Ubiquiti Routers for Enterprise??

jasonbaxter8979 · 2014-12-04T21:01:19.000Z

Is anyone using any of the Ubiquiti routers in an enterprise environment? We’ve outgrown our current cisco router and looking at alternatives that can handle 200/200+ connection. The box will actually be doing very little routing, all the heavy lifting is done via layer-3 ciscos. All it really needs to do is handle the handoff to our ISP. We’ve been using some of Ubiquitis wifi bridges products for a few years now and all I know is they have been solid. I literally haven’t touched them since the initial install. With budgets the way they are we really can’t pull off a cisco purchase at this time and I’m really starting to lean away from cisco anyways due to cost and support costs. Any info is appreciated as always. Thanks guys.

randyreed2 · 2014-12-04T21:09:34.000Z

I haven’t. If I recall correctly, their command line is very different from Cisco’s, but if you’re a GUI guy, I think all of their software is relatively easy. Throughput shouldn’t be an issue.

geoffmaccombe5280 · 2014-12-04T21:17:55.000Z

Try Procurve (HP) as an alternative, we switched throughout and haven’t ever regretted it

dataless · 2014-12-04T21:21:31.000Z

The CLI isn’t that difficult to get the hang of, especially if you’ve mastered Cisco.

I’ve got several of the Edgemax Lite’s installed at small offices and even with multiple VPN’s never seen a slow down. But I’m not dealing with as many connections as you so I couldn’t speak to that. They advertise a 2 million packet per second throughput though.

Maybe someone from Ubiquity can chime in.

@Ubiquiti_Inc

jasonbaxter8979 · 2014-12-04T21:36:53.000Z

Hey Geoff, on the HP side of things what kind of throughput are you running and what model are you running.

mmitchell · 2014-12-04T21:39:31.000Z

You could look at Fortigate as well that’s what we have been transitioning to here and has worked well for us.

blairgroves · 2014-12-05T02:04:22.000Z

Revisit the budget if your company’s worth securing. Ubiquity is definitley not in your league. FortiGate is middle of the road at best, and has no support. Really, with the ever-growing base of security risks to corporate networks, do you want to take a chance at being the next statistic? Take a serious look at the “next gen” ASA 5500-x series. Even Fortinet’s web site has a third party report which places it in first place, well ahead of FortiGate.

jasonbaxter8979 · 2014-12-05T02:14:43.000Z

I’m not relying on my router for security. We have a SonicWall behind our router. I would just use that but we have quite a few services running on it and would prefer not to put any eextra load on it if possible.

servermonkey8064 · 2014-12-05T16:00:31.000Z

They interest me simply because they’re cheap but that’s also what concerns me - I suspect they fall into the “buy 2” category given the cost and lack of any SLA on support as your biggest concern is it simply dying IMO (the cheap ones use those horrid wall wart PSUs).

jasonbaxter8979 · 2014-12-05T16:09:48.000Z

That’s been my worry also which was why I was hoping to hear from a few current users. So are there any other recommendations that won’t break the bank? Again this is just for routing to our ISP, we have a Sonicwall behind our router performing the heavy lifting.

servermonkey8064 · 2014-12-05T16:22:51.000Z

Why can’t the Sonicwall do it?

jasonbaxter8979 · 2014-12-05T16:32:16.000Z

Well it can but we’re running quite a few services on it(AV,anti-spyware,IPV,app-control,etc) and I spoke to my Sonicwall rep and he confirmed that it would work but he didn’t sound very confident. Which has me a bit concerned. The sonicwall cpu avgs around 40-50% and not sure how routing will affect that. I just don’t want to introduce a bottleneck at the head of my network. So I thought if I could find a reasonably priced router that could just handle the routing I would continue in the direction that has been working.

servermonkey8064 · 2014-12-05T16:35:29.000Z

I can’t see how it should cause an issue - to my mind the Sonicwall is routing exactly the same regardless of whether its next hop is the ISP router or one of your routers?

If the Ubiquiti was doing firewalling or something to “shield” the Sonicwall (back to back firewall config) from the internet then perhaps, but just for routing I’m not sure there’s actually a benefit.

miketyniec · 2014-12-05T22:50:14.000Z

Jason,

I recently tried the EdgeRouter Pro in my environment. I purchased it for $350+ from Amazon to replace a Brocade Vyatta Router I’ve been using for years. Brocade’s Vyatta is now subscription based - so one has to pay every few years just to use the software. Ubiquiti’s EdgeRouter operating system (EdgeOS) is a fork of the Vyatta Open Source version 6.3.

The EdgeRouter took my Vyatta config easily - a few commands weren’t supported - but not critical to the running of the box. I run BGP and am multi-homed with two ISP’s - each at 100Mbps. Full internet routing table for IPv4 and IPv6 connectivity. The 2GB of RAM in this box was able to handle the 500K routes from each ISP.

However - after five hours in production - the router stopped passing traffic. Middle of the day for me - and I had my tail between my legs. I switched back to Vyatta and tried working with Ubiquiti support. The issue was traced to IPTables (Linux) and connection tracking. No real solution from Ubiquiti support - so needless to say I won’t be using this device moving forward.

Everything else about the product was great. GUI was nice and performance was fine while the box was operational. The fact that it can also support Firewalling, VPN, and routing protocols (BGP, OSPF, etc.) makes it something worth considering - even though it didn’t work out for my “experiment”.

Hope this helps. Michael