Ubiquiti’s New Unifi Elite Offering

It looks like I’m a little late to the party regarding Ubiquiti’s latest (beta) announcement around the Unifi series but non-the-less we are going to take a look at what Ubiquiti calls Unifi Elite. Ubiquiti made the announcement mid-December on its community portal here. It looks like beta access is public and available to anyone who has a Ubnt.com account.

(Side note: To the best of my knowledge, none of this information is under NDA, but I do not get press briefings or release dates from Ubiquiti. So, if any of this is not supposed to be public yet, please let me know. I’ve asked several people if I can get added to whatever “press/blogger” info briefings Ubiquiti does, assuming they do something like that, but have never heard back.)

What is Unifi Elite

From what I have read in the beta announcements and what I’ve seen by using the beta controller, Unifi Elite looks like it will be a combination of two new offerings. The first part of the offering, which is in beta now, is a cloud version of their Unifi Controller. The second part is a more enterprise-friendly service and support offering.

With these new additions, it appears that Ubiquiti is looking to start putting the “enterprise stuff” into their enterprise WiFi solution. Don’t get me wrong; there is already a lot of geeky enterprise features in the offering today, but there is more to enterprise IT than product features.

Let’s take a look at why I think this announcement will bring Ubiquiti Unifi to a much larger market as well as increase its deployment size too.

Unifi Elite – Cloud Controller

The heart of the Unifi product line is the Unifi Controller. You have several ways to run a Unifi Controller, but until now all of your options were self-hosted variants:

  • Windows or Linux virtual or physical machine
  • Ubiquiti Cloud Key
  • RaspberryPi based
  • Mac application
  • AWS or other public cloud instance

In all of these controller types, the Unifi code is distributed as an application that you install on a host operating system. You then have to maintain both the Unifi updates as well as the updates to the host operating system; yet another task for the enterprise sysadmin.

With the Unifi Elite controller, you get the same features and functionality as what you can download and run locally, but the main difference is SaaS delivery; Ubiquiti handles hosting, support, maintenance, and troubleshooting.

Maybe this explains why my Ubiquiti Unifi Virtual appliance hasn’t received any “official” love or shout outs?

 

I get it, supporting a product is a huge undertaking, I work for a vendor myself. By offering enterprise-quality support to customers using the Elite Cloud Controller Ubiquiti will remove a lot of the variables that customer environments introduce and make supporting Unifi a little easier.

Reasons I would consider the Elite Cloud Controller

I found the forum posts about the Unifi Elite Controller while searching for any details I could find on running a controller on AWS. I am currently preparing that blog post, but I almost just deleted the whole thought. Why? Well even the smallest AWS instance t2.micro will cost about $20 bucks a month to run after your free tier access runs out. And, if you have worked with t2.micro instances before, you already know that they aren’t blazing fast and a sizable Unifi deployment might require a larger instance type. From what I have seen on the Unifi Elite beta posts, a stand-alone controller will be $45/month after the beta period. So for not too much more, you have a controller with no documented “maximum devices”, plus Ubiquiti will maintain it! Can’t beat that!

UPDATE: After Ubiquiti took the Elite service GA, I have learned that each device that you connect to the cloud controller also needs to have a maintenance package associated with it. I talk about that service in the next section of this article, however, this means that you can’t just use the cloud controller you also have to pay for the device maintenance which means that this solution will get quite expensive.

Another reason I would consider running a Unifi controller in the cloud is if I had a large deployment over multiple sites. With the Google Chrome Unifi app you can tell your new AP’s where to look for a controller, so deploying AP’s and switches is pretty simple.

  1. plug the device in (let it boot up and get an IP)
  2. use your Chrome-enabled device to run the Unifi App
  3. Specify controller hostname so Unifi device can call to it
  4. Adopt the device on the Unifi controller

Pretty easy, it’s basically one extra step from running a controller onsite, and Ubiquiti has said that direct cloud adoption is coming. Can you say Cisco Meraki clone? For a 10th the price…

Lastly, if $45/month is too much for you to spend on a Unifi Elite Controller, there is a way to get it for free.

