Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
You can use UniFi and EdgeOS items together, they just aren't controlled with the same controller software. All your UniFi devices are controlled with either your cloud key device or with the controller software installed on a PC/server somewhere on your network (or even cloud hosted). You could also SSH into any of those devices and control them directly if you prefer. EdgeOS (EdgeRouter and EdgeSwitch) all have typical web front ends for common management functions. That web front end also has a command line interface gateway so you can issue commands to it like you would from a CLI shell; of course you could just SSH into them too. There's also UNMS as a centralized method to connect to all your EdgeOS devices, it's not an aggregated controller like the UniFi controller, more of an easy way to interact with each device.

In any case, it's not like the devices aren't compatible with each other, having a network with a mixture of EdgeOS and UniFi devices is just fine, you just can't take advantage of the centralized UniFi controller to manage your EdgeOS items. I wouldn't let that stop me from choosing EdgeOS items though, if you feel EdgeRouter or EdgeSwitch better meet your needs but want to run UniFi APs and a USG I'd say go for it.

As to POE, there are UniFi switches with it. There are a couple 8 port switches with POE (either 60w or 150w I believe). You could get the little USG and a 8 port POE. They have bigger options too but they would likely start getting expensive for the average home user or small business (sorry you may have said what your use case was but I either missed it or forgot). I don't view Ubiquiti as offering a single box that does everything like picking up a typical NetGear WiFi router, I view them as modular and I pick up the combination of devices that do exactly what I'm trying to accomplish. That results in a multiple devices in my homes but I'm happier with the results.

I don't know anything about the Dream Machine the other poster referenced, I've never used one (or even seen it for that matter). I disagree about their assessment of the APs though. I've worked with nanoHDs and had nothing but good experiences. I also disagree with their recommendation to jump right to the UAP-AC-HD, that would be overkill for most home (and even small business) networks. Unless you're running a hotel/convention center (something with pretty high user density where you can make good use of MU-MIMO) you'll be more than good with the UAP-AC-PRO or even the UAP-AC-LITE. Depending on the size of your home or business you'd be ahead to pick up 2/3/4/more UAP-AC-LITEs and distribute them well to provide good signal coverage rather than wasting money on a single (or multiple) UAP-AC-HD. That said, if this is a home deployment and you have an average size house a single centrally located LITE is usually enough all on its own. Larger homes and offices can benefit from multiple drops positioned to avoid dead zones.

I've also never worked with the In Wall units that the other poster said were buggy so I don't have any opinion on that.

Hope that helps.
Connectivity-wise, the AC-Pro and AC-LITE units are fine as long as the throughput is not a consideration. For example, if you need to blanket a large warehouse with Wi-Fi coverage for wireless scanners, buying 50 UAP-AC-HDs would be crazy expensive and unnecessary. However, a lot of home customers are interested in delivering maximum bandwidth to their Wi-Fi devices. With Internet bandwidth available to home users quite often exceeding 500 Mbps and 1Gbps download bandwidth becoming increasingly common, home owners want to get a Wi-Fi system that can blanket their homes with as much throughput as possible. So, it’s not just Wi-Fi connectivity that’s wanted in home environments but Wi-Fi connectivity with maximum throughput.

In my tests, only UAP-AC-HD can deliver on the maximum throughput. This has nothing to do with the fact that this model is a high-density unit that allows up to 500 clients to be associated with one AP. Obviously, no home will have that many clients. It’s the power of the UAP-AC-HD chipset and better antennas that provide much superior throughput and wider coverage via the UAP-AC-HD than via the UAP-nanoHD. Now, if the home owner doesn’t care about pushing the throughput and is satisfied with the throughput in the 400 Mbps range, going with the UAP-nanoHD is fine. Additionally, one UAP-AC-HD may be able to cover a 3,000 sq ft house (if placed centrally), whereas two UAP-nanoHDs placed at opposite ends of such a house may be required to reach into the outer corners of the 3,000 sq ft house.

The home owner should also be aware that the system he/she would install will become the bottleneck to the Internet within just a couple years if the UAP-nanoHD is used even if today the Internet speed to the house is well below 400 Mbps. For example, my home Internet download bandwidth was recently upgrade by Comcast Xfinity from 150 Mbps to 300 Mbps for no extra charge. I’m sure that in a year or two, it will be doubled again for no additional price. Even then, my Wi-Fi will not become the bottleneck.

On the other hand, Ubiquiti doesn’t yet have Wi-Fi 6 based APs, so none of their APs are capable of 1Gbps real-world throughput. The most they could get with the UAP-AC-HD is in the 700 Mbps real-world throughput, so if they plan to get 1 Gbps Internet, the Wi-Fi system will be the bottleneck until they get both clients and APs capable of Wi-Fi6.

In my opinion, if one invests in a prosumer-level networking equipment in the house, it’s better to spend a little more and get a system that doesn’t need to be forklifted for at least 5 years. I think that the UAP-AC-HD would be a solid investment for the next 5 years as long as you are not chasing gigabit throughput, especially because existing older clients will not be able to take advantage of Wi-Fi 6 AP system. The UAP-nanoHD is too much of a compromise to keep for the next 5 years, as most homes in the US will definitely have internet bandwidth exceeding 400 Mbps in the next few years, and the UAP-nanoHD would become the bottleneck to such download bandwidths.

