SDM in Cisco certs?
nhpr
Member Posts: 165
I specifically have a virtual machine set up so that I could practice with the SDM for the CCNA Security exam. Besides, CCNA Security, do any other certs cover material on the SDM or can I banish the evil SDM VM to oblivion forever (where it rightly belongs)?
Comments
-
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
banish the evil SDM VM to oblivion forever (where it rightly belongs)?
Why does everyone hate SDM so much? -
alan2308
Member Posts: 1,854 ■■■■■■■■□□
Why does everyone hate SDM so much?
You must not have sufficient experience in trying to use it.
And from a quick look over the Cisco Certs Page it looks like the madness ends with the CCNA Security. -
networker050184
Mod Posts: 11,962 Mod
Everyone hates it because it tries to turn a Cisco CLI junkie into a point and click guy. You know we all enjoy being on the command line more.
Not to mention the ancient java requirement.An expert is a man who has made all the mistakes which can be made. -
SteveO86
Member Posts: 1,423
Why does everyone hate SDM so much?
I've had bad experiences with it.. It takes too long to load, I found it too complicated to get going, since it requires a specific version of java, and I find it alot quicker to just use the CLI.My Networking blog
Latest blog post: Let's review EIGRP Named Mode
Currently Studying: CCNP: Wireless - IUWMS -
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
You must not have sufficient experience in trying to use it.
And from a quick look over the Cisco Certs Page it looks like the madness ends with the CCNA Security.
Countless hours, trust me. But aside from the Java bugs I don't really see anyting wrong with it. I'll always prefer cli over sdm but it isn't that bad. It's actually a great learning tool by delivering commands to the screen first. Have you ever used the Sonicwall gui, that thing blows. -
nhpr
Member Posts: 165
Why does everyone hate SDM so much?
For me, it's due to my engineer's mentality. I seek to minimize everything and leave only what's necessary (or Keep It Simple Stupid). Having to deal with the SDM is like marching off to war with a tuba strapped to my back; it might provide a little bit of entertainment, but it's only going to slow me down and probably isn't worth the effort.
I'm more than glad to be able to chuck this huge, heavy, shiny tuba off the nearest cliff I find... now that I know I can. -
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
I am a real beginner with Cisco in general and just bought myself a Cisco 877 (ADSL Router + Wireless) and thought SDM is what I need - but it turns out NOW its CCP
But .. if you don't have a clue what you're doing (like myself), then those tools are rather counter productive as they put SO MUCH stuff into the config which
a. is not necessarily needed
b. not working
So I rather start with google and a clean config
Or get a config generator lol : IFM - Cisco 850/870 Config Wizard for New ZealandMy own knowledge base made public: http://open902.com
-
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
But .. if you don't have a clue what you're doing (like myself), then those tools are rather counter productive as they put SO MUCH stuff into the config which
a. is not necessarily needed
b. not working
If you go to Preferences and enable the top checkbox that says "Preview commands before delivering to the router", it will show you what commands are about to be parsed. You can copy it to file, modify the commands, and then deliver them yourself via cli. To me, that in itself makes up for all of it's shortcomings. Very useful if you're learning zbf and vpn for the first time.
-
phantasm
Member Posts: 995
SDM is the devil. I despise it's existence. I've known plenty of "network techs" who when confronted with a CLI on a Cisco box ask for the SDM or CCP. I let them flounder and walk away. Cisco != Linksys."No man ever steps in the same river twice, for it's not the same river and he's not the same man." -Heraclitus -
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
If you go to Preferences and enable the top checkbox that says "Preview commands before delivering to the router", it will show you what commands are about to be parsed. You can copy it to file, modify the commands, and then deliver them yourself via cli. To me, that in itself makes up for all of it's shortcomings. Very useful if you're learning zbf and vpn for the first time.
Yea saw something similar on the CCP ..
By the way - isn't the SDM dead now anyway ?My own knowledge base made public: http://open902.com -
Panzer919
Member Posts: 462
I loath SDM/ASDM for routers and switches, it does not serve enough of a purpose to be needed IMHO. The CLI (for me) is not difficult, its very logical, it does what I tell it to do (even when I'm wrong), and I do enough show commands to not want to have to move through windows. When I was in the netacad and we had to do it on the ISCW I threw a fit and refused to do it. I just went through the CLI unless I absolutely had to use it.
That being said I do use it for my ASA's. Reason being I'm not proficient with the code yet and it makes minor changes easier for me. Not saying I can't take my time and reverse engineer my way to whats needed, but when things need to be done now, it just makes it easier. I do plan on going back and learning it AFTER all my R&S studies though.Cisco Brat Blog
I think “very senior” gets stuck in there because the last six yahoos that applied for the position couldn’t tell a packet from a Snickers bar.
Luck is where opportunity and proper planning meet
I have not failed. I've just found 10,000 ways that won't work.
Thomas A. Edison -
millworx
Member Posts: 290
You will have to know it on the security track for ASA's. There are somethings that cannot be done from the CLI. For instance dynamic access policies. You can configure several DAP related things in the CLI, but it uses an .xml file which is only generated when you create the policies through the ASDM. Try configuring it all from the CLI and it will not work.
That being said, no for most of the exams you wont be using the GUI.Currently Reading:
CCIE: Network Security Principals and Practices
CCIE: Routing and Switching Exam Certification Guide -
chrisone
Member Posts: 2,278 ■■■■■■■■■□
I dont use SDM but i like ASDM for regular day to day ACL tasks on our ASA. Saves a lot of time, but yeah the Java compatibility needs a refresher.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
ITdude
Member Posts: 1,181 ■■■□□□□□□□
I usually hang out on 224.0.0.10 (FF02::A) and 224.0.0.5 (FF02::5) when I'm in a non-proprietary mood.
__________________________________________
Simplicity is the ultimate sophistication.
(Leonardo da Vinci) -
Forsaken_GA
Member Posts: 4,024
Why does everyone hate SDM so much?
real network engineers use terminal windows
On a more serious note - mostly, it's because Cisco is absolutely crappy at making GUI software. SDM and CiscoWorks are some of my least favorite things. -
Forsaken_GA
Member Posts: 4,024
Yes, SDM is EoL. Replaced by CCP
Shows how much I use it, I wasn't even aware this had happened.
And dear god, they make you jump through some hoops now to download some software. -
rsutton
Member Posts: 1,029 ■■■■■□□□□□
I like the ASDM. Since I only touch Cisco equipment a few times a year using the CLI takes more time to get what I need done than does using the ASDM. I have not had any major problems with it.
