Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Hardware
Hardware Discussions
Hardware Firewalls - Firewalla Blue Plus vs Ubiquiti UniFi Security Gateway
Message
<blockquote data-quote="kC77" data-source="post: 983224" data-attributes="member: 92796"><p>yeah there are many great security devices out there but most have some yearly subscription....I think thats where the ubiqiti stuff is great, its cheap, fast, no subscription services at all, has most the features you would need...</p><p>Especially good when tied with its UnifiAP's! The wireless kit is brilliant too</p><p></p><p>the support is a bit weird in that there isnt really any, its more community/forum based</p><p>also it doesnt have any gateway AV, yes it does IDS/IPS/DPI/Content filtering/app control/geo blocking etc.. but there is no "AV" so if thats what your looking for, look elsewhere (fortinet/sonicwall/watchguard/sophos/paloalto etc but be prepared to pay)</p><p></p><p>there are a few different versions of the "dream machine" line</p><p>UDR - is a more home style router and wifi bundled into one cylinder type device <a href="https://eu.store.ui.com/products/dream-router-ea" target="_blank">Dream Router</a> less than £100</p><p>UDM-Pro - 1u rack everything built in including a hard drive bay for the optional protect/surveillance stuff (note the 8 port switch in this model isnt POE)</p><p>UDM-Pro SE - same as above, except it has POE ports and a 128gb ssd built in</p><p></p><p>the SE version also runs a different software /OS version, both non SE & SE are still updated and maintained, and while they share mostly the same features, the underlying OS is completely different.</p><p></p><p>if you already have a controller doing other stuff (.e.g a cloudkey) then the next-gen model is better as it can be adopted by other unifi controllers (useful if you are managing multiple sites)</p><p>[URL unfurl="true"]https://store.ui.com/products/unifi-next-generation-gateway-professional[/URL]</p><p></p><p>my biggest gripes</p><ul> <li data-xf-list-type="ul">the "dual wan" can only work as failover and not in a load balancing mode (apparently load balancing is being re-added in the next firmware revision)</li> <li data-xf-list-type="ul">stock VPN is L2TP only (also something called teleport, a unifi only take on wireguard but only works from ios/android devices) **you can using ssh install wireguard etc but needs some ssh wizardry</li> <li data-xf-list-type="ul">when a hard drive is fitted in the UDM-PRO - the fans are loud! (otherwise without a drive its silent) **Hard drive is only needed if you want to record video from unifi protect/cameras**</li> <li data-xf-list-type="ul">default setup has everything cloud based/remote access enabled, while secure and 2fa is enabled, I prefer to disable the remote access.</li> </ul><p></p><p>also worth noting from a security point.... some people were hit by the log4j vulnerability as the unif controller uses that... but unifi were ontop of this and updating super quick.... the people affected were just not updating their controllers for weeks/months.</p><p></p><p>My main reason for buying was my old draytek was EOL, and firmware no longer updated... I never run any router past its EOL date, I also needed something with faster firewall throughput and this ticked the boxes. 3.5GPS firewall throughput with DPI on in a box this cheap... that was reason enough for me.</p></blockquote><p></p>
[QUOTE="kC77, post: 983224, member: 92796"] yeah there are many great security devices out there but most have some yearly subscription....I think thats where the ubiqiti stuff is great, its cheap, fast, no subscription services at all, has most the features you would need... Especially good when tied with its UnifiAP's! The wireless kit is brilliant too the support is a bit weird in that there isnt really any, its more community/forum based also it doesnt have any gateway AV, yes it does IDS/IPS/DPI/Content filtering/app control/geo blocking etc.. but there is no "AV" so if thats what your looking for, look elsewhere (fortinet/sonicwall/watchguard/sophos/paloalto etc but be prepared to pay) there are a few different versions of the "dream machine" line UDR - is a more home style router and wifi bundled into one cylinder type device [URL='https://eu.store.ui.com/products/dream-router-ea']Dream Router[/URL] less than £100 UDM-Pro - 1u rack everything built in including a hard drive bay for the optional protect/surveillance stuff (note the 8 port switch in this model isnt POE) UDM-Pro SE - same as above, except it has POE ports and a 128gb ssd built in the SE version also runs a different software /OS version, both non SE & SE are still updated and maintained, and while they share mostly the same features, the underlying OS is completely different. if you already have a controller doing other stuff (.e.g a cloudkey) then the next-gen model is better as it can be adopted by other unifi controllers (useful if you are managing multiple sites) [URL unfurl="true"]https://store.ui.com/products/unifi-next-generation-gateway-professional[/URL] my biggest gripes [LIST] [*]the "dual wan" can only work as failover and not in a load balancing mode (apparently load balancing is being re-added in the next firmware revision) [*]stock VPN is L2TP only (also something called teleport, a unifi only take on wireguard but only works from ios/android devices) **you can using ssh install wireguard etc but needs some ssh wizardry [*]when a hard drive is fitted in the UDM-PRO - the fans are loud! (otherwise without a drive its silent) **Hard drive is only needed if you want to record video from unifi protect/cameras** [*]default setup has everything cloud based/remote access enabled, while secure and 2fa is enabled, I prefer to disable the remote access. [/LIST] also worth noting from a security point.... some people were hit by the log4j vulnerability as the unif controller uses that... but unifi were ontop of this and updating super quick.... the people affected were just not updating their controllers for weeks/months. My main reason for buying was my old draytek was EOL, and firmware no longer updated... I never run any router past its EOL date, I also needed something with faster firewall throughput and this ticked the boxes. 3.5GPS firewall throughput with DPI on in a box this cheap... that was reason enough for me. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
