago | (#46491527)

For all the folks writing up the HTML code that goes into these things: use relative URLS!

Do not put the hostname (or IP address) of the device in any of the HTML. Us IT folks sometimes need to go through proxies (and SSH tunnels) to get to these devices (which are often on isolated "management" VLANs/networks). Simply put "/network/settings" instead of "http://mydevice/network/settings" in any [a href] links (or [img] or CSS references).

If the link in the HTML has "10.10.20.45" or "netdev01.mgt.example.com" in it, but my browser is actually connecting to "localhost" (because I have to do a SSH double-hop with forwarding), I'm going to think really evil thoughts about whomever wrote the HTML generator. I do not have to want to start editing my /etc/hosts or adding aliases to lo0 loopback interface.

As for general example of what to do, using storage appliances as examples: EMC Isilon is how to do things, which is mostly straight HTML. They have some Flash in there that I find annoying, and which they should probably replace with HTML5/AJAX/SVG/etc., but that's mostly for charts and not too big of a deal. NetApp's ONTAP is how not to do things: you double-click on an icon, it launches a Java app on your workstation, then launches your web browsers at localhost to talk to the Java app. WTF?

Another comparison about Isilon versus NetApp: on OneFS you SSH in and get a full, proper Unix prompt on a FreeBSD system (with rsync, zsh, bash, screen, etc.). With ONTAP (which is also using a FreeBSD system for the underlying OS) you get a limited Fischer Price set of commands.

F5's BigIPs are also pretty good: a nice Flash-free web interface (though some of the menu layouts are convoluted), but you can SSH in as well. The admin can create new accounts, and each account can be given either a full bash shell or a 'Fischer' Price shell on SSH login (which is a nice compromise between Unix-nerd-level users and moderately-advanced users).

Re:relative URLs; Isilon vs. NetApp; F5 BigIP (1)

tippen (704534) | about 6 months ago | (#46492035)

For all the folks writing up the HTML code that goes into these things: use relative URLS!

Do not put the hostname (or IP address) of the device in any of the HTML. Us IT folks sometimes need to go through proxies (and SSH tunnels) to get to these devices (which are often on isolated "management" VLANs/networks). Simply put "/network/settings" instead of "http://mydevice/network/settings" in any [a href] links (or [img] or CSS references).

If the link in the HTML has "10.10.20.45" or "netdev01.mgt.example.com" in it, but my browser is actually connecting to "localhost" (because I have to do a SSH double-hop with forwarding), I'm going to think really evil thoughts about whomever wrote the HTML generator. I do not have to want to start editing my /etc/hosts or adding aliases to lo0 loopback interface.

Great point and something easy to miss during the mayhem of implementation of a new product.

CLI is the best UX for me (1)

devlogic (109750) | about 6 months ago | (#46491763)

As a network administrator who configures routers, switches, and firewalls on a regular basis, I don't give a flying flip about what's commonly thought of as "good UX design" on IT appliances. The best UX for me is the one that's the fastest. Which means SSH, CLI, and text editors over anything graphical. As examples:
A router's web interface requires clicking through multiple pages to find the right box to check or fill in to add a new subnet to a BGP session (if it's even possible at all). Via CLI, I can do this with one config stanza.
I'd rather edit a config file (preferably one that's well-commented) in a text editor than wade through the web interface on any appliance.
I'll ALWAYS open up PuTTY instead of ASDM when I need to modify a firewall rule on a Cisco ASA.

Re:CLI is the best UX for me (0)

Anonymous Coward | about 6 months ago | (#46491913)

Good UX design applies equally to CLI as well as GUI, which I'm guessing you actually do give a flying flip about.

Would you rather use a PIX running v6 or earlier, or an ASA running v7-9?

Worst (CLI) UX design for me has got to be 'tc' in Linux, whatever the garbage is that runs on Dell PowerConnect 5XXXs, and the pre-Cisco/IOS Aironet configuration interface.

Re:CLI is the best UX for me (1)

tippen (704534) | about 6 months ago | (#46492137)

Good UX design applies equally to CLI as well as GUI, which I'm guessing you actually do give a flying flip about.

