planning home network

[arkmannj]

Hello,
I’m getting ready to rotate out my old Airport Extreme & Time Capsule.

I’m thinking of going with ubiquity products
* Security Gateway router
* pro or HD access point
* maybe a switch, but This might be overkill for now.
* controller gen 2

teo features I’d like are:
* The ability to monitor traffic usage of devices (IOT, kids, guests, etc.)

* The ability to disable/enable devices ability to access the internet on the fly. (kids, guests, etc.)

Can you do these things in a way that is reasonably easy?

how robust is the gateways performance (we have gigabit fiber internet)

any other thoughts or recommendations?

thanks!

 

[satcomer]

For a Single Router (that has Time Machine Server in it) then you want the Synology RT2600ac and extend it with it’s satellite SSID with the Synology MR220ac.

Here is a good video to see:

 

[iluvmacs99]

Hello,
I’m getting ready to rotate out my old Airport Extreme & Time Capsule.

I’m thinking of going with ubiquity products
* Security Gateway router
* pro or HD access point
* maybe a switch, but This might be overkill for now.
* controller gen 2

teo features I’d like are:
* The ability to monitor traffic usage of devices (IOT, kids, guests, etc.)

* The ability to disable/enable devices ability to access the internet on the fly. (kids, guests, etc.)

Can you do these things in a way that is reasonably easy?

how robust is the gateways performance (we have gigabit fiber internet)

any other thoughts or recommendations?

thanks!

Ubiquity equipment is top notch, but not easy to use as it is geared towards people who are well versed in network engineering. Ubiquity's CLI (Command Line Interface) and Linux OS goes to show that while performance and security will be at the top of SOHO routers like Peplink Pepwave for instance, it is unlike the consumer routers likely you'll find with Netgear, Linksys, Dlink and Amped Wireless. You will notice that I didn't include Asus and Cisco routers and the reason is that, some of these routers are better made and better supported via open firmware like DD-WRT and Tomato or AsusWRT Merlin for their Asus routers. Essentially very robust operating system that is above class than those routers you buy from Best Buy.
In terms of Ubiquity's access control -- it is very granular and top notch. You will get every graph and statistics you will ever need from your IoT, kids, guests etc and you can setup VLAN (to isolate and segregate these devices so they don't see each other and your local LAN and so therefore don't infect your other devices via Malware or Ransomware). I personally don't need that level of granularity in my home network, and so therefore I settled with an Asus router with Merlin firmware. It is at the similar level as the Synology 2600 AC, but since the Synology is not yet approved to be used in my country due to radio freq certification, I settled with the Asus instead.

My recommendation first is to go to the routersecurity.org website and read up as much as you can about router security. It has a lot of useful information organized in one site.

My thoughts in terms of getting the right router is to find a router that offers firmware updates on a regular basis. Cisco, Asus, Peplink, Synology and Ubiquity fall into this category as new security threats come up and your security is only as good as the router that is protecting you both WAN (internet) and LAN (local network), cause your phones, ipod touch, IoT devices etc can be compromised to run malware and then attacking your router from your LAN. Which is why VLAN (Virtual LAN) is a useful feature. PepLink and Ubiquity offer better VLAN support than Synology does. Also with more sophisticated routers, you can setup OpenVPN to connect permanently with your VPN provider to provide stealth IP and geolocation so you get least targeted for spams, malware etc

Part of the issue with security is a balancing act of making the router easy to use versus harder to use but offers greater security and that is because, the easier the router it is to give you all the pertaining granular information via a smartphone like my Asus does, the easier for the hackers to compromise your router through angular attacks. So it's not uncommon for some people to set up a Ubiquity EdgeRouter or Unified Security Gateway (USG) as the front line router and offer 2 independent ports, one for easier access through prosumer router and one for more secured LAN access to provide your vital computers from infection and spying eyes via an Edgerouter or USG.

I am not at that stage yet, but looking at Ubiquity due to its expansion capabilities via its other modular offerings.

I hope this helps.

 

[mmomega]

If you want, essentially a replacement for the Airport extreme, take a look at the UniFi Dream Machine.

It is basically an updated Airport Extreme.
It gives the security gateway , Intrusion detection, intrusion prevention without sacrificing bandwidth.
The less expensive USG with IPS/IDS will cut your bandwidth throughput to 100MBps.

A switch can be added after the fact and controlled if needed for a larger network.


My personal experience is, I have used Ubiquiti since their first access points were released. I have been adding them to my home and 5 business offices.
The offices are much larger but my home network experience is now:
UniFi Dream Machine Pro
4 Access Points. An AC-HD and 3 AC-In wall
24 port PoE switch
UniFi Cameras, 3 - 4K and 9 - 1080p

I have gigabit as well, any hardwired client will pull the 920+ most wifi devices with enough MIMO antennas will easily get 500+ from any point in the house. And as you can see we use our fair amount of data.

You can get a breakdown like this.
Clicking on any particular item, like for instance YouTube, will show every device that uses YouTube and how much data is used on each device + more info.
Lots of data available.

I started with Linksys back in the early 2000's, transitioned to an Airport Extreme around 2009, then added a 2nd, then a third. Then upgraded to the AC models. Then have been moving to Ubiquiti at home around 2014'ish to where it is now.
I also hardwire absolutely as many devices as possible and run my own CAT6 to expand more rooms.
AppleTV's, desktops, XBoxs, to where pretty much the only WiFi devices are phones, tablet, laptops and a few other devices.
Just for reference there are 70-75 "clients" on my home network at any given time.