On 09/23/2017 07:47 AM, Ca By wrote:
On Sat, Sep 23, 2017 at 7:13 AM Colton Conor <colton.conor@gmail.com> wrote:
Just not sure why big vendors like Alcatel and Comtrend would have them enabled by default if they do more harm than good? Turns out vendors focus on building and selling gear but are not experienced in running networks
I don't have any quarrel with your statement about experience with running networks, but I would surmise the real reason is that same one that caused Microsoft to turn on so much Bad Stuff(tm) in Windows by default: reduction in tech support calls. How many times have you read a manual cover-to-cover for a new piece of equipment before doing ANYTHING with it? Especially when the manual is on CD-ROM, and the PDFs take up about 500 MB of the 700 MB of available space. I have yet to find a piece of network gear that has a "cheat sheet" that bullet-lists all the options (and perhaps a 25-word description) and where in the manual to find how to turn it on/off. Even better would be a collection of canned configuration files, from "absolute minimum" (EVERYTHING turned off) to "all the bells and whistles enabled". Note that this corresponds to the concept of "mostly closed" firewalls and "mostly open" firewalls. I've seen model configuration files in Unix/Linux where all the defaults (which constitutes an absolute minimum of turned-on options) are shown in comments, so that you can just go through the config and turn on exactly what you need.