In no way would I recommend the UAP-AC-Pro or UAP-AC-LITE for a home. One would be much better off with the a couple 2013 AirPort Extremes or Time Capsules for a house. It doesn’t mean that these two AP models have no business use case anymore. A large warehouse where wireless scanners are used is one such example. A hotel is another example. But, these models are too weak to provide modern Internet bandwidth in a house unless your Internet bandwidth doesn’t exceed 100 Mbps. But even in that case, these models are so old and their chipsets are so weak and outdated that investing in these units (unless you have to buy dozens or hundreds of them) makes no sense, as you are not saving a lot of money but are setting yourself up for another upgrade in the near future.

I vacation in an amazing area of Quebec, where the maximum Internet bandwidth available to home owners is 30 Mbps. In such areas, I would not hesitate recommending the UAP-nanoHD. There would be absolutely no reason to deploy the UAP-AC-HD there.
 
Last edited:
  • Love
Reactions: tennisproha
Connectivity-wise, the AC-Pro and AC-LITE units are fine as long as the throughput is not a consideration. For example, if you need to blanket a large warehouse with Wi-Fi coverage for wireless scanners, buying 50 UAP-AC-HDs would be crazy expensive and unnecessary. However, a lot of home customers are interested in delivering maximum bandwidth to their Wi-Fi devices. With Internet bandwidth available to home users quite often exceeding 500 Mbps and 1Gbps download bandwidth becoming increasingly common, home owners want to get a Wi-Fi system that can blanket their homes with as much throughput as possible. So, it’s not just Wi-Fi connectivity that’s wanted in home environments but Wi-Fi connectivity with maximum throughput.

In my tests, only UAP-AC-HD can deliver on the maximum throughput. This has nothing to do with the fact that this model is a high-density unit that allows up to 500 clients to be associated with one AP. Obviously, no home will have that many clients. It’s the power of the UAP-AC-HD chipset and better antennas that provide much superior throughput and wider coverage via the UAP-AC-HD than via the UAP-nanoHD. Now, if the home owner doesn’t care about pushing the throughput and is satisfied with the throughput in the 400 Mbps range, going with the UAP-nanoHD is fine. Additionally, one UAP-AC-HD may be able to cover a 3,000 sq ft house (if placed centrally), whereas two UAP-nanoHDs placed at opposite ends of such a house may be required to reach into the outer corners of the 3,000 sq ft house.

The home owner should also be aware that the system he/she would install will become the bottleneck to the Internet within just a couple years if the UAP-nanoHD is used even if today the Internet speed to the house is well below 400 Mbps. For example, my home Internet download bandwidth was recently upgrade by Comcast Xfinity from 150 Mbps to 300 Mbps for no extra charge. I’m sure that in a year or two, it will be doubled again for no additional price. Even then, my Wi-Fi will not become the bottleneck.

On the other hand, Ubiquiti doesn’t yet have Wi-Fi 6 based APs, so none of their APs are capable of 1Gbps real-world throughput. The most they could get with the UAP-AC-HD is in the 700 Mbps real-world throughput, so if they plan to get 1 Gbps Internet, the Wi-Fi system will be the bottleneck until they get both clients and APs capable of Wi-Fi6.

In my opinion, if one invests in a prosumer-level networking equipment in the house, it’s better to spend a little more and get a system that doesn’t need to be forklifted for at least 5 years. I think that the UAP-AC-HD would be a solid investment for the next 5 years as long as you are not chasing gigabit throughput, especially because existing older clients will not be able to take advantage of Wi-Fi 6 AP system. The UAP-nanoHD is too much of a compromise to keep for the next 5 years, as most homes in the US will definitely have internet bandwidth exceeding 400 Mbps in the next few years, and the UAP-nanoHD would become the bottleneck to such download bandwidths.

In no way would I recommend the UAP-AC-Pro or UAP-AC-LITE for a home. One would be much better off with the a couple 2013 AirPort Extremes or Time Capsules for a house. It doesn’t mean that these two AP models have no business use case anymore. A large warehouse where wireless scanners are used is one such example. A hotel is another example. But, these models are too weak to provide modern Internet bandwidth in a house unless your Internet bandwidth doesn’t exceed 100 Mbps. But even in that case, these models are so old and their chipsets are so weak and outdated that investing in these units (unless you have to buy dozens or hundreds of them) makes no sense, as you are not saving a lot of money but are setting yourself up for another upgrade in the near future.

I vacation in an amazing area of Quebec, where the maximum Internet bandwidth available to home owners is 30 Mbps. In such areas, I would not hesitate recommending the UAP-nanoHD. There would be absolutely no reason to deploy the UAP-AC-HD there.