Unifi Elite – Premium Service

The second part of the Ubiquiti Unifi Elite offering is what I call Premium Service and Support. This is exactly what is required to get Unifi into the enterprise. From what I’ve read, this will be an annual maintenance contract per device that you would pay Ubiquiti. They would then provide you with faster RMA service, priority support, and warranty.

Here is a quote from UBNT-Brandon:

It will also encompass cloud, upgraded RMA, and upgraded support as well.

For Beta it is cloud only, as we march towards stable release, we will be adding these as well. So you can think of it as ‘UniFi Elite’ services – Cloud, Support, and Warranty.

So essentially it upgrades your “consumer” like warranty and support to something (because we don’t exactly know yet) that looks more like what enterprises are used to.

UPDATE: as stated above, all devices that leverage a cloud controller will have to have a premium service maintenance contract. Device pricing varies, and it can be found on the Ubiquiti website.

Setting up a Unifi Elite Controller

To get started, you login to https://unifi.ubnt.com. Right now you will also need to be a beta user (which you can opt in for in your profile).

Once logged in you should see a “Setup Unifi Elite” button at the top of the page. I would explain the setup wizard that it launches, but honestly, It just asks for your credit card info. Saying it’s easy is an understatement, but when it’s done you will see your new Unifi Controller show up in the inventory.

Ubiquiti Unifi Elite
Unifi Cloud Management showing both the Elite SaaS controller, as well as a traditional “onsite” software controller

Management of the Unifi Elite cloud controller is identical to a regular controller. You log into it and immediately you are prompted to run through the initial setup wizard, just like an on-premises controller.

Provisioning devices

Originally, to make a Unifi device work you needed a controller onsite. Unifi devices will look out on the network for a controller with locally significant DNS hostname (http://unifi:8080 by default) to see if a controller exists. This is why when you login to a local controller after plugging in a new device it will show up and be ready for adoption.

The problem is that there is no way (right now) for a Unifi device to inform (that is the UBNT term for telling a controller a new device is online) a controller in the cloud. So Ubiquiti has created a Chrome application that will let you modify the default inform address and set any IP or name that you want. So for now, if you want to start using a controller in the cloud (or just a different site without DNS) this is the process to get the AP or switch to show up to the controller.

First, download the Chrome app, it’s called “Ubiquiti Device Discovery Tool.” When you run the tool you will see something like

UBNT adoption app
Chrome dicsovery app, with new AP detected.

From here I can click the “Action” button and configure the AP to “inform” whatever controller I want it to. This is where you will enter your Elite Cloud controller’s hostname.

Enter your Unifi Elite hostname

 

Once you set this URL the device will talk to the controller you specify and from that portal, you can go ahead and adopt it and provision it just like normal.

Conclusion

I love to see the innovation that Ubiquiti continues to bring to market. Sure there are solutions that already accomplish all of this stuff, but not at the price point that Ubiquiti does. Obviously, the market thinks the same way I do because Ubiquiti stock almost doubled in price in 2016 and seems to be starting off pretty strong in 2017 as well.

As for the product, I like the idea of Unifi Elite; I think that if Ubiquiti starts to develop a channel partner program, you would see quite the uptake for this type of product and service in the SMB to commercial space. I think that most VAR’s (aka channel partners) could also develop an MSP model around the Unifi Elite services and actually take the deployment and day to day management even further for the customers that want that hands off, white glove, treatment too.

Personally, I have enough Raspberry PIs and VMware servers sitting around that I cannot see myself using it past the beta period. However, If I had to pay for a cloud key, or fire up an Amazon instance to run a Unifi controller… Well, then I would certainly consider using the Elite service, but at $45/month I doubt that there will be much uptake in the home office user space.