Yes, which is why I asked about UX design instead of "best GUI"

Re:CLI is the best UX for me (0)

Anonymous Coward | about 6 months ago | (#46493515)

Oh yes, 'tc' is so bad it almost shouldn't be mentioned because it makes any other horrible interface look nearly flawless by comparison. Others have mentioned how iptables can get messy, but have you looked into its future repacement, nftables? It seems like the same guy responsible for tc has done nftables, but he wanted to scale back the documentation because tc was too friendly. So thankful for pf...

Re:CLI is the best UX for me (1)

skids (119237) | about 5 months ago | (#46496893)

One advantage that CLI has over GUI that few people seem to realize is this:

Documentation for a CLI takes about 1/5th the resource to create, maintain, and display, is easily text searchable both inside the document and on the web, and rarely requires anything more than basic HTML to render. Just try to find "the button labeled 'address' under the 'resources' content pane tab reached by drilling down five levels in the menu tree each of which has an equally generic name. Oh yeah and the whole mess was opened unde the 'File' top menu.

I your lucky you'll find that after stringing that together into "FIle/foo/bar/phnord/derp/dee/resources/address" someone else bothered to do the same in your support forums.

WIth a cli, the command you need to paste into a search engine you are using is right there for you to cut from your command history.

Browser Based GUIs (1)

RealRav (607677) | about 6 months ago | (#46491819)

I personally hate the trend of browser GUIs. They are always sluggish and frustrating. If I can't have an installed application I'd rather have a CLI. An added bonus to the CLI is that it keeps out the TechTards and we all make more money!

Re:Browser Based GUIs (1)

skids (119237) | about 5 months ago | (#46496903)

The "sluggish and frustrating" school of coders have managed to work their vile magic on some CLIs I've seen in recent products, too. Their suck knowns no limits.

ZeroShell (1)

GWXerog (3151863) | about 6 months ago | (#46491823)

The best WebUI I ever saw on a networking appliance is the one that comes with ZeroShell. High information density with very clear and concise controls http://www.zeroshell.org/ss/pr... [zeroshell.org]

Palo Alto Networks firewalls (1)

certain death (947081) | about 6 months ago | (#46491995)

They have a good functional, easy to use web interface that is just as powerful, if not more so, than the CLI. Both the web interface and CLI are easy to use and just make sense.

Re:Palo Alto Networks firewalls (1)

tippen (704534) | about 6 months ago | (#46492161)

Is security policy management effective from the CLI on PAN firewalls?

For the relatively simple network settings (port config, user admin, etc.), CLI is fast and easy. Hard to imagine trying to deal with complex policy configuration from the CLI. Do you end up switching to the GUI for that?

Re:Palo Alto Networks firewalls (1)

Dakiraun (1633747) | about 6 months ago | (#46492209)

Agreed. In the last 14 years that I've been exposed to WebGUIs or free-standing GUI shells for appliances, The Palo Alto one is one of the cleanest, most intuitive and best thought out. Is is perfect? No... there are still a lot of short comings, but it's well ahead of a lot of others not only in its own category, but just appliance GUIs in general. It works well on any OS, in nearly any browser and even without any lessons or tutorials, a person can get the feel for what they're doing in it relatively quickly.

Synology NAS is excellent (2)

horza (87255) | about 6 months ago | (#46492001)

If you don't mind home appliances, then the Synology one is the best I have experienced. Easy to use, stable, one click installs for everything, intuitive. It does the desktop metaphor but unlike all the JS libraries I've come across this one doesn't appear to lag. Well suited to its application.

In terms of server management, er probably none of them. Including the web based ones like cPanel, webmin and Plesk. OpenPanel has pretty screen shots, though you don't want to read phrases like "Please note that OpenApp always expects a clean install! Installing OpenApp packages on a non-clean system is likely to lead to data-loss or a non-functional system" so I wouldn't actually install it. All the ISPs present bottom-up approach to management, making it piecemeal. I'd rather have a top-down approach.

Phillip.

Meraki switches, routers, and access points... (0)

Anonymous Coward | about 6 months ago | (#46492065)

I love the Meraki web interface.

how about command line? (0)

Anonymous Coward | about 6 months ago | (#46492067)

For me, I really prefer a command line interface, or at least a way to script a configuration. Seems there are so many times I cannot bring up a gui for one reason or another. Scripting makes it easily repeatable, generally more scalable and easy to go back and see how something was done before. Keep your scripted configs in version control.

VI (0)

Anonymous Coward | about 6 months ago | (#46492387)

All these references to CLI, but all of you forget to mention VI. The lovely minimalist, but highly usable and to the point interface.

