One to rule them all! Network, monitoring, access control, VoIP, firewall. All in one UniFi OS!

Ubiquiti Inc. is a well-known brand for years to all users of both wired and wireless networks. Solutions offered by ui.com are dedicated both for IT operators, business customers and individual clients. To meet the expectations of users, Ubiquiti Inc. greatly simplified access to its UniFi ecosystem. In the past, you had to buy a separate gateway to perform routing, Cloud Key to manage the structure of devices and WiFi access points. All of this has now been combined into a single UniFi Dream Machine Pro.

The UDM-Pro is the most comprehensive and powerful security gateway in the entire UniFi product line to date. The immense processing power is derived from a quad-core 1.7GHz processor, so it is able to deliver high throughput even with DPI (deep packet inspection) and SQM enabled. The professional dream machine runs on the new UniFi Os operating system and can therefore support all current and future controllers:

Unifi Network
Unifi Protect
Unifi Access
Unifi Talk

The high throughput and performance that UniFi Dream Machine Pro can provide is extremely important if you want to take advantage of all the features (including security) that UniFi OS offers. For example, Threat Management is a security feature that scans network packets and actively blocks network traffic from known security threats. On the other hand, with the SQM function you can prevent such a problem, which is sending more data than it can handle (buffering).
This functionality requires very high computing power, and we have to admit that it is missing in most routers and firewall devices. Let's take for example an old UniFi USG gateway. When you enable SQM or Threat Management on this device, the speed drops to a maximum of 60Mb/s!
If you are still wondering why there is so much computing power in UniFi Dream Machine Pro, I invite you to take a look at the specifications table.

UDM-Pro specification
Processor	1.7 GHz quad-core processor
Memory	4 GB DDR4 memory
Built-in flash memory	16 GB eMMC
Display	1.3-inch color touch panel
IDS/IPS throughput	3.5 Gbps
Maximum capacity of SQM	800 Mbps
WAN ports	1x Gigabit RJ45 and 1x 10G SFP
LAN ports	8x Gigabit RJ45 and 1x 10G SFP
Hard disk	3.5″ HDD bay (also supports 2.5″ HDD)
Maximum energy consumption	33 W
Dimensions	442,4 × 43,7 × 285,6 mm

Important! UDM-Pro does not have any PoE ports. If you want to use Dream Machine Pro in a network with more cameras or access points, then you need to use an additional switch such as an USW-Enterprise-24-PoE.

Internet Threat Management

As I mentioned earlier, the UniFi Dream Machine Pro combines the function of multiple controllers. In addition to being a network controller, the UDM-Pro also acts as a security gateway (similar to the Security Gateway). This is possible because it is equipped with a built-in firewall and an advanced threat management system. In UDM-Pro, we can enable the following security features:

IDS/IPS scanning:

Viruses and malware (botnets, Trojans and worms)
P2P and TOR
Hacking
Internet traffic (based on known active vulnerabilities)
IP addresses with bad reputation
Attacks on network protocols

Internal threat scanner (scans connected clients for known threats)
Internal Honeypot (helps detect malware, worms and other malicious network traffic)

You can also choose from preset configurations ranging from maximum performance to maximum security.

UDM-Pro and UniFi Protect

The phenomenon of the UDM-Pro is undoubtedly its versatility. In addition to the UniFi controller (WiFi network management) and the network gateway function (firewall), the UniFi Dream Machine Pro also supports the UniFi Protect system. Undoubtedly, this is an extremely practical application, because from one platform, we have access to both the wireless network configuration, as well as we have access to the entire monitoring system. Many times technicians have to separate platforms for managing the monitoring system and for wireless network configuration. In case of Ubiquiti solutions based on the UniFi OS system, we get access to comprehensive management of the entire network structure from a single platform . You do not have to worry about remote access to the entire network topology and monitoring. What's more! We also get a complete preview of the recorded video. You can also view images from each camera and doorbell (G4 Doorbell) in live mode.

G4 - the fourth generation of cameras by Ubiquiti Inc.

Speaking of UniFi Protect, it's impossible not to mention the new generation of cameras from Ubiquiti Inc. The fourth generation of cameras (UVC-G4) clearly deserves attention. A few new models have appeared, as well as a very interesting doorbell. Of course, we adopt and configure all the devices in our Dream Machine Pro.

