The Truth About the UniFi Security Gateways (USGs)
Рет қаралды 42,791
Күн бұрын
@dm-ohio 2 жыл бұрын
They do everything that my SMB clients need. 58 of them deployed and never had a failure or issue.
@jasoncherry2508 2 жыл бұрын
Can you do a similar video for the UDM / UDM-Pro and the switches? Also, could you do videos contrasting the Unifi Line to the Edge line? Great video as always
@chrism556 2 жыл бұрын
Great video, clear and direct. The USG and Dream Machine options are solid devices within the design limitations. We have deployed to many small businesses and residential settings and they require little maintenance to keep running (controller updates and firmware) . If you need more than the stated features of unifi, get a PFSense based device. If you need basic and easy, Unifi is a great option...
@mychaelhouck2404 2 жыл бұрын
Agreed. I'm a hobbiest, and wanted to setup VLANs and some firewall rules at home. Dream Machine Pro has been a perfect fit!
@Practical-IT 2 жыл бұрын
Great summary of the USG Willie. It would be interesting to compare the USG to a typical home router to help people put it into perspective. Some people really swear by the "gaming" routers like the Netgear Nighthawk series. Just thinking bout loud here.
@chrism556 2 жыл бұрын
I would argue that the USG or UDM are perfect for most homes, and way better than the typical internet company box and are upgradable.
@Practical-IT 2 жыл бұрын
@@chrism556 No argument from me.
@Practical-IT 2 жыл бұрын
@@FidelityNation I switched to a USG3 from a device also known as a USG from a different company which decided to discontinue the model I had. Now, I'm looking at replacing my USG3 with a Protectli running pfSense or OPNSense in 2022. Onwards and upwards.
@DocNo27 2 жыл бұрын
More cant's - No custom DNS records No bulk editing for things like static DHCP Good luck trying to get internet only per client stats to figure out/troubleshoot things Good luck trusting stats on Unifi period, for that matter :/
@DocNo27 2 жыл бұрын
@@WillieHowe DNS entries is very common. $50 home routers let you customize what's stored in the local DNS resolver yet after almost 10 years Unifi can't figure it out?!? Ditto for bulk editing - trying to maintain more than a handful of static DHCP reservations in Unifi is a nightmare. God help you if the device has been offline for any amount of time and the stats for it get purged; there is no way to remove a static reservation without hacking the database directly. The amount of basic stuff that has never been cleaned up despite three or four major settings GUI rewrites just boggles my mind.
@sgs-integration 2 жыл бұрын
Absolutely Agree with your arguments, we still quite often use the USG-pro for our hospitality clients here in Indonesia as Dual Wan in Load Balancing is quite important here due to cost and instability of ISPs here.
@JimtheITguy 2 жыл бұрын
Spot on, The USG is actually a good little router, too many people ump on the "They cant do anything" or "I would never use them as they aren't any good" bandwagon, they fit nicely in businesses where they fit the requirements, if they don't then we use Sophos XG's
@stijnphilips 2 жыл бұрын
Same
@HisLoveArmy 2 жыл бұрын
Same
@jlficken 2 жыл бұрын
Why do so many of the features (IPS/IDS, GeoIP Filtering, etc) stay in Beta status for literally years? My theory is that they don't' want to be responsible for them so if there's a problem they'll just say "Well....it's in Beta so you shouldn't be relying on it.".
@deanhoy7882 2 жыл бұрын
I have had enough of the USG. Im removing mine from my network and replacing it with pfsense. too many vpn issues and the auto NAT on the WAN interface which can only be disabled using json file has finally done it for me. such a shame
@guyot1979 2 жыл бұрын
Excellent, sensible, fact based video. I appreciate your good sense approach (e.g. no JSON files!) It’s more about matching the product to it’s the environments requirements.
@briccimn 2 жыл бұрын
I lost this video, although I had followed you for several years. I totally agree with you. I have several USG put in various locations, for different needs of family and customers. They work like a charm. Yes, it is true that there are a lot of better solutions. But at which costs and how steep is the learning curve? Keep on Willie, I love the honest way you talk about technology! 👍👍👍
@peterfixit7221 2 жыл бұрын
I have the UDM pro, it does everything I need it to
@KentWillumsen 2 жыл бұрын
Yep, replaced my USG3 with Draytek; kept Unifi switches and APs though
@MagnusOlssonMalvik 2 жыл бұрын
No NTP server. I was really surprised when i discovered this as it's small and practical to have on the router in a small network
@d_must4309 2 жыл бұрын
I don't use them, as my past experiences with them were not good. Unifi are great for access points and switches, I do use those.
