nice to have both
As someone who used to use Cisco from time to time any time I saw their CLI I wanted to gouge my eyes out with an ice pik, it is soo overly complex for the most basic tasks. Same with Juniper (and others that try to clone the user experience because it's the most common). I'm sure that's fine for folks that are dedicated in that field but for others not so much.
I've been a happy Extreme Networks customer for about 15 years now, their CLI is much easier to manage, one of the main reasons I have stuck with them for so long. If you google "techopsguys simple network management" you can see a blog post I wrote several years ago with a couple good comparisons. Not only is the number of commands massively reduced, but in almost all cases the commands you are typing actually make sense in english (e.g. "create vlan" , and "configure vlan" or "config vlan" for short or "config <vlan name>" for shorter). The OS on the switches is entirely API driven(has been for 13 years). So much so that even on the command line when you run commands it submits API requests to the OS to do things. I learned that 5-6 years ago. To person doing the management it's transparent but I was surprised to see that level of abstraction(?). There is a GUI as well though I believe it is severely limited compared to CLI. I have never really used the GUI.
I remember one incident with the GUI of Cisco PIX many years ago, my manager at the time set it up as I had no PIX experience prior and he used the GUI for everything. I needed to add a rule to allow OUTBOUND traceroute. He said use the GUI. So I did. And the result was the PIX started blocking ALL OUTBOUND TRAFFIC. I was at a loss for words. I later discovered what the problem was, there was no default policy(?) applied to the external interface, so when I made that rule it thought to add a policy, that policy was DENY and so all traffic was dropped, took about 1-2 hours to figure it out and fix. The following weekend I took it upon myself to rip that firewall apart and rebuild it from the ground up, with the CLI so I had total control (and closer to total understanding). The firewalls ran pretty decently after that.
Next company had some issues with their ASA firewalls but that turned out to be the fault of an idiot network engineer who set session timeouts for network connections to a WEEK. The firewalls would max out their session/state count at around 500k and stop passing new traffic. They had this problem for more than a year(happened once every 1-3 months and solution was to reboot both firewalls at the same time) before I joined(Cisco support was not helpful apparently) and I was able to resolve it within minutes(which is when they told me the week timeout, we set it to something like 4 hrs after that and never saw session counts go above about 20k after that).
Some CLIs are bad, some are good. For me the SonicWall CLI is bad, but the GUI is really good(html), so I use the GUI 99.9% of the time there(though Sonicwall Global Management GUI is terrible, the UI directly on the devices is good at least NSA3500/NSA3600). I am still a very happy SonicWall customer for what my org uses them for they work great, very few issues.
With Citrix Netscaler, on the 9.x release at least they used java, and needed an old version of the JVM. At first I didn't like it, but then I saw what they did to the new UI in 10.x with html5. Both myself and the rest of my team would rather keep the older UI, faster, easier, and just better in all areas. We have a dedicated XenApp server for internal management apps like netscaler with an older java version so it works flawlessly. Nobody browses the internet with that system so not much of a security risk. The speed is improved even more over XenApp because of the "chattiness" of the app over a WAN connection slows it to a crawl, but XenApp executes firefox in the data center so that communication is very fast.
Netscaler 10.5 has driven most of our management to the CLI because the html5 interface is so bad. Couldn't even use Netscaler 10.0 or 10.1 because of stupid Netscaler Datastream licensing restrictions which were eliminated in 10.5(and never present on 9.x).
Back when I used F5 BigIP(v10 and earlier) the GUI there was pretty good, the CLI was OK, though I remember several occasions when we used what was it, "bigpipe" to bulk load configuration and config entries would get randomly dropped without notice and it would take some time to figure out what happened, maybe the process we were using was wrong at the time I don't know, I wasn't the designated network engineer.
My favorite kind of UI though is one that can/will show you what underlying commands will be executed for various tasks, though I can't recall the last time I came across one that did that.