Ubiquiti FAQ 1.0
Originally Posted: June 21st, 2020
Last Edited: January 31st, 2021
Note: See Ubiquiti FAQ 2.0 for an updated version of this post.
Ubiquiti FAQ 1.0
Table of Contents
Ubiquiti has 3 separate product lines: AmpliFi, UniFi, and EdgeMAX.
What is AmpliFi?
AmpliFi is mesh Wi-Fi on easy mode. AmpliFi devices are meant to be quick and easy to setup, while giving you broader Wi-Fi coverage than a single all-in-one router or a single access point will give you. If you just want to plug it in and have it work, AmpliFi is for you. There are no VLANs or complicated firewall rules to worry about. You get one single network, and an optional guest network.
The main AmpliFi models to know: AmpliFi Instant, AmpliFi HD, and AmpliFi Alien.
The AmpliFi Instant is as simple as it gets. They come in one or two packs. Buy as many of them as you need, then set them up with Eero-like simplicity. The AmpliFi HD and AmpliFi HD Gamers Edition offer a bit more performance. They typically come in a 3-pack, featuring one base station and 2 mesh nodes. The most recent AmpliFi Alien and AmpliFi Alien Kit offer the highest performance by being Ubiquiti’s only (non-Early Access) Wi-Fi 6 capable device so far.
If you’re interested in an in-depth comparison between the AmpliFi Alien and the UniFi Dream Machine, I have that here.
The AmpliFi line also has the AmpliFi Teleport, which is an easy way to setup a VPN back to your home AmpliFi network when you are out of the house.
AmpliFi devices don’t use the UniFi controller, web interface, or the UniFi mobile applications. They have their own mobile application, and that’s the only method you have to configure or monitor them. Initial setup can be done in a web browser, but most controls are in the mobile app.
What is UniFi?
UniFi is an ecosystem of wireless access points, routers, switches, security cameras, controller appliances, VoIP phones, and access control products. UniFi exists somewhere between enterprise and cheap home networking gear. It’s a nice middle ground, offering more flexibility and features than AmpliFi, but lacking the expense, licensing, and complexity of enterprise-grade equipment.
With a typical UniFi network, you chose which parts you want, and how many of them. You can start small with one access point, or go all out and get everything.
The UniFi controller software is what ties it all together, giving you a web interface (and mobile app) to configure everything. The controller software is only required for configuration. UniFi devices will continue to work without it running. However, a lot of the benefits (monitoring, logging, statistics, etc.) of UniFi require an always-on controller. You should plan to have one, and there are a few ways to do that.
The controller software can be self-hosted, or run on dedicated hardware Ubiquiti makes, called a Cloud Key. The CloudKey Gen2 and Gen2+ are the current models. The Gen2+ adds a hard drive bay, and can act as a NVR for their camera system, UniFi Protect. Your camera footage would be stored on the hard drive in the CloudKey Gen2+.
You also have the option of running the UniFi controller software on any PC you have, on a physical server, or in a VM or Docker container. A lot of people suggest Docker as the way to go if you want to self-host. It's a great use for a Raspberry Pi.
UniFi equipment will work with other vendor's equipment, but you'll have at least two different systems to control. A lot of people like to add UniFi wireless access points to their existing switches and routers, and that's a good way to get started. You don't need to the full UniFi stack, but there are benefits to it.
If you want more detail on the UniFi Ecosystem, I have that here.
What is EdgeMAX and AirMAX?
EdgeMAX is Ubiquiti’s more professional line of networking products, aimed at wireless Internet service providers (WISPs), and managed service providers (MSPs). EdgeMAX has EdgeRouters, EdgeSwitches, fiber terminals, and a lot of great point-to-point and point-to-multi-point wireless products.
EdgeMAX switches and EdgeMAX Routers come in a lot of different hardware configurations. Some of the EdgeSwitches are the same hardware as the first generation UniFi switches, with different firmware.
EdgeMAX offers a lot of features which UniFi lacks. Multiple IPs on a WAN port, DNAT/SNAT, VPN failover, RIP, OSPF, BGP, proper QoS, port security, ACLs… If those acronyms are important for your network, EdgeMAX is a probably a better fit for your routing and switching. They still don't have licensing, but EdgeSwitches are a lot closer to a typical Cisco (or other big brands) campus switch than UniFi is.
If you need point-to-point or point-to-multi-point wireless radios, the AirMAX, AirFiber and LTU lines offer tons of choices. They are great and cost-effective equipment if you need to expand a network over a larger area, or feed an outdoor area from a central location. They also make great equipment for WISPs or people that have long-distance Wi-Fi needs. These products can easily bridge your existing network to another location within line of sight, even if it's kilometers away.