@Vinothmanick 2 жыл бұрын
Yes exactly their wifi is gud and routing is joke our fav combo is mikrotik routers and unifi AP
@Vinothmanick 2 жыл бұрын
@@WillieHowe hai mostly will be dynamic routing and ospf
@johnrejo 2 жыл бұрын
Always thanks for the video... Really appreciated...
@per-mortenevensen941 2 жыл бұрын
Unifi is ok for Switches and accesspoints. For routers get another one.
@jeffm2787 2 жыл бұрын
PFSense still blows away the USG and UDM lines. I own a USG 3 and a UDM Pro. I stopped using both as they fail on the UI side, nothing but half working buggy 'features'. If you don't want the 'features' to work then they are not bad devices. Running PFSense on a SM C3558 with 32GB of RAM at the moment. So not really a dollar for dollar comparison. I get tired of people saying how great the UDM Pro is when it's clearly just crippled by software issues. Tom at Lawrence systems tells the truth, the actual truth. I did enjoy using the USG as I got it for free. Free is always good. The UDM Pro I paid for and regret it ...for now.
@jeffm2787 2 жыл бұрын
@@WillieHowe I didn't say you lied about anything. But I also am not lying about their software being buggy as hell. To be fair they are working on it. Problem is they get something working and come along and break it the next day. I've had issues with PFSense in the past as well having bugs, difference being they are less and less. Hopefully Ubiquiti gets it together. Great hardware, software...YMMV.
@hamstermc3202 2 жыл бұрын
I have multiple ipsec site to site VPN why can't I connect to my remote user VPNs when on any of the sites? Can they not be used at the same time if on same network?
@mpwieland 2 жыл бұрын
1 have a USG since 3 years, and could never install it properly. Always wants UPDATE but after every update always shows the old firmware.
@kylecurry6841 2 жыл бұрын
I love the USG for a fair amount of things it can do well, however for the things it CAN'T do, like many here, in those cases, that's where PFSense comes into play, else for those who feel SonicWall's are worth the pricy subscriptions needed to make use of their features, then I might endorse those, however I honestly feel that PFS can handle your advanced level needs so long as you're familiar enough with how to implement them. But getting back to the USG, I often times will turn to these since theirs a bigger advantage for ease of scalability if the use cases fall mostly under the things it CAN do, while it's alot cleaner to have one at the root of a network in cases where you're using UniFi products for everything else.
@AndyHernandez18 2 жыл бұрын
All of my clients are small business and these more than fit the bill for them. My question, USG or UDM? I like the single pane of glass and that I have full control over the controller, but you can't deny the hardware performance improvements the UDM's have over the USG's. But I don't like being forced into their cloud infrastructure. Is that the way they are going to them ultimately charge us for it?
@techguy3424 2 жыл бұрын
If the performance benefit would be noticable by your clients then it may be worth the jump, otherwise I'd stick with the USG.
@timcarabott 2 жыл бұрын
I have the UDM Pro. It's great but I have one issue with it. I have an Avaya IP Office PABX....The Avaya IP Phones that can be set up as Remote worker phones which have an inbuilt VPN feature. They then can connect back to the Avaya IP Office via the Firewall. Problem is it doesn't support L2TP over IPSec. It will only work with pure IPSec. Do you think they will ever add this feature/ability down the track? Only way around it at this point would be setting up say an Edge Router at the remote location and using a site-to-site VPN. It's a waste though considering the IP Phones have the inbuilt VPN feature.
@patrick4003 2 жыл бұрын
I have been using a USG3 for over 3 years for business with 15 people. Never had a problem. The reason I chose it is, among other things, to have the possibility of doing VLANs, which a commercial router cannot do.
@khaledkhaled299 11 ай бұрын
Hi Patrick need ur help and advices if u can
@aquatrax123 2 жыл бұрын
Small networks with maybe a few port forwards I'm fine with these. Anything else and they are getting a fortigate.
@andyrandy0815 2 жыл бұрын
no support of multiple Wan ip addresses could be a major con. I don't understand what's so difficult to implement
@andrewseamaster 2 жыл бұрын
What this video to me is a statement of speciation matching requirements. All to often people f about with complexity without the scoped requirements just a desire to implement. Road warrior = remote client VPN. Unififile is the new cloud storage ?
@DinoThugg 2 жыл бұрын
Bro my exact same router in the thumbnail just died today. I'm gonna get the same exact one because I can't be bothered to upgrade to a Dream machine and reset and adopt all these APs I have
@glenjones7708 2 жыл бұрын
Hi Willie, I have learnt a lot from watching your video, up till 3 months ago I hadn't heard of unifi. Now I have set up my home network with A USG 3 and USW 16 POE switch watching your videos. My question is can I set-up a VPN using expressVPN. I want to connect a TV to it. I did find an article 2 years old to show how but it uses a .json configuration file( I don't like using json files). However 2 years is a long time with computers.
