Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
6966 posts

Uber Geek

Trusted
Subscriber

  # 2333240 9-Oct-2019 10:24
Send private message quote this post

Hi, Mikrotik dont suppot UTM type features such as ips and and content filtering (and as such dpi), and typically unless you have a complete solution for such as with a product like Fotigate, WatchGuard, Palo Alto et al, then I dont think I would usefully use it on a USG anyway, but I may be wrong.

 

Cyril


6966 posts

Uber Geek

Trusted
Subscriber

  # 2333241 9-Oct-2019 10:24
Send private message quote this post

Hi, Mikrotik dont suppot UTM type features such as ips and and content filtering (and as such dpi), and typically unless you have a complete solution for such as with a product like Fotigate, WatchGuard, Palo Alto et al, then I dont think I would usefully use it on a USG anyway, but I may be wrong.

 

Cyril


 
 
 
 


2848 posts

Uber Geek

Trusted
Lifetime subscriber

  # 2333263 9-Oct-2019 10:56
Send private message quote this post

Yoban:

 

@bartender - how has been the performance of the USG-Pro with dpi and ips enabled? Seems the end users have not noticed assuming it is enabled.

 

 

DPI is enabled and it's "okish" / "ok enough" but I wouldn't consider it a full stack solution as it isn't particularly configurable so I wouldn't consider it as a selling point

 

Haven't enabled the IDS/IPS as all the hardware offload gets disabled, as our office just needs raw internet rather than anything special. I could try turning it on and seeing if anyone complains but again I don't think it's a selling feature as I would look down the port mirroring path and install Zeek or similar IDS.






6966 posts

Uber Geek

Trusted
Subscriber

  # 2333267 9-Oct-2019 11:00
Send private message quote this post

 

 

Haven't enabled the IDS/IPS as all the hardware offload gets disabled, as our office just needs raw internet rather than anything special. I could try turning it on and seeing if anyone complains but again I don't think it's a selling feature as I would look down the port mirroring path and install Zeek or similar IDS.

 

Yep, and as with us, we remote span and use Suricata, not a home solution, personally not sure why you would want such detailed content filtering and monitoring at home.

 

Cyril

 


3958 posts

Uber Geek

Trusted

  # 2333287 9-Oct-2019 11:31
Send private message quote this post

Ubiquiti Nano HD for AP's. Trademe a used Fortigate 30E, 50E or 100D unless you want to buy new. Dahua 8MP IP cameras on a dedicated NVR or decent PC running NX Witness as VMS.





Do whatever you want to do man.

  



4 posts

Wannabe Geek


  # 2333303 9-Oct-2019 12:21
Send private message quote this post

Hi All,

 

Thanks very much for the messages / advice etc. 

 

A bit more info from me and my wants & needs:
I'm reasonably technical but networking-wise I want a solution that will be fairly easy to set up and maintain. I like the thought of using all the same brand and having a nice overview from that. I'm not going to be doing anything too technical with the setup. Would using the mikrotik router (RB750Gr3) make things harder to set up?

 

I'll look at the newer Unifi nano-HD AP's - sounds like I might need more of those as opposed to the 2 I was originally thinking about. 

 

Thanks Handle9 for the cabinet info, that sounds a good plan re height and size.

 

Does anyone have any thoughts on which Unifi switch(s) I should go for given my set up?

 

Patch panels - are they much of a likeness? 

 

 


4205 posts

Uber Geek


  # 2333362 9-Oct-2019 13:39
One person supports this post
Send private message quote this post

Stick with the USG. Mikrotik is awesome, but it's just too much of a learning curve for the normal user.

 

Plan on two nanoHD's and cable for a third just in case. You don't want too 'over saturate' the house and I think you will be pleasantly surprised with the nanoHD's.

 

Unifi switches just complete the set up. It would be a shame to use anything else if you are going to buy a cloud key. It all depends on what you are willing to spend, you will obviously pay a premium for a 24-port PoE switch, but then you will never have to worry what you plug in - it will just work. Or you can for a smaller 8-port PoE, and then grab a non-PoE for the rest - but still get all Unifi switches.

 

Just go Dynamix patch panels.