Of particular interest is the UVC-G4-PTZ. It is a new, high-performance surveillance camera (pan/tilt) from G4 series, which is ideal for shopping malls, parking lots, airports, train stations, and other transportation hubs.

We have to admit that Ubiquiti Inc. rose to the challenge. UVC-G4-PTZ enables video recording in 4K Ultra HD resolution , at 24 frames per second but the most important advantage is the 22x optical zoom with a F1.5 lens .

Of course, the main advantage of G4-PTZ is the 22x optical zoom (!!!) and the ability to manage it via UniFi Protect. This makes both the configuration and the preview of events trivial. In addition, we have continuous access to our monitoring system from the mobile application. G4-PTZ is a typical outdoor camera, resistant to weather conditions (IP66). It is equipped with a tamper-proof, pan/tilt, servo with feedback, adaptive IR LEDs that provide night vision up to 100 meters and the option of powering it with 802.3bt PoE .

UVC-G4-DoorBell - Wi-Fi video intercom

Another new addition to the UniFi Os-based ecosystem is a Wi-Fi video intercom with a built-in display and real-time two-way audio communication. The UVC-G4-DoorBell is equipped with a high-quality 5MP sensor with enhanced night vision, while the video stream itself can be viewed in up to 1600x1200 (2MP) HD, at 30 frames per second. The UniFi Protect G4 video doorbell also includes a PIR sensor that sends instant notifications when motion is detected.

UniFi Access

UniFi Access (UA) is a door access control system that is powered by PoE. The system supports electric deadbolts and latches, magnetic locks, motion sensors, push buttons, alarms and other 12V access accessories. With UniFi Access, you can also manage users, access policies and task schedules very conveniently.

In general, the UniFi Access system consists of four components:

UniFi Access app: the control center for your Access system, hosted on UniFi Dream Machine Pro (UDM-Pro). The Access app offers a range of features that simplify personnel, space and device management.
UA-Hub: an I/O hub that authenticates inputs registered by Access readers (UA-Pro UA-Lite), buttons and readers. UA-Hub also enables the control of door locks, alarms and automated door openers.

UA-Pro and UA-Lite: motion readers that unlock doors with a "swipe" of an NFC card or NFC-enabled mobile phone. In the future, the UA system will be able to unlock doors using an intercom and a mobile app.

UA card: Special NFC card for the Access system. Encrypted with a special algorithm that cannot be replicated (in contrast to other NFC cards).

UID - UniFi Identification

And finally, the icing on the cake! UniFi Identification (UID) is a hybrid Identity-as-a-Service (IDaaS) platform that enables cloud-based authentication and identity management services for enterprises. That is, with UID, we provide a very simple and secure way for employees, visitors, and customers to protect their network and physical space.

What is IDaaS?

To make things clear, I will briefly explain what IDaaS actually is. Well, IDaaS is an acronym for Identity-as-a-Service and refers to services for managing employee identity and access to particular services. And all of this is offered via the cloud or Saas (software as a service) on a subscription basis. IDaaS is the opposite of traditional identity and access management (IAM) solutions, which are mostly completely local and delivered via bundled software and/or hardware.

Ok, so then how can the UID platform help us ? Well, it is an extremely functional tool that will help you manage the entire company structure and employees. In short, thanks to UID you can:

Add, edit and delete users quickly and securely
Manage user access through a very elegant, aesthetically pleasing and easy to use interface
Quickly connect to your corporate Wi-Fi or VPN with a single click
You can very easily verify each registered user and device, using advanced single sign-on (SSO) and multi-factor authentication (MFA) services. The SSO feature is available in the PRO plan.

UID functions

Single Sign-on (SSO) - this enables employees, partners and customers to gain simple, fast and secure access to all Saas, mobile and enterprise applications with a single authentication using company credentials.

Multi-factor Authentication (MFA) - is an additional layer of security that protects user account and behavior, as well as application vulnerabilities and other threats.

Lifecycle Management (LCM) - lifecycle management - allows you to easily view and move users between lifecycle states and automate procuders of enabling and disabling users.

Universal Directory (UD) - is a single place to manage and view all users, groups and devices in your organization. You can import users directly into the UID or integrate with an existing directory (Active Directory, LDAP, G-Suite, CSV, BambooHR and more).

UID WiFi - it's the easiest, fastest and most secure way to connect to your corporate WiFi.