@TheDespaxion 2 жыл бұрын
What device would work best for small sme for QoS for Voice
@deonh9303 2 жыл бұрын
Nice video Willie - thank you. I used a USG in my previous setup and it worked great. I’m going to be building a new house in the new year and as much as I love the Unifi ecosystem, I really want something where I can control bandwidth at a port level which none of the USG or UDMs can do currently. APs will be Unifi but what do you suggest as a Router / Firewall to compliment the Unifi APs in a new home deployment where the owner is not a network engineer 😉.
@rollover36 2 жыл бұрын
I'd say pfsense
@ParcoUpchurch 2 жыл бұрын
USG. I am a home office person all this stuff is over my head. All I want are two Unifi Pro AP for my new home and connect all my wireless devices Nest, Google, Smart Locks, all wireless items, etc. I have been happy with my Netgear router and cable internet connection all work well but APs would be better for my new home. I do not feel I need a Dream Machine Pro/SE, etc. Looks to me the USG and an Unfi Switch for the Unifi AP are all I need. Seems everyone is over many head and not speaking to the simple home users is the USG good enough if I have no issues or need to change my current home setup besides finding a way to use APs. You had no issue with your USG?
@MNGermann 2 жыл бұрын
Unifile can be a awesome NAS name. :p
@shaneholloway5341 2 жыл бұрын
Can do you a follow-up to this with how to configure a UDM Pro site to site vpn with AWS? I know it can be done but there are reports with people saying there is an SA issue with the connection to AWS causing stability issues.
@andrewenglish3810 2 жыл бұрын
Who buys a USG anymore? I think people only buy UDR's or UDM-Pro's.
@pbrigham 2 жыл бұрын
UDM Pro is the cheapest 10G Router on the market right now, and more than enough for 99% of home users.
@Walterz930 2 жыл бұрын
I really like the pro all because it has sfp but don’t know if it would work with my fiber instead of having a modem plugged in
@sigp229is 2 жыл бұрын
I have several of our clients fiber directly plugged into the SFP port with no issues.
@niceguy235uk1 2 жыл бұрын
Have they ever sorted the poor throughput from their Ap's? Or have they just buried their head in the sand as usual?
@techguy3424 2 жыл бұрын
It all comes down to use case, cost, reliability and usability in the end. I think the vast majority of small businesses would have nearly all of their needs met by a USG, medium sized businesses on the other hand may start to outgrow it's capabilities.
@razredge68 2 жыл бұрын
I think the biggest issue with Unifi is the misleading marketing. Many of the Unifi products are marketed as enterprise equipment which is just plain wrong. Unifi is great for SOHO solutions because they don't need the advanced features. But an enterprise absolutely needs features such as OSPF and custom QoS options.
@techguy3424 2 жыл бұрын
@@razredge68 yeah you definitely wouldn't want to run this in a large business I think the term "Prosumer" as some have described is fitting. It is more capable than what you get from a run of the mill SOHO routers and you need to have some understanding of networking to really get the most out of it but it still falls short of enterprise security gateways. These are perfect for your standard small restaurant or other small mom and pop businesses.
@terryreedy107 Жыл бұрын
Any issues with the USG-3P router getting download speed above 400Mbps?
@WillieHowe Жыл бұрын
Only if you run IDS IPS
@terryreedy107 Жыл бұрын
@@WillieHowe run not disable correct? Running threat management makes it run faster?
@WillieHowe Жыл бұрын
@@terryreedy107 IDS/IPS makes your USG and UXG go slower. 3 port USG will only be able to do 80Mb throughput with IDS/IPS enabled.
@terryreedy107 Жыл бұрын
@@WillieHowe I have a cable modem from astound. When I run a speed test directly from the the cable modem I get 400Mbps down and 30Mbps up as I should. As soon as I connect to the Router I get 150Mbps ish sometimes close to 200Mbps. Do you think it is a configuration issue or do I simply need a different Router. By the way thank you very much for the assistance.
@WillieHowe Жыл бұрын
@@terryreedy107 Probably a config issue.
@jack6539 2 жыл бұрын
The USG Pro4 OS seems to be EOL'd- at least according to Nessus. Good system. I have been using it for about 2 years now, and I have a pfsense router I am considering replacing it with, but I need to finish my testing. It sure would be nice to have an OpenVPN client, but I am wary about bringing in plugins etc on pfsense.
