New house build & network (Ubiquiti setup)

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › New house build & network (Ubiquiti setup)

1 | 2

cyril7

9075 posts

Uber Geek
+1 received by user: 2499

ID Verified

Trusted

Subscriber

#2333240 9-Oct-2019 10:24

Hi, Mikrotik dont suppot UTM type features such as ips and and content filtering (and as such dpi), and typically unless you have a complete solution for such as with a product like Fotigate, WatchGuard, Palo Alto et al, then I dont think I would usefully use it on a USG anyway, but I may be wrong.

Cyril

cyril7

9075 posts

Uber Geek
+1 received by user: 2499

ID Verified

Trusted

Subscriber

#2333241 9-Oct-2019 10:24

Cyril

BarTender

3629 posts

Uber Geek
+1 received by user: 2572

ID Verified

Trusted

Lifetime subscriber

#2333263 9-Oct-2019 10:56

Yoban:

@bartender - how has been the performance of the USG-Pro with dpi and ips enabled? Seems the end users have not noticed assuming it is enabled.

DPI is enabled and it's "okish" / "ok enough" but I wouldn't consider it a full stack solution as it isn't particularly configurable so I wouldn't consider it as a selling point

Haven't enabled the IDS/IPS as all the hardware offload gets disabled, as our office just needs raw internet rather than anything special. I could try turning it on and seeing if anyone complains but again I don't think it's a selling feature as I would look down the port mirroring path and install Zeek or similar IDS.

cyril7

9075 posts

Uber Geek
+1 received by user: 2499

ID Verified

Trusted

Subscriber

#2333267 9-Oct-2019 11:00

Haven't enabled the IDS/IPS as all the hardware offload gets disabled, as our office just needs raw internet rather than anything special. I could try turning it on and seeing if anyone complains but again I don't think it's a selling feature as I would look down the port mirroring path and install Zeek or similar IDS.

Yep, and as with us, we remote span and use Suricata, not a home solution, personally not sure why you would want such detailed content filtering and monitoring at home.

Cyril

billgates

4706 posts

Uber Geek
+1 received by user: 672

Trusted

#2333287 9-Oct-2019 11:31

Ubiquiti Nano HD for AP's. Trademe a used Fortigate 30E, 50E or 100D unless you want to buy new. Dahua 8MP IP cameras on a dedicated NVR or decent PC running NX Witness as VMS.

Do whatever you want to do man.

davec987

4 posts

Wannabe Geek

#2333303 9-Oct-2019 12:21

Hi All,

Thanks very much for the messages / advice etc.

A bit more info from me and my wants & needs:
I'm reasonably technical but networking-wise I want a solution that will be fairly easy to set up and maintain. I like the thought of using all the same brand and having a nice overview from that. I'm not going to be doing anything too technical with the setup. Would using the mikrotik router (RB750Gr3) make things harder to set up?

I'll look at the newer Unifi nano-HD AP's - sounds like I might need more of those as opposed to the 2 I was originally thinking about.

Thanks Handle9 for the cabinet info, that sounds a good plan re height and size.

Does anyone have any thoughts on which Unifi switch(s) I should go for given my set up?

Patch panels - are they much of a likeness?

Lego

Shop now for Lego sets and other gifts (affiliate link).

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user

#2333362 9-Oct-2019 13:39

Stick with the USG. Mikrotik is awesome, but it's just too much of a learning curve for the normal user.

Plan on two nanoHD's and cable for a third just in case. You don't want too 'over saturate' the house and I think you will be pleasantly surprised with the nanoHD's.

Unifi switches just complete the set up. It would be a shame to use anything else if you are going to buy a cloud key. It all depends on what you are willing to spend, you will obviously pay a premium for a 24-port PoE switch, but then you will never have to worry what you plug in - it will just work. Or you can for a smaller 8-port PoE, and then grab a non-PoE for the rest - but still get all Unifi switches.

Just go Dynamix patch panels.

davec987

4 posts

Wannabe Geek

#2333535 9-Oct-2019 20:19

chevrolux:

Stick with the USG. Mikrotik is awesome, but it's just too much of a learning curve for the normal user.

Plan on two nanoHD's and cable for a third just in case. You don't want too 'over saturate' the house and I think you will be pleasantly surprised with the nanoHD's.

Unifi switches just complete the set up. It would be a shame to use anything else if you are going to buy a cloud key. It all depends on what you are willing to spend, you will obviously pay a premium for a 24-port PoE switch, but then you will never have to worry what you plug in - it will just work. Or you can for a smaller 8-port PoE, and then grab a non-PoE for the rest - but still get all Unifi switches.

Just go Dynamix patch panels.

Thanks very much for that chevrolux, much appreciated.

I think I will do just that and go for the 24-port PoE. I don't have to buy the network gear for a while yet so am hoping there'll be some good sales in the next couple of months (black Friday the best?)

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user

#2333540 9-Oct-2019 20:33

Ubiquiti stuff doesnt really go on sale, you'll pay around 5-600 for a 24 port PoE unifi switch. To be fair, the cost of a switch will be a drop in the hat compared to everything else you will he paying for the new build haha!

davec987

4 posts

Wannabe Geek

#2333542 9-Oct-2019 20:41

Ha, yes very true! Our house we currently live in goes on the market in the next couple of weeks so I'll be happier once I know what we're getting for that!

$500-$600 sounds cheap, the best I can see for it is $729 from DTC Systems.

Yoban

453 posts

Ultimate Geek
+1 received by user: 86

#2335515 11-Oct-2019 12:59

billgates:

Ubiquiti Nano HD for AP's. Trademe a used Fortigate 30E, 50E or 100D unless you want to buy new. Dahua 8MP IP cameras on a dedicated NVR or decent PC running NX Witness as VMS.

Gosh NX Witness is an expensive solution....does look impressive and supports Linux.

edit: supports linux for front and backends.

Samsung

Shop now on Samsung phones, tablets, TVs and more (affiliate link).

billgates

4706 posts

Uber Geek
+1 received by user: 672

Trusted

#2335527 11-Oct-2019 13:22

Yoban:

Gosh NX Witness is an expensive solution....does look impressive and supports Linux.

edit: supports linux for front and backends.

NX Witness resell the exact same software suite to DW Spectrum which is cheaper. Even though NX Witness/DW Spectrum may seem more expensive VMS, the updates are free for life which includes the mobile app.

Do whatever you want to do man.

1 | 2