Tintri and Pure Storage (0)

Anonymous Coward | about 6 months ago | (#46492407)

Both Tintri and Pure Storage have UI's that add to the value of the product rather than try to throw up all possible CLI commands into a jumbled mess. Awesome reporting, dashboards, graphs, etc that help you understand what's using your I/O performance and capacity, and a quick to configure interface for n00bs buying a new product from a new company.

LuCi from Openwrt (2)

Jonathan P. Bennett (2872425) | about 6 months ago | (#46492419)

I really do like the LuCi interface on the openwrt project. Though it's even more fun to turn it off, leaving only ssh access, and get calls from the clueless IT guy that is trying to twiddle something he shouldn't be.

Best I've seen is Synology's DSM (0)

Anonymous Coward | about 6 months ago | (#46492795)

Synology has done a remarkable job of creating a single UX design that scales from a single hard drive NAS (DS112) to a 106 drive NAS (RS10613xs+). In addition this management interface crosses several different vendors's CPUs as you move up through the product line. Their most recent release (DSM 5.0) gives you are real desktop feel in a web based interface.

Negative Example (2)

the eric conspiracy (20178) | about 6 months ago | (#46493103)

NOT Sonicwall!!! Gawd it SUX.

The less your UI has in common with that clusterfuck the better.

API's (1)

cybaz (538103) | about 6 months ago | (#46493281)

I don't want any more GUI's, just RESTful API's that have complete functionality, not just a few commands for common tasks. Fancy UI's are fine for demo's so salespeople have something for customers to ooh and ahh over, or for small customers with limited IT staff. Most work these days is going into automation involving multiple tasks.

A10 Load Balancers win (0)

Anonymous Coward | about 6 months ago | (#46493365)

A10 Load Balancers UI is well made reasonably bug free. Includes all needed options for whatever part you are working on and is not dumbed down to keep you form hurting yourself.

I have a number of them. (2)

attemptedgoalie (634133) | about 6 months ago | (#46493505)

NetApp

- Command Line in cDOT is pretty useful, I script a ton of things due to this.
- OnCommand System Manager has problems, it even lost functionality in the move from the non clustered OnTap to clustered OnTap. (easy to fix on their end, just a lack of attention to detail) But when you have 30+ filers across a dozen sites, it's all well organized. I'd like to see better performance, but it does 90% of what I need.
- The old FilerView worked for a small shop, but having all filers in the same interface is mandatory when you have as many as we do.

Isilon
- The web interface is pretty in OneFS7, but working with fileshares is kind of icky. When you have something that scales to 20-40PB, you'll have a few fileshares. And every time I have to work with one, it's not a great experience.

Violin
- My old 3000 series had an excellent interface, but it's limited since it's straight SAN, no CIFS/NFS. But fully HTML5, fully rearrangeable.
- The 6000 series interface is supposed to be a tremendous upgrade. I have one in a box waiting for me to get to our DR site to light it up, so hopefully soon I'll know more. But this has been my favorite interface so far.

Nimble
- I don't use this one weekly, a different admin works on it, but it seems pretty straight forward.

DataDomain
- Same as above. It works. Nothing to write home about.

FusionIO
- Big whoop. We're actually going to put Pernix in front of our FusionIO cards and stop using their interface as Pernix has so much better functionality and integration with vCenter.

PureStorage
- I don't own this, we are about to do a POC. But it seems pretty nice from the sales pitch/demos.

If you want to see a decent layout, NetApp's onCommand System Manager does a good job.

If you want to see excellent non-Adobe flash functionality, Violin.

Hope that's useful.

Cisco IOS (0)

Anonymous Coward | about 6 months ago | (#46493599)

Changes in browser tech make well-intentioned appliances un-usable, sometimes prior to the end of their service life (SonicWall). This problem arises because they attempt to accommodate the lowest common denominator, rather than ask the individual to use their brain and navigate through a non-glossed experience.

Hopefully more manufacturers will focus on solid SSH interfaces, and resist the incessant tug of the Apple-it-up crowd. I prefer saving money and the environment to a control interface that feels like iTunes. Sadly, this makes me the oddball consumer.