@nickharvey5149 2 жыл бұрын
I am art a loss as to why you would want to replace incredibly powerful and full featured pfSense with the Unifi router rubbish. Don't get me wrong: all their other stuff is great, just not their routers.
@brianmurray8943 2 жыл бұрын
Yeah, unifi is a big step backwards from pfsense.
@jack6539 2 жыл бұрын
@@nickharvey5149 i am working at going tye other way. I place a high value on having the one pane of glass, but I am shaking out pfsense feature wise With a view to replacing the usg pro
@jeffm2787 2 жыл бұрын
Don't do it. I just replaced my brand new UDM Pro with PFSense as it just blows the doors off anything Unifi offers. Don't get me wrong, I love many of their products, just not their routers. I do run Unifi U6-LR AP's and they are great.
@dan4315 2 жыл бұрын
Ubiquiti routers are so crimpling outdated I don't understand how they can be recommended for any type of business that requires security and support. Decent for home use though.
@hobsonbeeman7529 2 жыл бұрын
I agree with your assessment. I use UniFi switches for businesses, I like the price point, features and no subscription fees. I use Watchguard equipment for firewall and router, a little pricey, but you have 24x7 support real tech support, it is rock solid and very secure. Would not use anything else. If you’re a IT shop, you want to be able make your hours billable and not be troubleshooting UniFi firmware issues (ugh). I really like the UniFi single pane of glass of glass approach, but in my opinion, they are not ready for business class prime time.
@trailheadmedia5578 2 жыл бұрын
Guess I don’t see the relevance on what’s essentially end of life products. Still great content and good information though!
@manuelthallinger7297 2 жыл бұрын
Tbh, in the past they where ok for me, but there are things you cant do and things which are a pain in the ass like ignp proxy, i wouldnt use them anymore and instead use something like a pfsense. the usg's are garbage
@wannabsexy 2 жыл бұрын
i think unifi need to EOL these things and focus on the UDM line
@RandyFuchs 2 жыл бұрын
What's your "go to" ecosystem for the next level from Unifi ? Is there a vendor that has a SPOG management interface, at a price point that doesn't require a bank loan to implement ? Thanks for your videos.. and Happy Holidays!
@Wahinies 2 жыл бұрын
Fortinet
@andrewseamaster 2 жыл бұрын
Meraki
@michaelrichardson8467 2 жыл бұрын
With the most recent update on udm pro you can assign multiple wan ip's. I'm sure 40,000 people already let you know that though 😉
@julianking6603 2 жыл бұрын
What about USG-XG-8? ;)
@MAMDAVEM 2 жыл бұрын
I'm a USG Pro user that has not gone down the UDM route but is waiting for the USG Pro replacement.... which seems to be taking an age.
@regchan 2 жыл бұрын
hmm the start of video sounded weird
@scrag_3 2 жыл бұрын
One word. Fortinet
@scrag_3 2 жыл бұрын
@@WillieHowe I take no offense to your opposition but I am curious as to why you feel the way that you do with Fortinet. I understand that Open Source products help the P&L stay in black Ink. If stateful inspection is all that is required, then basic firewalls are the obvious choice. If the NGFW fits the need, then Watchguard, Sonicwall, Fortinet, Check Point, Cisco Fire-power, and Palo-Alto along with a few others that I am not thinking of all do the same things. The terminology / verbiage between them may be different but having things like Full Layer-2 support, Next Gen gateway AV, Web filtering, Deep packet Proxy, IPS, advanced logging options, Secure DNS Proxy, and other UTM features are things that I require in my business model.
@Wahinies 2 жыл бұрын
@@WillieHowe thats where the fly out terminal comes in handy. I've had to plug in many of the same rules for our clients Fortigates and so just pasting or importing is super fast and takes effect immediately (one of my pet peeves with USG is the 30 second delay for changes to provision).
@scrag_3 2 жыл бұрын
@@Wahinies thanks for sharing your thoughts on this matter.
@SamuelJohnsonBungie 2 жыл бұрын
👋
@citygs 2 жыл бұрын
We use them on every job but we really want the next gen XG version to drop already.
Lawrence Systems
Рет қаралды 235 М.
CTVBY
Рет қаралды 1,8 МЛН
BalcevMMA_BOXING
Рет қаралды 8 МЛН
Tomaž Zaman
Рет қаралды 1,3 МЛН
777 or 404
Рет қаралды 13 М.
Lawrence Systems
Рет қаралды 244 М.
Migrating from USG3/Pro to UXG-Lite/Pro - Lets have a look at all the gateways(mostly) and U-LTE-Pro
JimtheITguy
Рет қаралды 10 М.