The nice part about Ubiquiti is you can replace your APs very easily without having to replace all the routing and switch hardware behind it, just unplug one and plug in the next, have your UniFi controller provision it, you're done. As you said, none of their APs are WiFi 6 yet so why have this person spend $300 on an HD when they can spend $75 on a LITE? A year or two from now if they want WiFi 6 of have found that their AP doesn't keep up with whatever their current service is they can then replace that $75 AP with whatever is latest with most recent standards support and probably still be under your $300 price point total.

I've had LITEs and Pros in my homes before and both saturated the 300Gb service I had at the time. I have nanoHDs in all locations now and they fully saturate even with much more bandwidth available. I have multiple drops because my homes are large but I have no coverage problems. Knowing more about this specific persons use case would help us tailor a recommendation but in my opinion you are needlessly pushing an overbuilt solution. Maybe they don't care about the price and just want to go with the big 4x4 MU-MIMO in which case sure, go for it (I have more than I need as I'm not price sensitive either) but that isn't the blanket starting position for most home or even small business users.
 
  • Like
Reactions: tennisproha
The nice part about Ubiquiti is you can replace your APs very easily without having to replace all the routing and switch hardware behind it, just unplug one and plug in the next, have your UniFi controller provision it, you're done. As you said, none of their APs are WiFi 6 yet so why have this person spend $300 on an HD when they can spend $75 on a LITE? A year or two from now if they want WiFi 6 of have found that their AP doesn't keep up with whatever their current service is they can then replace that $75 AP with whatever is latest with most recent standards support and probably still be under your $300 price point total.

I've had LITEs and Pros in my homes before and both saturated the 300Gb service I had at the time. I have nanoHDs in all locations now and they fully saturate even with much more bandwidth available. I have multiple drops because my homes are large but I have no coverage problems. Knowing more about this specific persons use case would help us tailor a recommendation but in my opinion you are needlessly pushing an overbuilt solution. Maybe they don't care about the price and just want to go with the big 4x4 MU-MIMO in which case sure, go for it (I have more than I need as I'm not price sensitive either) but that isn't the blanket starting position for most home or even small business users.
Agree. As you can see, I’m not suggesting the UAP-AC-SHD or UAP-AC-XG because those would be an overkill.

Of course it all depends on his environment and needs. But, IMHO, there’s no reason to go with UniFi today if he gets the AP-Pro or AP-LITE. There are many consumer-grade systems out there that outperform these models that include the router and are much easier to configure. The only reason to go with UniFi over modern consumer-grade home networking gear is to put together a system superior to the consumer-grade mesh systems. Neither UAP-AC-Pro nor UAP-AC-Lite or LR would be superior to modern consumer-grade mesh systems. in fact, Ubiquiti will most likely discontinue these models soon, as they are quite old and outdated.
 
Agree. As you can see, I’m not suggesting the UAP-AC-SHD or UAP-AC-XG because those would be an overkill.

Of course it all depends on his environment and needs. But, IMHO, there’s no reason to go with UniFi today if he gets the AP-Pro or AP-LITE. There are many consumer-grade systems out there that outperform these models that include the router and are much easier to configure. The only reason to go with UniFi over modern consumer-grade home networking gear is to put together a system superior to the consumer-grade mesh systems. Neither UAP-AC-Pro nor UAP-AC-Lite or LR would be superior to modern consumer-grade mesh systems. in fact, Ubiquiti will most likely discontinue these models soon, as they are quite old and outdated.

There's logic to that. They could be more concerned about the routing and switching functions than the APs though too. If they are looking for VPN, VLAN, secure remote management, etc... those are all features I'd rather have EdgeOS devices handling than any current consumer offering from NetGear or the like. If the APs are just providing connectivity for a bunch of low bandwidth IoT devices and the occasional show on Netflix or HBO GO to their iPhone/iPad then the Lite is already overkill and they may get a lot of benefit from the other Ubiquiti products. If they are hosting online gaming parties while viewing multiple UHD streams and downloading TBs of data each month all without cables then maybe they need more substantial WiFi. In any case I think we've provided a lot of good information in this thread and they can make an educated decision of what will work best for their use case. Thanks for sharing!
 
which router do you use?
USG3's, USG4's, Apple Airports.
[automerge]1571252891[/automerge]
Agree. As you can see, I’m not suggesting the UAP-AC-SHD or UAP-AC-XG because those would be an overkill.

Of course it all depends on his environment and needs. But, IMHO, there’s no reason to go with UniFi today if he gets the AP-Pro or AP-LITE. There are many consumer-grade systems out there that outperform these models that include the router and are much easier to configure. The only reason to go with UniFi over modern consumer-grade home networking gear is to put together a system superior to the consumer-grade mesh systems. Neither UAP-AC-Pro nor UAP-AC-Lite or LR would be superior to modern consumer-grade mesh systems. in fact, Ubiquiti will most likely discontinue these models soon, as they are quite old and outdated.
They may be outdated, but so are most portable devices. Most portable, mobile devices skipped from 802.11AC 2x2 to 802.11AX.

