Comment by exabrial
1 day ago
Ubiquiti's biggest feature is no monthly recurring cost. I really hope they continue the streak on products like this. Seems like anything else bought up these days is switched to an MRR model with no vision into the long term viability.
The founders being the erstwhile Apple routers team, I believe they are playing the Apple game — sell good quality hardware; free the software that runs the hardware.
[dead]
I just wish they would put better processors in their stuff. Is this yet another NAS powered by an ARM Cortex?
I have heard others say the same as you about Ubiquiti devices. I genuinely curious what bottlenecks you've hit.
I've only been using Ubiquiti as a pro-sumer, but it has held up well for my use case of Plex and little game servers.
I use a Synology NAS for my storage though, which is a slightly beefier mobile AMD chipset.
I'd be very interested to know what I should and shouldn't expect from my ARM based network stack though!
> I genuinely curious what bottlenecks you've hit.
1. My UDM Pro absolutely chokes and stalls with intrusion detection enabled on the firewall and 8 cameras connected. Network goes down, cameras disconnect, devices disconnect from Wi-Fi every time a car drives past a camera due to AI features triggering, etc.
For something meant for small businesses I wish they would just shove an Intel i5 or something in it. They make great switches, great APs, great everything else, just too stingy on processors on the few pieces of central equipment that people would actually be willing to spend more on.
And for a $3999 enterprise NAS with dual 25 Gbps SFP ports and 16 drives? It could surely use something more beefy than a Neoverse N2. I'd say an i7 or even i9 is warranted here.
3. The UNAS 8 I don't own but I believe it would struggle with >1Gbps links and encryption enabled
10 replies →
I echo what the others say in that it's much more important to know what portions of your traffic are going to need to be processed by the CPU than it is to know how beefy the CPU is. E.g., just to give an example of the usual investigation process:
- The EdgeRouter 12P is ancient and had a weak CPU for even the time
- However, the EdgeRouter 12P has a good selection of hardware offloads for things like routing/NAT & even a hardware switch chip. These functions will often run at (or very near) line rate without touching the CPU much, and the latency/jitter/buffer handling will often be better than when even fast CPUs handle the traffic on other products.
- Buuuut there are oddball restrictions. E.g. on the newer 2.x or 3.x software streams (i.e. for the last ~5 years) hardware offload for VLAN tagged traffic on the switch does not work, and the CPU cannot switch a full 1G of traffic without choking (it gets close, but not quite). Also the hardware switch only covers a certain range of ports, some ports can only be routed or software bridged.
- Even then, if you add a bunch of advanced firewall inspection rules it's gonna run out of CPU. Quicker if it didn't have offloads for some of the work, but still easy to make it go from a solid full gigabit WAN NAT box to 100-200 mbps depending on what you enable. This can repeat for a lot of features, like VPN and so on.
As far as host networking (i.e. a server sending data out of its NIC rather than trying to be a network switch/router/firewall between segments) usually the CPU will be a limitation for other things before it's the limitation for sending things out the NIC. And a quality NIC (which these particular ones seem to be) can make that even more true in a similar, but less extreme, way as the switching/routing hardware offloads on the EdgeRouter. E.g. ZFS can be CPU heavy with all of the parity/encryption/deduplication features you can enable and trying to do that on top of using SFTP to transfer the data to a remote host in a single encrypted stream can stress the CPU even more... but this CPU also doesn't look like a typical bargain basement ARM CPU you'd find in cheaper Ubiquiti products and would probably do fine for what it has.
Basic routing and switching - expect line speed. Don't expect analysis features to run at line speed - 30-50% penalty could be normal depending on throughput.
Stay away from IPS and complicated firewall rules which usually are done in CPU, and you should be fine. HW acceleration for those (esp. TLS decryption) is a major reason fancy firewalls are very expensive. You're better off building an IDS or picking up a smaller FortiGate or Palo Alto firewall if you really want to get serious there.
The Cloud Key Gen 2 is underpowered depending what you do with it, and it runs hot. UniFi seriously needs to refresh it. (At least it’s better than the Gen 1. The Gen 1 was disastrously bad.)
The ENAS looks like fairly nice hardware. It even has ECC RAM. Not cheap, though.
1 reply →
It says 8 Arm Neoverse N2 cores in the blog post. So not directly ARM Cortex, derived from ARM Cortex-X3 but same family as NVIDIA Grace, Google Axion and AWS Graviton4.
It's based on Neoverse N2 which in our other platforms (e.g., ENVR Core, UDM Beast, EF Core) has contributed to vast improvements in performance versus ARM Cortex.
This is how they make their money. They put out underpowered crap and constantly churn them so you have to pay them regularly. If something isn't profitable to maintain it just goes EoL.
*yet
They will at some point just cash out.
They've been at this for a while. They do have offerings you subscribe for and pay monthly. They have also consistently offered an option for each of those offerings to bring your own or self host. They've earned my trust.
>>they’ve earned my trust
Boy I hope Broadcom didn’t hear that…
Recently they removed the option to take certain types of backup locally (for the Network app). Now it only does it to the cloud, for those who allow this. It’s these small things that make me cautiously pessimistic that long term Ubiquity won’t pull the rug from under the customers.
Once you invest thousands in network equipment or cameras you’re less likely to jump ship when they start sneaking things in. And this is long lived equipment, not the kind you anyway replace every couple of years. So that’s a relatively strong lock-in.
3 replies →
Anything can be sold to PE.
6 replies →
I tend to agree with you.
In my opinion, as long as the majority of their profits come from people continuing to buy the self-host devices, it is fairly unlikely they'll ever stop offering those devices. Why change a working business model?
Yes, subscription models are enticing for that recurring revenue... number must go up, right? /s
If a majority of your sales are not in subscription products though, I think it would be foolish for a business to blow off its own leg trying to chase that particular dragon.
Then again... businesses have made dumber calls in the past out of nowhere...
1 reply →
They are already a public company.
93% owned by the founder.
3 replies →
You can take a public company private and then run it to the ground. See also: Twitter.
6 replies →
I don't believe this. They've been around since 2003, and the Unifi line started in 2010. If they were going to enshittify it would have happened by now. Cynicism is not always warranted.
That’s just patently not true for Ubiquiti. You enter the Enterprise space with them and you are paying monthly. Their very expensive Identity Enterprise monthly per user subscription and their per site support charges to be able to get help with their latest rushed release. Paying extra for Apple wallet support. And you don’t even get complete APIs in return, or proper SCIM integrations. Can’t even pull access logs via API. Infuriating company that just do not function at scale.
Quite honestly it sounds like:
1. Your use case falls squarely into "you should be paying for support" territory. 2. You're setting things up incorrectly. You should be shipping logs, not scraping them when you think you need them.