 

 

Ubiquiti Unifi Virtual Appliance

I have some Unifi wireless AP‘s at my house and was trying to find a virtual appliance version of the Unifi controller but was unable to. So I went ahead and created one myself. You are welcome to use it, but it does not come with any support or warranty from me. 🙂 It is simply a minimal Ubuntu 16.04 LTS install along with the proper packages to run the Unifi 5.0.7 controller software. It also has the Unifi Controller software pre-installed, so it will boot up and Unifi will be started automatically!

Before you see the dashboard like the screenshot below you will need to walk through the initial config because this appliance has a fresh install of the controller software. If you plan to import a configuration file from an existing controller I would not adopt any AP’s during the initial config, nor would I configure any SSID’s…. those will be imported automatically when you restore the config.

2016-07-08_14-06-20

When you fire it up, the credentials are ‘unifi/unifi’, and if you want root access you can sudo with the same password.

By default, it will try to pull DHCP from whatever virtual network it is attached to, but you are welcome to use the normal Ubuntu “interfaces” file to set a static IP.

My deployment

I deployed this appliance for myself and was able to successfully import a backup of the config from my Windows-based controller without any issues. The coolest part was that all I had to do to migrate my AP’s to this new controller was shut down the old controller and import the config to this one! That’s AWESOME!

2016-07-08_14-40-37

Now I just need to get some Unifi switches and a router to complete the Unifi Puzzle!

Looking for the UniFi Hardware?

If you haven’t completed your Ubiquiti Unifi hardware deployment, Amazon has great prices on all the UniFi hardware.

UniFi Security Gateway Unifi PoE Switch Unifi Wireless Access Point

OVF Download

I’ll try to keep this up to date as I update my controller with major releases. Please note that automatic Ubuntu security updates are not enabled on this appliance so I would highly recommend that occasionally you install those.

Unifi 5.0.7 – Ubuntu 16.04

Username: unifi Password: unifi

Download Size: 948MB

https://1drv.ms/u/s!ANFHYV92O1unqT0

 

Trying out Ubiquiti Networks UniFi Wireless @ Home

Now let me start by saying, as my Twitter handle @ciscovoicedude implies, that yes I’m a bit of a Cisco fanboy, and disclaimer – I work for a Cisco partner. I’ve been using Cisco technology since the dinosaurs roamed the earth (and Justin was in diapers), and I’ve seen a lot of cool things come and go. Don’t get me wrong, Cisco has had to earn my business, and they’ve failed a few times over the years (Can somebody say Cisco Works IP Telephony Environment Monitor). But more times than not, they deliver a quality product that I really love, so they get my continued endorsement, and I can sleep good at night recommending their solutions to my customers. But I don’t always use their technology exclusively. This blog posting is an example of a time where I didn’t.

I’ve done wireless many different ways throughout the years, from a simple standalone access point to large enterprise class systems, and I’ve got a lot of time behind the scenes with Cisco’s various enterprise wireless deployments, which I love, but this time the focus is something different – my house, and let’s just say my personal budget doesn’t allow for a WLC controller and a pile of cisco lightweight access points, as much as I’d love to justify it to my wife.

I live in a split-level house (which really means basement, first floor, second floor), and I have a decent sized backyard that I also need to cover for the iPads and the such (did I mention that I’m also an Apple fanboy?), and having aluminum siding (yay 1970’s) pretty much means “faraday cage”, so an outdoor access point is also a necessity.

I’ve long since outgrown (but have continued to suffer with) the standard fare of consumer level access points, and finally I decided that enough was enough, so I started looking around for a solution that made sense for me. Of course I wanted something with a central management console (once you go enterprise, your brain just never can go back to autonomous management) and with Cisco being out of the budget, I turned an eye to Ubiquiti Networks. A friend of mine (you may know him, his name is Justin Paul, oh yeah, this is his blog site) was playing with some short-haul wireless WAN stuff a few years ago, and he was using Ubiquiti gear. I’d never heard of them, so I probed him about them a bit and he gave me an overview of what he was using. I distinctly remember him showing me the management console, and I was very impressed.