802.11AC 3x3 is uncommon in the wild, and MU-MIMO is also uncommon and usually handicapped by all the Wave1 devices.

IMO Any AP that is Wave2 at this point is worth skipping. Save your money and get a Wave1 to tide over, and get an WIFI6/AX when they become available.
 
  • Like
Reactions: tennisproha
USG3's, USG4's, Apple Airports.
[automerge]1571252891[/automerge]

They may be outdated, but so are most portable devices. Most portable, mobile devices skipped from 802.11AC 2x2 to 802.11AX.

802.11AC 3x3 is uncommon in the wild, and MU-MIMO is also uncommon and usually handicapped by all the Wave1 devices.

IMO Any AP that is Wave2 at this point is worth skipping. Save your money and get a Wave1 to tide over, and get an WIFI6/AX when they become available.
Interesting perspective. Wi-Fi 6 is definitely a more preferable way to go, but not many manufacturers have released the APs with Wi-Fi 6. I would say that if Wi-Fi is mostly used for consuming the Internet, one should consider Internet offerings in the area and the current pricing structure. In some areas, Gigabit Internet is pervasive and inexpensive, so waiting for Wi-Fi 6 would be the way to go. In other areas, Gigabit Internet may not be available for another 5 years or be too expensive, but having 500 Mbps may be a viable option, so going with Wave 1 to "tide over" could be a waste of money because the gear would become the bottleneck to the Internet.

This is what Cisco published today about Wi-Fi 6 and how quickly they are planning to upgrade their own corporate Wi-Fi infrastructure to Wi-Fi 6:

Wi-Fi 6 Product Availability
"Cisco Catalyst 9100 Series Access Points and Cisco Meraki MR45/MR55 Series Access Points support Wi-Fi 6 today, as well as various client devices from the likes of Samsung, Intel, and Apple, just to name a few. With more Wi-Fi 6 capable devices expected throughout late 2019 and beyond as this shift continues.
Yet, as with any new industry standard, full adoption of Wi-Fi 6 in enterprise networks and the device ecosystem won’t happen overnight. This is true for Cisco’s internal networks, as we will roll out a Wi-Fi 6 solution in phases over a multi-year period. Given the scope of the undertaking, this will be a transition effort for the foreseeable future, and we expect to support a mix of Wi-Fi 6 and earlier-standard devices for some time."

"Around the globe, the Cisco enterprise network connects nearly 13,000 access points across more than 400 wireless LAN controllers. For user devices, we serve about 135,000 Cisco-owned laptops today, none of which support the latest Wi-Fi 6 capabilities. However, the 802.11ax standard continues to allow for backwards compatibility with devices that operate under the earlier 802.11a/b/g/n/ac standards. This compatibility means we can migrate to laptops that are Wi-Fi 6 capable gradually and with relative ease, as part of our ongoing fleet refresh."

So, as you can see, the fact that Wi-Fi 6 was finalized just a month ago doesn't necessarily mean that everyone must upgrade to Wi-Fi 6 infrastructure immediately. Even the companies that are already making Wi-Fi 6 APs, like Cisco, are planning to continue using Wi-Fi 5 for years to come before they upgrade to Wi-Fi 6.
 
So lets say hypothetically you came across someone who pretty much fits this description...say, 4000sq feet of house with Cat5 ethernet in most rooms. what devices would you suggest here?

A colleague of mine has a wired backbone and says that the UniFi AP is a superb product, although it needs a management node (or you can use their cloud service). My house isn't wired so it was a none starter for me.
 
Agree. As you can see, I’m not suggesting the UAP-AC-SHD or UAP-AC-XG because those would be an overkill.

Of course it all depends on his environment and needs. But, IMHO, there’s no reason to go with UniFi today if he gets the AP-Pro or AP-LITE. There are many consumer-grade systems out there that outperform these models that include the router and are much easier to configure. The only reason to go with UniFi over modern consumer-grade home networking gear is to put together a system superior to the consumer-grade mesh systems. Neither UAP-AC-Pro nor UAP-AC-Lite or LR would be superior to modern consumer-grade mesh systems. in fact, Ubiquiti will most likely discontinue these models soon, as they are quite old and outdated.

which consumer router outperforms Ubiquiti?
I have netgear, and while the performance is satisfactory you do need the occasional restart and there are privacy concerns.
 
which consumer router outperforms Ubiquiti?
I have netgear, and while the performance is satisfactory you do need the occasional restart and there are privacy concerns.
You want an example? Check these out.

They are all Wi-Fi 6, and there's an Orbi Wi-Fi 6 mesh system. All of them will outperform the UAP-AC-Pro / UAP-AC-Lite / UAP-AC-LR.

They will also outperform the UAP-nanoHD and UAP-IW-HD.
 
Ubiquiti routers seem interesting. Especially since they’re targeted towards enterprise. But idk how good they are compared to these Netgear and Linksys.

I’ve been thinking about getting their consumer-targeted Amplifi but it just seems too constrained in features compared to the business-line Unifi.
That's what I ended up doing. I had been through a few Netgear $250 routers then a Orbi system and could never get good coverage of the home.

