Small update to UniFi Network Application - a big step by Ubiquiti

Ubiquiti releases updates to its UniFi Network Application about once a month, in which it "patches" vulnerabilities in its services, adds new functionality and improves the visual interface to make the network interface easier to use. Ubiquiti has three types of updates for its systems: Official, Release Candidate and Early Access.

Early Access updates are initial release versions that have not yet undergone full testing and may contain bugs or shortcomings. They are intended for experienced users who are willing to take risks and test new features. (Usually released once a week)

Release Candidate updates are release candidates that have passed initial testing and are considered ready for use in a production environment. They may contain some bugs or shortcomings that will be fixed in future releases. (Usually released once every two weeks)

Official updates are official release versions that have passed all necessary tests and are considered stable. They are recommended for widespread use. (Usually released once a month) From the Device Management Console web interface, you can change the type of update release you want to install and work with at any time. The latest official release of UniFi Network Application is 7.5.187, and we will talk about it today.

The first thing we noticed is the high number of bugs and defects fixed. This does not mean that Ubiquiti engineers and developers design their applications poorly, as much depends on the components installed in Ubiquiti devices, and under certain conditions these components can malfunction. In addition, as technology and standards evolve, methods of encryption and device access are changing, as old methods become more vulnerable to hackers and DDoS attacks. Below is a list of fixes that have been made in this update:

Fixed an issue where on rare occasions you could see an empty guest portal.
Fixed the lack of WiFi channel option when creating new sites.
Fixed an issue where Auto IPsec Site-to-Site VPNs could not be removed.
Fixed gateway configuration errors in rare cases.
Fixed an issue where the Super Administrator role was being assigned to newly created Site Admins.
Fixed an issue where the Gateway Console could appear offline with multiple default AP groups.
Fixed an inability to enable RADIUS authentication for Hotspots when UniFi Gateway was missing.
Fixed an issue where new Gateway statistics were not downloaded when a new UniFi Gateway was accepted.
Fixed a translation issue in the site export wizard.
Fixed a translation problem in the 24V Passive PoE confirmation window.
Fixed the inability to adjust port settings when the device had an incorrect channel configuration.
Fixed an issue where the Wireless Meshed device could appear Offline when accepting a wireless network.
Fixed the validation of the WireGuard pre-shared key and public key.
Fixed an issue where Port Mirroring was appearing as an option in Gateway Consoles.

In addition to the fixes, the UniFi Network Application 7.5.187 update introduced graphical changes that make it easier for both network administrators and end users to keep track of wireless network performance. The main graphical changes were made to the control panel, where widgets such as:

Active Channels - Provides an overview of the channels in use at all access points.
Activity Analysis - Provides an overview of WiFi traffic, clients and transmission errors in a single graph.
Session times and TX radio transfer errors - Allows you to monitor the overall WiFi performance in your environment.

And last, in our opinion, the most important and IMPORTANT thing in this update is the addition of support for WiFiPrivate Pre-Shared Keys. Why we think this is a very important update, we will try to explain now.
Adding support for multiple passwords for a single WiFi network is not new, TP-Link in its Omada Cloud control panel has long offered a similar option, which can be found under Profile -> PPSK settings.
The first and most important thing for having multiple passwords on one WiFi network is security. We can have one very complicated network password, which, when entered, will allow us to access the VLAN that contains all the physical devices (router, switches, access points and other important devices) that ordinary users should not have access to. This means that by having a standard password for users, they won't be able to see devices in another VLAN, which provides additional protection for your devices against intrusions.
Second, you don't need to create multiple SSIDs for different purposes (management, guest network, IoT, speed-limited network, etc.). As we know, one access point can support a maximum of 8 SSIDs, this is due to the physical performance limitations of access points. By creating 8 SSIDs, access points operate at 100%, and with heavy traffic and even a small number of devices, the equipment can already reduce its performance. Password multiplexing allows you to have more than 8 passwords and does not degrade the performance of the device, allowing fast data transmission for a large number of devices.

With multiple passwords, you don't need to create a separate guest network, you can just leave a simple password for clients or guests that redirects everyone to the guest VLAN and welcome page.

This update wasn't big or global, but it did a lot of work in securing your network and improving the performance of Ubiquiti devices.
Is it worth updating right away? Of course it's worth it, because every update closes "holes" and increases the security of your network. In our opinion, it's worth updating right away when the official update comes out, because it's already tested and has almost no bugs or shortcomings. Why almost? Because no matter how many applications or services you test, there can always be a one-in-a-million situation where a device or service malfunctions (although this happens very rarely).

Keep up to date, create backups, use difficult passwords and change them regularly, and you'll be safe!

Author:
Aliaksandr Roslikau