 
 
 
 




4 posts

Wannabe Geek


  # 2333535 9-Oct-2019 20:19
Send private message quote this post

chevrolux:

 

Stick with the USG. Mikrotik is awesome, but it's just too much of a learning curve for the normal user.

 

Plan on two nanoHD's and cable for a third just in case. You don't want too 'over saturate' the house and I think you will be pleasantly surprised with the nanoHD's.

 

Unifi switches just complete the set up. It would be a shame to use anything else if you are going to buy a cloud key. It all depends on what you are willing to spend, you will obviously pay a premium for a 24-port PoE switch, but then you will never have to worry what you plug in - it will just work. Or you can for a smaller 8-port PoE, and then grab a non-PoE for the rest - but still get all Unifi switches.

 

Just go Dynamix patch panels.

 

 

Thanks very much for that chevrolux, much appreciated. 

 

I think I will do just that and go for the 24-port PoE. I don't have to buy the network gear for a while yet so am hoping there'll be some good sales in the next couple of months (black Friday the best?)


4205 posts

Uber Geek


  # 2333540 9-Oct-2019 20:33
Send private message quote this post

Ubiquiti stuff doesnt really go on sale, you'll pay around 5-600 for a 24 port PoE unifi switch. To be fair, the cost of a switch will be a drop in the hat compared to everything else you will he paying for the new build haha!



4 posts

Wannabe Geek


  # 2333542 9-Oct-2019 20:41
Send private message quote this post

Ha, yes very true! Our house we currently live in goes on the market in the next couple of weeks so I'll be happier once I know what we're getting for that!

 

$500-$600 sounds cheap, the best I can see for it is $729 from DTC Systems.


187 posts

Master Geek


  # 2335515 11-Oct-2019 12:59
Send private message quote this post

billgates:

 

Ubiquiti Nano HD for AP's. Trademe a used Fortigate 30E, 50E or 100D unless you want to buy new. Dahua 8MP IP cameras on a dedicated NVR or decent PC running NX Witness as VMS.

 

 

Gosh NX Witness is an expensive solution....does look impressive and supports Linux.

 

edit: supports linux for front and backends.


3958 posts

Uber Geek

Trusted

  # 2335527 11-Oct-2019 13:22
Send private message quote this post

Yoban:

 

Gosh NX Witness is an expensive solution....does look impressive and supports Linux.

 

edit: supports linux for front and backends.

 

 

NX Witness resell the exact same software suite to DW Spectrum which is cheaper. Even though NX Witness/DW Spectrum may seem more expensive VMS, the updates are free for life which includes the mobile app.





Do whatever you want to do man.

  

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Microsoft New Zealand Partner Awards results
Posted 18-Oct-2019 10:18


Logitech introduces new Made for Google keyboard and mouse devices
Posted 16-Oct-2019 13:36


MATTR launches to accelerate decentralised identity
Posted 16-Oct-2019 10:28


Vodafone X-Squad powers up for customers
Posted 16-Oct-2019 08:15


D Link ANZ launches EXO Smart Mesh Wi Fi Routers with McAfee protection
Posted 15-Oct-2019 11:31


Major Japanese retailer partners with smart New Zealand technology IMAGR
Posted 14-Oct-2019 10:29


Ola pioneers one-time passcode feature to fight rideshare fraud
Posted 14-Oct-2019 10:24


Spark Sport new home of NZC matches from 2020
Posted 10-Oct-2019 09:59


Meet Nola, Noel Leeming's new digital employee
Posted 4-Oct-2019 08:07


Registrations for Sprout Accelerator open for 2020 season
Posted 4-Oct-2019 08:02


Teletrac Navman welcomes AI tech leader Jens Meggers as new President
Posted 4-Oct-2019 07:41


Vodafone makes voice of 4G (VoLTE) official
Posted 4-Oct-2019 07:36


2degrees Reaches Milestone of 100,000 Broadband Customers
Posted 1-Oct-2019 09:17


Nokia 1 Plus available in New Zealand from 2nd October
Posted 30-Sep-2019 17:46


Ola integrates Apple Pay as payment method in New Zealand
Posted 25-Sep-2019 09:51



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.