It wasn't cheap but had a network company come run cable then installed 3 UniFi access points. No longer have any issues. Definitely worth it if you plan to live in your home for many years and it's affordable.

They don't have a Wifi 6 product yet but probably next year. The access points are easy enough to upgrade once wire is in place.
 
Last edited:
  • Like
Reactions: tennisproha
Here’s my advice. Get UAP-AC-HD (more than one if needed) and get a pfSense box. If you need just simple POE Ethernet Switch, you can get an 8-port or 16-port UniFi switch. Just make sure the one you get supports 803.3at (POE+) in order to be able to power the UAP-AC-HD. however, be advised that the UniFi switches have a very stripped down feature set. By no means are the UniFi switches enterprise class switches. They are not even suitable for medium-size business. They are fine for small business and for prosumers.

if you want to get more than one AP, you could get the UAP-nanoHD or UAP-IW-HD, but use it only as a supplementary AP, not your primary AP unless you live in a very small place (less than 1,500 sq ft). If you live in a small place, you can go with the nanoHD or IW-HD as your primary AP. Do not buy the UAP-AC-Pro. Those are 2nd generation APs and are outdated at this point. They choke up on the traffic especially if there are a couple dozen clients associated with them. The chipset is extremely old. This chipset hadn’t been used even in consumer-grade equipment for five years now.

As for the Edge line vs the UniFi line, there’s centralized monitoring software used for the Edge line (not the same as UniFi controller), but it’s not used for configuration but for the monitoring and reporting only. The Edge line is more feature rich than the UniFi line, but the Edge routers are much more difficult to configure. You really need to be a network engineer or technician or admin to be able to configure the Edge routers. The Edge switches can be configured in the web GUI, so they are not so difficult to configure.

Bothe the Edge and the UniFi routers are using extremely weak chipsets. They can’t handle encrypted traffic well at all. Only the new Dream Machine Pro (from the UniFi line) has adequate horsepower, but the firmware is so lacking that it has almost no features outside of basic routing. Even consumer-grade routers have much wider feature sets. Perhaps in a year or two, the Dream Machine Pro May become a decent router for a small business or prosumer. It has a rack mountable form factor, though.

Just for your information, none of the Ubiquiti equipment is enterprise-class gear. None of the routers or switches are suitable for a large or even medium size business. The Edge line is a solid offering for a small business (under 100 people). The UniFi line is only suitable for very small business, but it’s a pretty good offering for the prosumers or large houses. The only Ubiquiti product that I would not hesitate put in a medium-size business (between 100 and 500 users) are the UniFi APs, but only UAP-AC-HD or more expensive ones.
Do not buy UAP-AC-Pro. Do not buy the UAP-nanoHD unless you live in a place that’s less than 1500 sq ft. Go with the UAP-AC-HD.

As for the UniFi Security Gateway vs EdgeRouter, they are not driven by the same controller. Security Gateway is configured using the UniFi Controller. The EdgeRouter is configured via CLI directly on the router. They are only interchangeable in the same sense that any router can be replaced with any other router as long as both support the same features being used on the network. If you go with the EdgeRouter and the UniFi APs, you will have to configure the EdgeRouter using its CLI and configure the APs using the UniFi Controller. As for POE, you can buy Ubiquiti POE+ injectors or buy a POE+ UniFi or Edge switch.

Ubiquiti has several POE types that they use. In the Edge line, they used to only have what they call Passive POE. They had two types of Passive POE: 24V and 48V. The newer UniFi APs use the 802.3at and 802.3af POE standards. The 24V Passive POE is not compatible with 802.3 POE. The 48V passive POE can be used with 802.3 POE, but you have to be very careful or you can damage the connected equipment. If I were you, I would only buy a switch or a router that supports 802.3 POE and not the Passive POE. I think some new Edge switches support 802.3 POE (both .af and .at). The NanoHD can be powered by 802.3af or 802.3at (POE+). The UAP-AC-HD requires 802.3at (POE+).

Also, if you are using more than one AP, make sure you will be using wired backhaul (each AP is connected with an Ethernet Cable). UniFi APs have a poorly implemented wireless backhaul, and I would never recommend using wireless backhaul with them. Additionally, they don’t have three radios so that one can be dedicated to the wireless backhaul. Basically, you will need to make sure that every location where an AP will be installed should have an Ethernet Cable running to the POE+ switch port.

i would not recommend either the EdgeRouter or UniFi Security Gateway. Instead, get a pfSense box.

Frankly, if you are not proficient in computer networking, I would recommend going with Ubiquiti AmpliFi over UniFi. AmpliFi has everything a home user would need. Unfortunately, they cannot be powered by POE, but they can use wired (and wireless) backhaul. Again, I would recommend using the wired backhaul if you can make sure there’s an Ethernet Cable running to every AmpliFi unit. AmpliFi is so much easier to configure than a hodgepodge that you would otherwise end up with (UniFi, Edge, and pfSense).
You can use UniFi and EdgeOS items together, they just aren't controlled with the same controller software. All your UniFi devices are controlled with either your cloud key device or with the controller software installed on a PC/server somewhere on your network (or even cloud hosted). You could also SSH into any of those devices and control them directly if you prefer. EdgeOS (EdgeRouter and EdgeSwitch) all have typical web front ends for common management functions. That web front end also has a command line interface gateway so you can issue commands to it like you would from a CLI shell; of course you could just SSH into them too. There's also UNMS as a centralized method to connect to all your EdgeOS devices, it's not an aggregated controller like the UniFi controller, more of an easy way to interact with each device.