Looking at the Ubiquiti website recently after my most recent Linksys AP dropped dead, I noticed that they had an ‘enterprise class’ offering called UniFi, centered around a software-based controller, and sub-$100 access points at their entry level – a fit for my budget. I’m not going to get into the Cisco vs Ubiquiti debate – the way I see it, it’s different hardware for a different audience (even if the respective manufacturers may not agree with me). It seemed to make sense for my deployment, so decided to give it a whirl.

So I went ahead and placed my order to the basic UniFi AP’s (2 of them in fact) and spun up the controller and 2 AP’s within about an hour or so – it took me longer to run the cables. I have to say, it couldn’t be easier. Granted, I’m not doing any sort of heat map (really, who has a floor plan of their house, unless it is a new build) but I did turn on the guest access captive-portal style access on a guest SSID, and I’m quite impressed. Signal quality is wonderful, I’m covering my entire house with 2 AP’s, and I’ve got a wire ran for an additional outdoor AP that I haven’t yet purchased… Probably within the next 30 days I’ll add it. Support for enterprise-based authentication is there (although I’m not using that in my environment) which is a plus, and sets this solution apart from your consumer-grade wireless solutions.

So what sucks about the solution? The non-standard powering of the access points, that’s what! Come on Ubiquiti, I don’t care what adapters and converters you might have available for sale – you need to be making your access points, ALL of them, support 802.3af standards based PoE. There’s no excuse for passive, non-standard stuff in a product line you’re pitching as ‘Enterprise’. Other suggestions – lets turn your software controller into a virtual machine appliance, not just an ‘app’ that runs on a desktop. You want to grow into the enterprise space, you’ve got to think ‘enterprise’.

All in all, the solution works for me, and it does so in the deployment model I needed to use. Do I consider it a mature enterprise-class solution for a 5000-AP deployment – heck no. Do I think it’s junk, absolutely not! I won’t be recommending this to my customers for thousand-point deployments, but for me, at home, it’s a solution I can live with. The price point is right, the feature set is right, and I can live with the rest. Is Cisco still king for Enterprise wireless – I think so… but there’s no way it will pass the ‘can I spend the money, honey’ test with my wife in the room.

Cisco – I still love you. Ubiquiti – keep working on it, you’ve got some things going for you. You have kept my wife happy.

Josh – Follow me on Twitter @ciscovoicedude

 

Ubiquiti AirMax Wireless P2MP

Disclaimer: This is a pretty long article and explains the general overview of the network. I have not gotten into the technical setup of the radios in this article. I will save that for a future article.

Background

My family owns a few farms and other property in west-central Ohio. A place that is just starting to see reliable consumer broadband in rural areas. Growing up I was stuck with 56k dial-up for most of my childhood. It wasn’t until high school that I was able to get broadband quality internet, and even then it was 512kbps down 128kbps up. The next problem with it was that it was delivered via microwave signals that originated approximately 25 miles away. It was very unreliable during the weather that kept me inside.

Fast forward to today… I know much more about technology then I would have dreamed I would know when I was in high school. Which has enabled me to provide certain luxuries for my family (parents, grandparents, cousins, etc) that I wasn’t able to take advantage of. One of those luxuries is high-speed, low latency internet access. While working for my current employer one of my co-workers mentioned the Ubiquiti radios, so I looked into their features and started to plan out what could be accomplished with them and the tall silo…the main problem that plagued my idea however, was that DSL was still not available at any of our properties yet.

First Implementation

Just down the road one of my friends Mike had just built a new house but broadband was not available. During one of the many weekend beer drinking get togethers, I mentioned that since his parents house was less than 1/2 mile away we could probably use the Nanostation 5 radio in order to link his house to his parents. His wife overheard and gave us the go ahead on whatever it would take to make it happen.

