Hello everyone,
I am currently considering how to set up the network in our house.
In this context, I thought it would be great if some of you could share how you have implemented a high-end network on an individual basis.
I am an IT professional myself, but my focus lies elsewhere. Nevertheless, feel free to get technical—I assume I will understand you.
I am interested in:
- How have you segmented your networks?
- What devices do you use (manufacturer-independent)?
- Which devices (manufacturer-independent) do you group together in which network, and why?
- Which networks do you allow to communicate with each other?
- How have you implemented external access, if desired?
- Do you perhaps have a DMZ?
- In your opinion, what is a “must-have” and what is a “nice-to-have”?
I am currently considering how to set up the network in our house.
In this context, I thought it would be great if some of you could share how you have implemented a high-end network on an individual basis.
I am an IT professional myself, but my focus lies elsewhere. Nevertheless, feel free to get technical—I assume I will understand you.
I am interested in:
- How have you segmented your networks?
- What devices do you use (manufacturer-independent)?
- Which devices (manufacturer-independent) do you group together in which network, and why?
- Which networks do you allow to communicate with each other?
- How have you implemented external access, if desired?
- Do you perhaps have a DMZ?
- In your opinion, what is a “must-have” and what is a “nice-to-have”?
J
JoachimG.23 Oct 2021 11:31As an experienced networker, I can tell you: anything other than Unifi is even more expensive.
There are options that are easier to manage and offer better performance, such as Cisco Meraki, but those are significantly more expensive and involve recurring licensing fees (1, 3, 5, 7, 10 years).
Everything else, whether Aruba IAP, ALE Stellar, Ruckus, or whatever, is still far behind Ubiquiti in terms of price and features.
If you want something that’s not 5 or 10 times more expensive than Unifi, the Access Point series from Fortinet is worth considering. You can manage the APs together with a Fortigate firewall and FortiSwitches directly from the firewall.
All of it is graphical, colorful, includes topology diagrams, and so on.
It’s clearly more complex than Ubiquiti, with many more security features and control, and it costs "only" about twice as much.
So I can now give four clear recommendations in the (W)LAN area.
AVM Fritz portfolio for those who just want to press buttons and don’t need to adjust settings.
Ubiquiti for the budget-conscious with many features (factor 1).
Fortinet for security enthusiasts who want to get more involved with the technology (roughly 2 to 3 times more expensive).
Cisco Meraki for those who want an enterprise network, fully cloud-managed yet still easy to administer. It can integrate Wi-Fi, LAN, sensors (temperature, water, doors, etc.), and cameras. With the app or dashboard, you can, if needed, block your kids’ Wi-Fi or access your cameras from Samoa without complex configuration (about 5 times more expensive).
And the most important tip: good Wi-Fi needs cables! Sounds strange, but it’s true. I hate mesh networks.
There are options that are easier to manage and offer better performance, such as Cisco Meraki, but those are significantly more expensive and involve recurring licensing fees (1, 3, 5, 7, 10 years).
Everything else, whether Aruba IAP, ALE Stellar, Ruckus, or whatever, is still far behind Ubiquiti in terms of price and features.
If you want something that’s not 5 or 10 times more expensive than Unifi, the Access Point series from Fortinet is worth considering. You can manage the APs together with a Fortigate firewall and FortiSwitches directly from the firewall.
All of it is graphical, colorful, includes topology diagrams, and so on.
It’s clearly more complex than Ubiquiti, with many more security features and control, and it costs "only" about twice as much.
So I can now give four clear recommendations in the (W)LAN area.
AVM Fritz portfolio for those who just want to press buttons and don’t need to adjust settings.
Ubiquiti for the budget-conscious with many features (factor 1).
Fortinet for security enthusiasts who want to get more involved with the technology (roughly 2 to 3 times more expensive).
Cisco Meraki for those who want an enterprise network, fully cloud-managed yet still easy to administer. It can integrate Wi-Fi, LAN, sensors (temperature, water, doors, etc.), and cameras. With the app or dashboard, you can, if needed, block your kids’ Wi-Fi or access your cameras from Samoa without complex configuration (about 5 times more expensive).
And the most important tip: good Wi-Fi needs cables! Sounds strange, but it’s true. I hate mesh networks.
D
Daniel-Sp23 Oct 2021 11:35There are also frequent reports about Unifi switches that some models need to be rebooted more or less often. If you are considering VLAN segmentation, you can also use second-hand Cisco switches. There are good guides available in the administrator forum for those as well. They run very stable...
These are usually the USGs; the switches and access points are generally quite stable. I have a pfSense in front of mine, which also runs the controller. It has never crashed. The number one mistake with Ubiquiti is to click on the update as soon as it appears. Ubiquiti tends to test their firmware updates in the field.
C
C.beckmann198623 Oct 2021 12:55So, am I correct in understanding that Unifi is already the right choice for my needs? There hasn’t been much feedback about TP-Link Omada yet—isn’t it somewhat similar and significantly cheaper?
Currently, 12 LAN outlets are permanently installed in the house. Three of them are located centrally on the wall of the floor for the access points, and one is for an outdoor camera. At the moment, I need at least 4x PoE.
That’s why I was considering the 16 PoE switch, but with router, NAS, Hue, etc., 16 ports might already be tight. The 24 PoE switch from Unifi, however, is quite a serious option.
Do you have any specific recommendations for me? Especially for the switch and access point? Instead of the NanoHD, maybe even the U6 Lite because of Wi-Fi 6?
Currently, 12 LAN outlets are permanently installed in the house. Three of them are located centrally on the wall of the floor for the access points, and one is for an outdoor camera. At the moment, I need at least 4x PoE.
That’s why I was considering the 16 PoE switch, but with router, NAS, Hue, etc., 16 ports might already be tight. The 24 PoE switch from Unifi, however, is quite a serious option.
Do you have any specific recommendations for me? Especially for the switch and access point? Instead of the NanoHD, maybe even the U6 Lite because of Wi-Fi 6?
J
JoachimG.23 Oct 2021 14:20My interest in the Omada portfolio ended when I saw that the access points do not support 802.11h. Without DFS and TPC, operating them in the 5 GHz band in Germany is basically not legal. Although no one really cares, I have unfortunately experienced too many problems with access points without these features. This is a common issue with many inexpensive 5 GHz devices that do not meet certain standard requirements. For example, the FireTV Stick is hardly usable on an Aruba enterprise WLAN because, true to its name, it belongs more in a fire than in a proper WLAN.
C
C.beckmann198625 Oct 2021 22:23Are there any other tips you can give me? Which access point would you recommend?
Similar topics