In any case, it's not like the devices aren't compatible with each other, having a network with a mixture of EdgeOS and UniFi devices is just fine, you just can't take advantage of the centralized UniFi controller to manage your EdgeOS items. I wouldn't let that stop me from choosing EdgeOS items though, if you feel EdgeRouter or EdgeSwitch better meet your needs but want to run UniFi APs and a USG I'd say go for it.

As to POE, there are UniFi switches with it. There are a couple 8 port switches with POE (either 60w or 150w I believe). You could get the little USG and a 8 port POE. They have bigger options too but they would likely start getting expensive for the average home user or small business (sorry you may have said what your use case was but I either missed it or forgot). I don't view Ubiquiti as offering a single box that does everything like picking up a typical NetGear WiFi router, I view them as modular and I pick up the combination of devices that do exactly what I'm trying to accomplish. That results in a multiple devices in my homes but I'm happier with the results.

I don't know anything about the Dream Machine the other poster referenced, I've never used one (or even seen it for that matter). I disagree about their assessment of the APs though. I've worked with nanoHDs and had nothing but good experiences. I also disagree with their recommendation to jump right to the UAP-AC-HD, that would be overkill for most home (and even small business) networks. Unless you're running a hotel/convention center (something with pretty high user density where you can make good use of MU-MIMO) you'll be more than good with the UAP-AC-PRO or even the UAP-AC-LITE. Depending on the size of your home or business you'd be ahead to pick up 2/3/4/more UAP-AC-LITEs and distribute them well to provide good signal coverage rather than wasting money on a single (or multiple) UAP-AC-HD. That said, if this is a home deployment and you have an average size house a single centrally located LITE is usually enough all on its own. Larger homes and offices can benefit from multiple drops positioned to avoid dead zones.

I've also never worked with the In Wall units that the other poster said were buggy so I don't have any opinion on that.

Hope that helps.
Apologies for the late reply. First off, I just want to thank sirozha for taking the time to provide all this great insight. It’s been truly informative. I’ve also read through the discussion between sirozha and thisisnotmyname and have found some great advice. I actually agree with the points both of you made, so although I have a much better understanding of these systems, I’m unsure what would make better sense for my use case. I wholeheartedly agree with sirozha’s philosophy of building a robust network but I’m also contemplating thisisnotmyname’s point about the cost of doing so. If I may ask, I’d like to present my use case and get some feedback from both of your viewpoints on what setup you’d recommend. I really appreciate all this help.

My goal is to setup a very secure and private network that is robust enough to expand into over time. Along with throughput, latency is also important to me. I would like remote access if it’s not a compromise. I’d like the option to convert at least 3 currently wireless devices to wired, ability to create multiple networks like a guest network and possible others, add future network external storage connectivity, future VPN setup, possibly future self-monitored camera security. I’m not one who opts to buy the latest new thing. I’d much rather have a quality setup that will be supportive of upgrades for years to come, which I understand isn’t always possible with technology.

This is for a home environment. It would be multi-user and multi-use with remote work from home access of enterprise and financial systems along with the usual home entertainment stuff. It’s an entirely Apple ecosystem so definitely needs to be Mac friendly. The house itself is about 2500 sq/ft on a property of about 6000 sq/ft. Most of the wireless devices are usually about a 25 feet radius from the center point of the house, but I would like coverage on the whole property. We currently have Cat 5 connections in all rooms and to the ONT, then it’s fiber (FTTP); and a self-installed solid copper coax to the house cable node. I currently have a spool of Belden Cat 6 that I intend to replace in place of the Cat 5. We’re provisioned for Comcast cable and ATT fiber. I have Comcast right now. Had their 150 Mb connection but it wasn’t being fully utilized so I downgraded to the 50 Mb. They recently upgraded the 50 to a 75 Mb. We can also get gigabit with either service but it’s a bit expensive at the moment.

My setup right now is a Zoom modem with an Airport Express 2nd gen router. The wireless maxes out around 60 Mb hence why I downgraded the plan until I could put in a better setup. Every single device is wireless, around 8, but I’d like to wire things like the Mac and Apple TVs. Currently I get a bit of load lag and sporadic connection freezes and timeouts.

Touching on security, I’m a bit weary of Netgear and Linksys because of their recent security flaws. Considered Amplifi but didn’t like their lack of network storage and something else I can’t remember right now. Unifi AP seems like a good bet but not sure about the router, switch, controller, cloud key, etc. I was hoping to mount an AP centrally to the ceiling but I’m open to other options. Another option is to just wait for WiFi 6 integration since it seems not too far off and continue with the Airport for now.