Bill Of Materials:

2 – Nanostation 5 radios
2 – Window Mount NS5 Brackets
25ft – Outdoor CAT5 cable

The NS5 radios are 802.11G radios capable of 54Mbps, much faster then the 5Mbps down connection at Mikes Parents. The pictures will show that there is a very clear line of site, my only concern was that during the late summer tall corn fields would really mess up the fresnel zone. After alignment we were getting around -60 dbm and could pass approximately 15-20Mbps. We implemented this as a simple layer 2 bridge from his parents network to his router…not the best design as his house is behind a double NAT, but non the less it works for the simple browsing that they use it for.

Second Implementation:

Finally, last fall Verizon DSL became available at my uncle’s house, soon I had convinced everyone that with a little investment in new devices we would save them monthly fees and pay for those devices within a few months. The design was to be a little different this time however, as there are three houses that would need to be connected together. Site 1, my uncles house, would be the gateway to the internet. It also houses all network equipment for monitoring and maintaining the network remotely (as I live 45 minutes away).

Bill Of Materials:

1 – Ubiquiti Rockt M5 Radio
1 – Ubiquiti 16dbi 120* antenna
2 – Nanostation M5 Radios
150ft – Outdoor Network Cable
(various other supporting network devices)

Network Overview:

This implementation was setup much differently for many reasons, mostly for scalability and isolation. After the neighbors caught wind that we would be covering a 120 degree area to the northeast I had people asking me if it was going to be possible to get internet access from me… they figured they might as well because I already come fix their PC when it breaks.

The radios used in this design are MIMO and are capable of much higher speeds than the ones used at Mike’s house. They can also be setup so that each device at a “customer” location is isolated from the other customers. Between these technologies the traffic from one remote site though the network is secure enough for the users on it.

So far the only users on my little wireless experiment are those who are related to me, they are acting as a Proof of Concept and as guinea pigs to make sure the technology is reliable and sounds before I offer it to anyone else. And I must say that so far its working great, but because of the longer distances (approximately 1/2 – 3/4 of a mile) between sites, and only partially clear line of site I have seen some major shifts in signal strength during the transition from winter to summer.

(all signals are – dbi so the higher the blue line the worse the signal)

What I’ve learned:

Although I still consider myself a greenhorn in the wireless networking field, I would say that I have learned some important lessons along the way on these projects.

  1. Windows – while clear – will destroy Wi-fi signals, as bad if not worse than walls
  2. Signals will go through trees in the winter and spring, but when the leaves come out you WILL drop the link at least occasionally
  3. Advertised speeds are rarely achieved. The box advertised 150Mbps, however I will not see more than 50-60Mbps at the head end if I’m sending and receiving to both remote sites.
  4. Always whiteboard our your ideas and run them by as many of your peers as you can get to listen… it never hurts to have another set of eyes.

Future Plans:

Right now the wireless infrastructure is used only for internet sharing, but in the future I have plans to install a DVD server at the head site and implement some sort of IPTV. Most likely something like the Patriot Box Office, or Netgear Entertainer Live. So that we can also share movies and music between homes. The other idea that has crossed my mind is to use Trixbox CE and implement a VoIP setup at all of the homes so that everyone has the ability to call each other and has cheap long distance calling. (Voip.ms is about 1.5cents/minute)

Cost:

At first the costs for putting something like this in seems pretty expensive for the normal non-commercial use. The wireless equipment for this project was slightly under $400, but this doesn’t account for all of the other equipment that was already in place like TV towers, switches, etc. However, once you get in to what it would cost to have an internet connection at each house (approximately $39-$69/ month depending on package) its easy to see how quickly this pays for itself. Currently we get 3Mbps down and 768Kbps up from Verizon for $29.99. This is half the cost and double the speed of the competitors offering. Even if the radios need replaced every 36 months this is still a great ROI.