It has been a while since my last post. I know this but what better way to get back into it then to review some hardware that I have recently had to review.
The gear is Uniquiti’s UniFi Access point and switch combo.
Website: https://www.ubnt.com/products/#unifi
TL;DR
So lets just get into it, this gear is marketed as being enterprise or business grade but at a lower price then pretty much anyone else that you might associate with enterprise gear. This for some parts is true, the gear packs a fantastic amount of gear into the products and the price is excellent, however some of the features that I would just expect to be in that band of gear is missing.
Hardware
First up the hardware. My first impressions after opening the box is that the gear is good quality. The UniFi AP AC Pro is nice, it is solid and has a pretty light on top. The design is sleek and the devices feels solid in my hands. Despite it being rather “pretty” (Which usually means it doesn’t work) I would give it a high rating in this category.
The UniFi 8 Port switch is similar. It is HEAVY. Like I think that they put some rocks as well into the box type heavy. Once I got it out and plugged it in it does what it says on the box and switches packets. While the switch is nice to look at it, it gets hot. Not just hot, but too hot to pick up hot after a couple of hours. I admit that I wasn’t in a nice cool server room, but the conditions were not extreme heat, It was in a study in the middle of the day with the AP stacked on top of it. This was a little concerning as some of the places we want to put the gear gets hot (IT Closets in the middle of buildings). So I will give this one a good rating, it is nice to look at, but I would not like to work next to it in summer.
Interface
So before we get into this I need to be up front. I cant stand “enterprise” or “managed” hardware that doesn’t have some kind of interface for configuration and diagnostics on the device. I mean call me old fashion but I like to think that in the middle of the night when the device is acting weird, I have something I can connect to and see what is going on. (I know right, WEIRD!).
So neither of these devices have an on board management interface that allows anything useful. The switch I could SSH to and from memory do nothing really useful. Both of these devices must be managed using the UniFi software. So in this category major fail. MAJOR.
One saving grace for these devices is that they are managed by onsite software that is Free. So I will at least point out that at least you still retain control when XXX large company goes bust, or decides to no longer support your device, OR (and this one is CRAZY) I don’t want to pay to use the product that I already purchased.
UniFi Software
Once installed and configured the gear is quite nice. One bug bear that I will just come out with is that we didn’t own/try a firewall device. It would be nice to go into the settings somewhere and turn off references to USG. I mean there was even one feature that I got excited about, turned it on and configured it, then found out that it doesn’t work without USG. 🙁
The configuration of the access points were pretty straight forward, configure profile (or use the default), create SSID, configure settings and vLan / network and BAM! – Wi-Fi. So all good on that front.
The auto power and channel selection for the APs work well, I forced it to a congested channel and then set it back to auto and it moved itself without issue.
The switches, well, um. It was a little more challenging. I mean I am sure the features were there, but try managing 30 vLans on these bad boys and I am pretty sure you will turn grey before you complete configuration. I mean specifying particular vLans for a port – Not possible. This is fine in an environment where I control everything (and it doesn’t talk to a client), but as we all know, if you send multiple vLan traffic over a port to a device that doesn’t support vLans. Security Nightmare. So it would be nice to be able to create maybe a group of network configurations (like vLan only networks) and then be able to attach that group to a port. That would be nice and easy. I am not overly impressed by the switches, however it does do as advertised and switches packets.
HotSpot features
So this is where the wheels came off the tests for us. I wanted to be able to publish an Open SSID to onsite guests and then present them with a splash page where they can sign in using an account (username and password) that we create for them. In the built in software, this is a pipe dream, you can set a global password, or vouchers, or an external authentication source. So in fairness this can be achieved using the external authentication source, but it was hard. I need to run up a Linux server, install apache, mysql etc and then customise PHP and HTML, talk about expert mode.
The devices do support HotSpot 2.0 which is nice, I didn’t even know what it was until I received this equipment, had to go and look it up.
General notes
One thing about the management software / client relationship. This is speculation but it feels like the relationship is very one way. What I mean is that the access points checkin, grab a configuration and then go on their way as an individual access point completely unaware that there are others. There is some information that is fed back, but its basic. I may be wrong on this one, but it seems that way.
Oh also the device can be configured to reach out to a remote network for management using DNS or DHCP which is good or necessary. Also there is no mention of application control features (Layer 2, 3 or 7) with these devices without a USG.
There is also a limit of 4 SSID’s per profile. I am not sure if this is their way of saying more will effect performance due to the time it takes to broadcast the beacons. But it is a limit. This can however be adjusted by using the advanced features.
So the devices are great. I am more impressed with the access point rather then the switch but they are both good quality devices. I think this would fit the small / medium market like a glove, however I would apply the term enterprise loosely.