Beyond the hardware, EdgeMAX also has the UNMS software. UNMS is an optional web interface overlay, which provides some of the functionality that the UniFi controller software does. It will allow you to control the most common settings, but some are still found on the devices individual web interfaces, or via SSH. As time goes on, more and more settings are being added to UNMS.
The split between UniFi and EdgeMAX can be a bit blurry. Willie Howe has a great video which goes into depth on the main differences between a UniFi Security Gateway and an EdgeRouter. It's a similar story on the switching side.
Can I Mix the Different Lines?
Yes, for the most part. There's nothing preventing you from using equipment from all 3 lines together, or from other vendors. Ethernet is Ethernet, TCP/IP is TCP/IP. Just know that you will have to control them separately.
AmpliFi devices are mostly standalone, but there is nothing preventing you from adding an Ethernet switch, or something like that. UniFi APs can be added to any network. AirMAX point-to-point radios can be used to support a remote network, whether that's UniFi or something else. There are a lot of possibilities, just make sure you do your research before you buy.
UniFi -- What's New, What's Old?
Security Gateways/routers
New:
All three of these products are based on fast ARM processors and Ubiquiti's new UbiOS/UniFi OS.
UDM (2019)
- Gigabit Gateway with ~850 Mbps IPS/IDS
- 4-port non-PoE switch
- UniFi controller
- nanoHD equivalent Wi-Fi access point
- Can't be adopted to external controller or CloudKey
UDM-Pro (2019)
- 10 Gbps Gateway with ~3.5 Gbps IPS/IDS
- 8-port non-PoE switch
- UniFi controller
- No Wi-Fi built in.
- Can't be adopted to external controller or CloudKey
- 3.5” hard drive bay
- UniFi Talk/Protect/Access support
- Rack mountable
UXG-Pro (2020 -- Early Access store only)
- Basically a UDM-Pro without the built-in UniFi controller, 8-port switch or HD bay for Protect
- Adoptable to external UniFi controller or CloudKey
- More direct replacement of the USG-Pro
- In the USA EA store for $499
Old:
Both of these products have older MIPS processors, with the Vyatta-based EdgeOS underneath. You can create custom json config files for them though, which give them flexibility the UDM and UXG lines don't have.
USG. (2014)
- Gigabit Gateway, small and fanless
- Requires external UniFi controller
- Good for lower-speed networks, or for straight gigabit routing.
- If you are planning to use all the firewall features, or as a VPN endpoint, and also get speeds over 100 Mbps, look elsewhere.
USG-Pro. (2016)
- Gigabit Gateway, rackmount
- A step-up in performance from the USG. ~250 Mbps IDS/IPS.
- Requires external UniFi controller
- Gigabit routing is no issue, but firewall and encryption speeds are limited.
Side Note on Hardware Offloading: Hardware offloading lets you use dedicated hardware to accelerate some tasks. You can turn it on or off depending on what you are trying to do.
The USG with Hardware Offload On:
- Able to perform basic routing functions at line rate
- Can not use IDS/IPS
- Can not use QoS/Smart Queues
- Can use DPI
- Can use GeoIP filtering
The USG with Hardware Offload Off:
- Basic routing, including inter-VLAN, may perform below line rate
- Can use IDS/IPS
- Can use QoS/smart queues
- Can use DPI (Starting in USG firmware version 4.4.18)
- Can not use GeoIP filtering
Switches
New:
- Gen2 and Gen2 Pro. Models begin with USW. (2019/2020)
- All Gen2 models have better and quieter cooling fans, a small touchscreen on the left side, and support for UniFi AR, which lets you see virtually see what devices are connected.
- Gen2 models such as the 16 and 24-port are fanless, but offer less PoE than their 1st gen equivalents.
- Gen2 Pro models have lots of PoE, support redundant power via the USP-RPS, and have some limited L3 features like static routing.
- Flex Mini (2020)
- Lite-8 and Lite-16 (Not available -- EA only)
- Industrial. Good for harsh environments and 60W PoE++ (2020)
- Switch Flex. Good for outdoor deployments and PoE passthrough. (2019)
Old:
- First generation switches. Models begin with US. (2016/2017)
- More PoE budget than 2nd Gen, still a good buy if you need a lot of PoE. They can be loud, though.
- UniFi XG 16 and XG 6PoE.
- Older, but your only option for 10 Gbps LAN ports with UniFi. Still a good high-throughput distribution switch.
