I bought heavily into the Ubiquiti (UI) Unifi eco-system around 2015 after many years of messing about with “advanced” SME routers for my home Internet connection ranging from physical devices such as Draytek and Cisco 800 series through to Astaro UTM9 and Sophos XG running as virtual appliances based on ESXi.
We’d always used Meraki at work for smaller networks and I’ve always been impressed with the ease of management through a single pane of glass. While I’m more than capable of the administration of Cisco routers, who needs that noise after a day in the office fixing problems for other people?
Ubiquiti’s Unifi lineup caught my eye as it seemed to offer Meraki like functionality for a fraction of the cost and no ongoing license fees. I started with a USG3P, a 16 port USW POE switch, one of the older access points, I can’t remember which specifically and the first generation of CloudKey.
Apart from a couple of issues where the CloudKey lost power and destroyed its own database, the setup was very stable and didn’t cause any problems. When FTTP was laid past my front door in 2020, I thought I’d treat myself to an upgrade both of the Internet service and network hardware. I tossed out the older stuff and invested in a UDM Pro, a USW-16-POE Gen2 and a couple of HD-Nano AP’s. For good measure, the CCTV system I had in place was an old Swann setup that caused nothing but hassle so I threw a couple of G3-Pro CCTV cameras on the list as well.
Now why the UDM-Pro? Simply put, there is very little else on the market at this point in time that provides the same WAN throughput (10Gbps) and supports IPS at over a gigabit (3.3Gbps claimed) at this price point.
Initial setup was interesting as The UDM-Pro demands an active Internet connection and a Ubiquiti Website account before it will complete setup. Once I’d figured that out, installation was straight forward. I accepted I was going to lose the ability to manage multiple sites like I could with the Cloudkey or generic Controller but that didn’t really bother me. What I wasn’t prepared for was the fact that the UDM-Pro runs Unifi-OS.
For those not in the know, Unifi-OS is Ubiquiti’s own implementation of a router operating system based on Linux (Debian I think) whereas the older USG product was based around a fork of the Vyatta router OS.
While the underlying operating system base isn’t a problem, what became apparent almost immediately was the lack of feature parity. Things you can do on the USG such as DNAT and hosting multiple public IP addresses on the WAN (albeit through CLI and JSON configuration) were and still are not present on the UDM-Pro. While this isn’t necessarily an issue for me in a home and lab environment, it does become an issue for those wishing to deploy Unifi in production customer environments.
The other irritation is the amount of “beta” labels stuck across the controller software. Even IPS/IDS, a standout feature referenced in marketing is still in beta and to make matters worse, runs a version of Suricata that has long been end of life.
Stability wise, the system on the whole has behaved itself although I’ve had to do a complete recovery a couple of times as a result of beta software testing causing the management interface to crash rendering the device unmanageable.
The TLDR of all this is that the system hardware is great but it is completely let down by shonky software. They are getting there with the OS and as they release (beta!) updates, things do seem to improve.
I guess the ultimate question is knowing what I do now, would I have bought one in the first place and the answer to that is no. I’d have waited until the software is sorted and somewhere on par with the USG.