UID VPN allows you to access your organization's VPN anywhere, anytime with just a single click or tap.

UID Access allows you to securely manage your UniFi Access system and devices and allows your employees to unlock doors using phones, NFC cards and other methods.

Overall, UID is a massive platform that analyzes our network and employees in great detail from virtually every angle. There are so many options in it that I decided to describe in detail the UID platform itself in the next article.

Summary and conclusions

The entire UniFi OS ecosystem clearly deserves recognition. We can manage the entire structure of our network from a single place (both Wi-Fi and LAN), monitoring (Protect), access control (Access), VoIP telephony (Talk), and most importantly, we have access to a detailed view of the statistics of our entire UniFi OS ecosystem. I must admit that personally I have not yet met with such a solution from any other manufacturers (Cisco, Zyxel, HP). Generally, each manufacturer has a platform to manage only a specific section of the network. Usually we have at our disposal a separate application for monitoring (BCS, Dahua, Hikvision), a separate application for alarm system management, yet another for VoIP telephony, and yet another for obtaining detailed statistics and logs related to our network.
Ubiquiti Inc. solved it completely differently. UniFi OS is a platform that integrates all subsystems into one! And we have to admit that Ubiquiti has risen to the challenge. UniFi OS is so advanced and intuitive that navigating through the entire UniFi ecosystem is nice and easy. Connecting more devices, configuration and subsequent analysis is extremely user-friendly and guides you step-by-step through the process. UniFi OS simplifies the life of administrators and technicians of various installations related to the IT segment.
To sum up. Ubiquiti Inc. proved yet again that it takes a very professional approach to all IT solutions. It cares for its customers and tries to provide newer, faster and better devices (e.g. LTU). And UniFi OS and UniFi Identification itself is the icing on the cake. Well, we can only wait for more news from Ubiquiti Inc. Bravo Ubiquiti!!!

Author:
Leszek Blaszczyk

Call us at (+48) 34 361 04 48 or write to [email protected]

Products from the article

Ubiquiti UDM-PRO | Console | UniFi Dream Machine, 8x RJ45 1000Mb/s, 1x SFP+, 1x RJ45 1000Mb/s WAN, 1x SFP+ WAN, HDD slot

350,41 GBP

with VAT

Ubiquiti USW-Enterprise-24-PoE | Switch | 12x RJ45 2.5Gb/s PoE+, 12x RJ45 1000Mb/s PoE+, 2x SFP+, L3, 400W

688,88 GBP

with VAT

Ubiquiti USW-PRO-48-POE | Switch | UniFi, 40x RJ45 1000Mb/s PoE+, 8x RJ45 1000Mb/s PoE++, 4x SFP+, 600W

963,07 GBP

with VAT

Ubiquiti UVC-G4-PTZ | IP Camera | 4K, 3X optical zoom, 1x RJ45 1000Mb/s

1839,85 GBP

with VAT

Ubiquiti UVC-G4-DOORBELL-PS-EU | Power supply | dedicated for UniFi Protect G4 Doorbell

25,81 GBP

with VAT

Ubiquiti UVC-G4-IRExtender | IR LED accessory | IR range up to 25m, dedicated for UVC-G4

63,54 GBP

with VAT

Ubiquiti UVC-G4-DoorBell | Doorbell | UniFi Protect G4 Doorbell

167,60 GBP

with VAT

Ubiquiti UVC-G4-BULLET | Kamera IP | Unifi Video Camera, 1440P, 24 fps, 1x RJ45 1000Mb/s

125,67 GBP

with VAT

Ubiquiti UVC-G4-PRO | IP Camera | Unifi Video Camera, 4K, 50 fps, Optical zoom, 1x RJ45 1000Mb/s

407,80 GBP

with VAT

Ubiquiti UNVR | NVR | 4x 8TB, 1x SFP+, RAID 1, RAID 5, up to 50 cameras

286,13 GBP

with VAT

Ubiquiti UA-SK | Starter kit | UniFi Access Starter Kit, 1x UA-HUB + 1x UA-PRO + 1x UA-LITE + 1x UA-CARD

462,43 GBP

with VAT

Ubiquiti U-LTE-Pro | LTE Router | UniFi LTE Pro, LTE Cat 4, 2x RJ45 1000Mb/s PoE, nano-SIM

245,63 GBP

with VAT