Access Points
New: AC Wave 2 and Wi-Fi 6 (2017 and newer)
- UAP-FlexHD
- UAP-NanoHD
- UAP-BeaconHD
- UAP-AC-HD
- UAP-AC-SHD
- UAP-In-Wall-HD
- UAP-XG
- UWB-XG
- UniFi 6 Lite and UniFi 6 In Wall (EA only)
AC Wave 1 APs -- Older, but still supported. (2016)
- UAP-AC-Lite
- UAP-AC-LR
- UAP-AC-Pro
- UAP-AC-Mesh
- UAP-AC-Mesh Pro
- UAP-AC-In-Wall
End of Life
- UAP-AC-EDU (Will be EoL March 2021)
- UAP-AC-In-Wall-Pro (March 2021)
- UAP-LR (March 2021)
- UAP-Pro (March 2021)
- UAP-In-Wall (March 2021)
- UAP-Outdoor, Outdoor5, Outdoor+ (March 2021)
- UAP
- UAP-v2
- UAP-LRv2
- UAP-AC
- UAP-AC-v2
- UAP-AC-Outdoor
Miscellaneous
New
- Cloud Key Gen2 and Gen2+
- Rackmount NVR for UniFi Protect
- UniFi Smart Plug
Old
- Cloud Key (1st generation, the white one)
- UniFi XG Server (For UniFi Video)
- UniFi VoIP Phone
- UniFi VoIP Phone Executive
UniFi Typical Small to Medium Network -- Apartment, smaller house, etc
UDM. UniFi All-in-one
- Benefits: All-in-one. You get a router, switch, controller, and wireless in one package for $300 (US pricing). Easy option to get started with. Good Wi-Fi speeds and easy to add on to with a BeaconHD or other UniFi APs.
- Downsides: No PoE. Missing some more advanced features of the USG, doesn't support json config method of USG line. The UDM is based on the new UbiOS/UniFi OS, which is still buggy and not feature complete. If you have existing UniFi gear it can be an awkward upgrade due to the all-in-one nature and the controller differences.
USG + Switch + AP + Controller
- Benefits: You get to pick the right sized equipment for your needs. Flexible custom configuration if you're willing to tinker. The USG is based on Vyatta and EdgeOS. You can host your own controller. You can have multiple sites within one controller.
- Downsides: The USG is old (2014!) and slow, and the USG-Pro is old and slightly faster, but still can't match the performance of the UDM line, particularly with IDS/IPS or other firewall features enabled. The USG is the "old" way of doing things with UniFi. The UXG-Pro (when/if it's released) should let you build this kind of network again, with new equipment and higher performance.
Ways to Expand For a Larger Network
- If you have a UDM, you can easily add gigabit Ethernet switches and mesh APs like the new BeaconHD. Additional wired access points require a PoE switch or power injector. Most single-pack APs come with an injector. If you're buying a PoE injector separately, make sure it's gigabit. Ubiquiti still sells 100 Mbps injectors for some reason. All these will be managed by the controller built into the UDM
- If you have a USG/CloudKey or USG/Self-hosted controller, you can add on anything, just like the UDM. Keeping the controller separate allows some flexibility with scaling up to a larger network, or one with multiple sites. The UDM/UniFi OS doesn't support multi-site, it's one site, one UDM.
I'd like your help to improve this
Please let me know if I missed anything or messed anything up. I'm only one guy, with one set of opinions. I'd like to expand and improve this over time. I want to add common configuration steps, answer "Why is my Wi-Fi slow?", that kind of stuff.
Some people in the r/Ubiquiti Reddit thread mentioned turning this into a Wiki -- I'd love that. I want to get a bunch of people contributing to this. I don't need to "own" this post, or be the only person to edit it.
Other Ubiquiti Guides and Reviews
- Unofficial Ubiquiti Guide
- Ubiquiti's UniFi Ecosystem Explained
- Ubiquiti: UISP Is The New UNMS
- How Wi-Fi Works, From Electricity to Information
- UniFi Wireless Access Point Buyer's Guide: 2021 Edition
- UniFi BeaconHD and Smart Power Plug Review
- UniFi Router Comparison: USG vs UDM vs UXG
- UniFi Dream Machine (UDM) Review
- UniFi Dream Machine Pro (UDM-Pro) Review
- UniFi Dream Machine vs. AmpliFi Alien
- How To SSH Into Your UniFi Dream Machine
- UDM Setup Guide: Discovery and Basic Settings
- UniFi Next-Gen Gateway (UXG-Pro) Preview
- Upcoming UniFi Switches Preview
- UniFi Switches Explained
- UniFi Switches Buyer's Guide
If you have more questions about Ubiquiti or anything in this post, leave a comment or contact me. I will do my best to point you in the right direction, or help in any way I can.