Re:Cisco IOS (1)

skids (119237) | about 5 months ago | (#46496921)

This reminded me to mention -- developers, please check that your terminal interface works from linux, not with some bastardized windows ssh client. Linux users are your most likely CLI users, and if you do anything with escape sequences, there is a tangible chance you'll step on an incompatibility. Oh, and don't activate the secondary VT100 screen please, we want to be able to scroll up and cut from our previous output. Also check that the CLI still works after exiting from your device by typing some multi-line commands and checking that the scrolling and line editing haven't been screwed up.

a few suggestions (2)

RobertLTux (260313) | about 6 months ago | (#46493605)

1 have a Quick Setup page with the most common settings all in one shot
2 Don't have "mystery magic" type settings (hint have a WIFI ON button not spread the ON function across 3 different settings that seem unrelated)
3 have a CLI "rail" so that CLI monkeys can bash the keys when they want to (but have something in the manual where it says
" to enable the SpeedConfig (TM) rail input %^73gH and the products serial number as your first command [this will be a permanent setting]")
4 put how to get to the admin console on a sticker on the item
5 do not assume that the person is using a laptop with 1024X768 res (hint there are things called netbooks running about and you also have smartphones)

F5 Load Balancers in particular APM module (0)

Anonymous Coward | about 6 months ago | (#46493721)

Everything where it should be.
Excellent help.
Graphical authentication trees.

Cisco are the worst people for making UI that is useful. Their ACS server is the worst.

Re:F5 Load Balancers in particular APM module (1)

skids (119237) | about 5 months ago | (#46496959)

Cisco are the worst people for making UI that is useful.

Hit or miss, really. WCS was at least above par, for example.

Their ACS server is the worst.

Well, that's not a fair basis for judgement, since all attempts at GUIfying core AAA glue functionality is doomed to failure, because what is really needed is a policy language, not a bunch of windows and sequenced tables of rules, and nobody has managed to perfect GUIfying language yet.

Use FreeRADIUS. Unlang may be a bit primitive but at least its language shaped.

Full-fleged bash (0)

Anonymous Coward | about 6 months ago | (#46494923)

Just a proper and full-fledged bash. Seriously, the magic and automation you can do with it...

PRTG (1)

mbeckman (645148) | about 6 months ago | (#46495149)

PRTG (paessler.com). This network management tool is not, strictly speaking, an IT appliance. But it might as well be, since it's trivial to install on a dedicated physical or virtual host, at which point it walks and quacks like any other IT widget. PRTG's interface makes extensive use of Ajax, real time charting, and sports an extremely logical organization that is both intuitive and powerful. It works equally well on desktop and mobile browsers, a rare treat for IT gear.

Infoblox, by far... (0)

Anonymous Coward | about 6 months ago | (#46495497)

Setting aside for the moment the CLI snobs (and I'm one of them) and trying to answer your question in the spirit it was intended the Infoblox IPAM/DNS/DHCP appliances have very, very good UX/UI design up to modern "Web 2.0" (or 3.0) HTML5 standards. You can download their free IPAM virtual appliance to get a taste for this appliance UI look-and-feel.

They take full advantage of the capabilities of modern web design and I'm fairly certain they're using ExtJS for the front-end UI toolkit - and they've taken it to its maximum capabilities and perhaps beyond. It wasn't a quick, let's just make this work bit of coding using the simplest features of ExtJS. They've used its capabilities completely.

It's someone funny, too, as their pre-5.0 NIOS UI was perhaps the worst, clunkiest, and least intuitive Java applet I had ever seen. I simply couldn't use or understand it. Thankfully someone with some sense in their organization realized what they had for a UI was truly awful - no matter how capable the appliances themselves were.

AWS not too shabby (0)

Anonymous Coward | about 5 months ago | (#46496047)

AWS is a shit ton better than most things out there, seems they are trying to look nicer instead of function better as of late. Vmware has become ridiculous, but it never was well laid out at the enterprise level. CLI Tools and doing it your own way to suit your tasks still remain the only way. I must say Synology and Kerio are pretty slick, but AWS web interface is still king.

Unix shell (1)

manu0601 (2221348) | about 5 months ago | (#46496151)

NetBSD (or Linux if that is your faith) on a soerkis [soekris.com] box. UI is a Unix Shell. What else?

Dell Compellent (1)

acoustix (123925) | about 5 months ago | (#46496329)

Dell Compellent's storage array has a very intuitive web management console. It is by far the easiest storage platform I have ever used.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>