Sorry this is so long! Thanks for reading and any more feedback!
 
Apologies for the late reply. First off, I just want to thank sirozha for taking the time to provide all this great insight. It’s been truly informative. I’ve also read through the discussion between sirozha and thisisnotmyname and have found some great advice. I actually agree with the points both of you made, so although I have a much better understanding of these systems, I’m unsure what would make better sense for my use case. I wholeheartedly agree with sirozha’s philosophy of building a robust network but I’m also contemplating thisisnotmyname’s point about the cost of doing so. If I may ask, I’d like to present my use case and get some feedback from both of your viewpoints on what setup you’d recommend. I really appreciate all this help.

My goal is to setup a very secure and private network that is robust enough to expand into over time. Along with throughput, latency is also important to me. I would like remote access if it’s not a compromise. I’d like the option to convert at least 3 currently wireless devices to wired, ability to create multiple networks like a guest network and possible others, add future network external storage connectivity, future VPN setup, possibly future self-monitored camera security. I’m not one who opts to buy the latest new thing. I’d much rather have a quality setup that will be supportive of upgrades for years to come, which I understand isn’t always possible with technology.

This is for a home environment. It would be multi-user and multi-use with remote work from home access of enterprise and financial systems along with the usual home entertainment stuff. It’s an entirely Apple ecosystem so definitely needs to be Mac friendly. The house itself is about 2500 sq/ft on a property of about 6000 sq/ft. Most of the wireless devices are usually about a 25 feet radius from the center point of the house, but I would like coverage on the whole property. We currently have Cat 5 connections in all rooms and to the ONT, then it’s fiber (FTTP); and a self-installed solid copper coax to the house cable node. I currently have a spool of Belden Cat 6 that I intend to replace in place of the Cat 5. We’re provisioned for Comcast cable and ATT fiber. I have Comcast right now. Had their 150 Mb connection but it wasn’t being fully utilized so I downgraded to the 50 Mb. They recently upgraded the 50 to a 75 Mb. We can also get gigabit with either service but it’s a bit expensive at the moment.

My setup right now is a Zoom modem with an Airport Express 2nd gen router. The wireless maxes out around 60 Mb hence why I downgraded the plan until I could put in a better setup. Every single device is wireless, around 8, but I’d like to wire things like the Mac and Apple TVs. Currently I get a bit of load lag and sporadic connection freezes and timeouts.

Touching on security, I’m a bit weary of Netgear and Linksys because of their recent security flaws. Considered Amplifi but didn’t like their lack of network storage and something else I can’t remember right now. Unifi AP seems like a good bet but not sure about the router, switch, controller, cloud key, etc. I was hoping to mount an AP centrally to the ceiling but I’m open to other options. Another option is to just wait for WiFi 6 integration since it seems not too far off and continue with the Airport for now.

Sorry this is so long! Thanks for reading and any more feedback!
For a 2500 sq ft house, you can mount one UAP-AC-HD centrally, and it should cover the entire house. You should be able to have 500 Mpbs throughout the house or better with just one UAP-AC-HD. I would not recommend any other AP for your use case. I would definitely not recommend 2nd generation UAPs (read my comments above in this tread). I would also not recommend the UAP-nanoHD unless you decide to buy two of them. Personally, I've had so many issues with the UAP-IW-HD (same chipset and same firmware as UAP-nanoHD) that I would stay away from both. There are also numerous threads on the Ubiquiti forums (UI.com) about all the issues that the nanoHDs had. On the other hand, the UAP-AC-HD has been really solid for me.

For the firewall/router I would not recommend anything made by Ubiquiti. None of their mature routers (from the UniFi or from the Edge lines) have powerful enough hardware to handle decent encrypted throughputs. So, if you are interested in VPN tunnels to your house terminated by your router/firewall, don't go with anything made by Ubiquiti. They have a new device that's still in beta called UniFi Dream Machine Pro that has powerful enough hardware to handle encrypted traffic at decent throughputs, but the firmware for this new platform is based on a different code base than their legacy firewalls/routers, and the feature set is so narrow right now that they don't even support any kind of VPN yet.

If you asked me, I would go with pfSense for your firewall. You can run it pretty much on any hardware you wish. A lot of people run it on miniature computers. Personally, I run it on a miniature computer platform made by Compulab (an Israeli company). The Computlab platform that I use it on is called Fitlet. When running pfSense, it can do LAN-to-WAN routing at about 750 Mbps. With IPSec VPN encryption, the LAN-to-WAN throughput is 170 Mbps. I've had this computer running pfSense for over 3 years now with not a single reboot required. It's a rock-solid system. Since I bought mine, Compulab released Fitlet2, which has a much more powerful CPU in it. The Fitlet 2 can do LAN-to-WAN routing at line speed of 1 Gbps. Encrypted throughout is much better than 170 Mbps on this platform. I haven't tested a Fitlet2 yet, but as soon as Gigabit Internet become available in my area, I will buy a Fitlet2 to replace my Fitlet. There are other hardware platforms that you can buy to run pfSense. Also, they have their own hardware for sale. If you buy a third-party system (like Fitlet2), you can download pfSense for free. The Fitlet2 comes as barebones, so you need to buy the SDD and RAM separately and assemble it yourself. I'm running my pfSense on 4 GB of RAM and 32 GB of SSD, and that's plenty. Additionally, Fitlet2 has add-on cards that they call Facet cards. One of those cards is a POE Facet that allows the system to be powered by POE. It costs $45, and IMHO, it's well worth it so that don't need an extra UPS-protected outlet to plug in your firewall.

