My home network

Why investing in home network?

I have always liked technology. My main driver to get into IT many years ago was fascination with wireless technology and desire to understand how it is possible to send or receive a file and do other things via the air that surrounds us. I have done lots of infrastructure work and this has led to me wanting to get more insight and control with what’s happening on my home network. I have stopped using standard ISP equipment companies provide when you sign up for broadband service as I have always found them poor in quality with regards to performance and with very limited controls and functionality. I have used various equipment at home such as Asus routers with custom firmware, Fortigate, Meraki and pfSense, up until…

I have started hearing more and more about Ubiquiti. Few of my friends have started using their WiFi equipment at home. I have done my research and decided to purchase two wireless access points (UAP AC-Pro). I have set up a controller on my MacOS server and provisioned them. My wireless at home has become rock solid, reliable and much faster than before after tweaking various features new devices offered. I was absolutely amazed by the performance, stability and amount of configuration options. At this point I have asked myself, should I go all in with Ubiquiti? It seemed like a no brainer, so I have gone ahead and purchased the following in addition to my two UniFi AP AC-Pro’s:
UniFi Security Gateway (USG-3P)
UniFi Switch 8 150W (x2)
UniFi Cloud Key

Let’s take a closer look at the hardware:

UniFi Security Gateway (USG-3P)

It’s a router and firewall that sits at the perimiter between your LAN and the WAN (I am using Virgin Superhub 3 in modem mode). It’s a very lovely looking device (as it’s all Ubiquiti’s equipment). The specs are as follow:
– Dual-Core 500 MHz, MIPS64 with Hardware Acceleration for Packet Processing,
– 512 MB DDR2 RAM, 2 GB On-Board Flash Storage.
I have configured it as my DHCP server, it’s running DPI, GeoIP filtering and few other additional services. I am also going to set it up as a remote VPN server. I wish hardware was better so I could also enable IPS and IDS which I cannot do right now as it would decrease the performance and my broadband throughput (I have a 350 Mbps service). Before enabling IPS, UniFi controller gives the following warning:
Warning: Enabling IPS will affect the device maximum throughput. USG: 85 Mbps, USG-Pro: 250 Mbps, USG-XG-8: 1 Gbps.

I would love to see more powerful version of USG in a similar form factor, perhaps something like EdgeRouter 4. I would buy one without any hesitation.

UniFi Switch 8 150W

This is a fully managed switch with eight Gigabit RJ45 ports tha can offer different power output options: auto-sensing IEEE 802.3af/at PoE/PoE+ and 24V passive PoE, and two SFP ports provide optical fiber connectivity options to support uplinks of up to 1 Gbps. This switch can deliver 15.4W of power per port with total of 150W. It also provides advanced enterprise switching such: 802.1X authentication, dynamic and static VLAN tagging, port isolation, storm control, and guest control.

UniFi Cloud Key

The UniFi Cloud Key is a small device that runs UniFi Controller Software. UniFi Controller is a crucial part of the system as it provides a web admin interface to manage all of the UniFi devices on your network. You can run the controller on a Raspberry Pi, Windows, Linux or MacOS system but I have found Cloud Key to be a good value for money. It also adds a benefit of remote management via Ubiquiti SSO with support for 2FA. The Cloud Key comes with a Micro-SD card for storage and it can be powered directly from UniFi Switch 8.

UniFi AP AC Pro

UniFi AP AC Pro is a simply wireless access point. It’s an 802.11ac access point that can deliver up to 1,300Mbps of throughput and can be powered with PoE. The AC Pro AP supports simultaneous dual-band, 3×3 MIMO technology in the 5 and 2.4 GHz radio bands. This is an access point what means that it does not provide any routing or switching so you need a router with DHCP server for routing (USG in my case).

Initial setup and configuration is very simple. There are various guides you can follow online. Ubiquiti is probably the best place to start.

UniFi Controller (that’s where it all comes together and the beauty begins)

In a nutshell, the UniFi Controller software allows you to manage your entire UniFi network via a web browser interface. You can provision new devices, make configuration changes, update firmware, etc. That’s also a place where you can access all the information, metrics and statistics about your network: devices, clients, utilisation, bandwidth throughput, used services and much more. I believe screenshots are going to do more justice than typing:

Dashboard

The Dashboard is stunning, a quick stop shop to take a look at your network at glance. There is also the ability to create your own custom dashboards:

Statistics

This page gives a nice overview and enables you to really drill down and get into some nice stats around your network and clients:

Devices

A combined view of all of your Ubiquiti devices managed by the controller. You can change settings, restart devices, upgrade firmware, etc:

Clients

The Clients page lists all clients connected to your network. It tells you if they are wired or wireless, how much data have they used, what switch ports are they connected, really cool stuff:

Insights

Lots of cool info here. You can see clients on your network, nearby access points, guest network info, stats from your switches and more:

Ubiquiti UniFi Mobile App

The app is stunning and it’s an absolute pleasure to use. Ubiquiti supports both iOS and Android. In addition to being beautiful it contains pretty much all of the controller features available via web interface:

 

So, what are my final thoughts after going with full Ubiquiti setup at home?

I should have done it much earlier! I will definitely be recommending Ubiquti to friends and family. What gives me even more confidence is the fact, that Ubiquiti is constantly providing software updates and add new functionality, so they are definitely in for a long ride in this business. If you need some really solid kit, you should certainly take a look at Ubiquiti. They have a great online controller demo if you would like to investigate the functionality before buying, available here.

The benefits I am now enjoying are:
– super fast, reliable wireless with superb coverage for my whole house and garden
– full visibility into every device on my network (wireless and wired), thanks to DPI
– single place to manage all of my Ubiquiti network devices
– enterprise grade equipment with very powerful functionality at the frication of the cost
– plenty of headroom for future network expansion if needed
– great online community

What’s next?

Since I am now extremely happy with my equipment, I am going to start thinking of segmenting my home network by deploying VLANs, so I can separate IoT traffic, for example. Other things I am going to take a look into in the near future are securing my DNS traffic using Cloudflare and deploying a Pi-Hole.

Update as of 2 Aug 2018: I have updated both UAP-AC-PRO APs to UAP-HD APs as I have been offered then in a price I could not resist not to update.

Update as of 7 Nov 2018: I have just updated to the all new Cloud Key Gen2 Plus and migrated from my old Cloud Key controller. I am planning on getting some Ubiquti cameras soon.