As for the Ethernet switch, you can buy an 8-port or 16-port UniFi switch that support POE+ (802.11at). In order to power the UAP-AC-HD, you must have POE+. For UAP-nanoHD, you are okay with POE (802.11af). The UniFi switches have very narrow feature sets, but the feature set is sufficient for what you are trying to do. They support 802.1q VLAN tagging and POE/POE+, and that's all that you will need from a switch. One downside of UniFi switches is that they don't have any Layer 3 switches. Therefore, if you build your network in such a way that there will be a lot of traffic between different VLANs/subnets, the inter-VLAN routing will have to happen at the router/firewall. Ideally, you would want to inter-VLAN route at a Layer 3 switch because doing so at the router/firewall can over-utilize the uplinks between the switch(es) and the router/firewall. Additionally, you would load the router/firewall with inter-VLAN routing traffic, which may affect the throughput from/to the Internet. However, in reality, it would be unlikely to create so much traffic between VLANs/subnets that you would over-utilize the uplinks to the router/firewall or over-utilize the router/firewall's CPU with inter-VLAN traffic. Nevertheless, when designing your network, you should keep in mind that the hosts that would send a lot of traffic to each other should be on the same VLAN/subnet to preclude sending this traffic upstream to the router/firewall unless you MUST firewall the traffic between such hosts.

All in all, UniFi and Edge equipment is fine for a prosumer environment and for small business. Edge is supposedly targeted at Mom-and-Pop's service providers and to third-world countries that cannot afford real enterprise-network equipment. Ubiquiti claims that Edge line is enterprise-class, but it's not the case. It's can only be considered enterprise-class in poor third-world countries. In the US, I would never recommend it even for a medium-size business. It belongs squarely in the small business niche. I know that there are some small rural ISPs in the US that are running almost exclusively on Ubiquiti Edge equipment, but this is its own niche, as they don't do a lot of LAN switching in their environment, and they operate on such narrow margins that they can't afford Cisco or Juniper or Arista. The only Ubiquiti product I wouldn't hesitate to recommend for a medium-size business is their APs and only UAP-AC-HD or more expensive ones.

UniFi routers and switches are even less "enterprise-class" than Edge and is only good for very small business IMHO. However, UniFi is excellent for prosumers and very large residences except for their USG (UniFi Security Gateways, aka firewalls for the reason mentioned above). It's unfortunate that one has to resort to a non-Ubiquiti router/firewall while having the rest of equipment made by Ubiquiti, but that has been going on for years now. Hopefully, the UniFi Dream Machine Pro will become the firewall of choice once Ubiquiti fully develops its firmware. However, I wouldn't be holding my breath on that, as Ubiquiti has promised to fix their USG feature set for years now but has not done much. With the introduction of the new router/firewall platform (UniFi Dream Machine and Dream Machine Pro), it's unlikely that they will be using their development resources on the legacy USG platform, but it's also unclear how many more years it will take them to make the Dream Machine platform into a decent firewall.

You can run the UniFi controller in Windows, macOS, Linux or on the dedicated piece of Ubiquiti hardware called the CloudKey. The regular CloudKey is about $75 and it will do everything that you need for your network. You can also buy a more expensive newer CloudKey Gen2, which can also run UniFi Protect (the new video camera server) and even UniFi Talk (the new VoIP PBX - still in beta), but unless you are going to install Ubiquiti cameras, I would just go with the regular CloudKey to save money. Unless you are interested in gathering statistics from your UniFi equipment to look at trends, you don't even have to run UniFi controller on your network. You can just fire it up on your Mac when you need to change something on the network; it's not required for the network to operate. Moreover, you can even set up your APs and UniFi switches with an iPhone app without the UniFi controller. I haven't used the iPhone app with my equipment, and I heard that not all features are available via the app, but you can try to see if you even need the controller to begin with. One very useful feature of the UniFi controller is the DPI information (Deep Packet Inspection). However, this feature works only if you have a USG on the network, but USG is a very limited firewall (feature-wise) and it has terrible encrypted throughput (to the tune of less than 20 Mbps). Ubiquiti refuses to repurpose the legacy USG as the DPI probe only, so you are either stuck with an inferior firewall and DPI capability in UniFi controller, or if go with a third-party firewall, there will not be any DPI available in UniFi Controller. So, all in all, the controller may not be necessary at all in your environment if you go with a third-party router/firewall like pfSense.
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.