Nope, neither are worth anything but being a paper weight compared to a proper appliance or just pfsense. Stop perpetuating old guard antics.
Could you share what it is about Meraki that you despise? I have a client that’s on the fence between staying w/UI or upgrading to Meraki.
Thanks for the feedback. For the scale I’m talking about, what are we talking about in terms of maintenance? Updating a firmware from time to time? I can’t really see settings needing to be changed regularly. For Palo Alto, what are we talking about cost-wise?
Interesting. So many options! Surprised I’m being given so many options beyond Ubiquiti on this sub. Is Unifi mostly deployed for home networks?
Thank you. Yes, I notice there are many opinions!
I will be able to put the firewall router in a rack so that’s why I wanted to have a separate WiFi access point. I always understood that something like a dream machine was a bit noisy: can you have a MX67 directly in an office?
We use edge router with 3 WANs in load balancing and failover, 5 LAN out on different VLans, and have a backup router just below in main rack, ready with same configuration and powered. Took 60 seconds to change the 8 patch cables from 1 to the other and there is staff 24/24 (hotel).
We have also other redundancy for main link between racks
Never needed more… at least till today.
That’s what we do, and that’s our value.
We charge equipment at Buying Cost x 1.7 to 2… With this extra margin (on top of benefits on the work hours), we can very easily stock enough spares for all our customers - and they still have a total bill WAY under even Aruba Instant On, not even mentioning Cisco / Ruckus / …
Having gone through this, I recommend you go with Fortigate. You can have them analyze your network and configure the device if you wish. It’s a good choice if you don’t have anyone working there who is able to tackle it.
Once it’s setup, you can utilize your support contract when making changes.
Get a dream machine SE or pro, set up the protections proper and you’ll be secure as can be their VPN is simple to setup including site to site.
Not at all. What you’re paying for with Fortigate is more options and settings to fiddle with.
If they’re a company with a lot of IP, then where are they storing that IP if not in a server with proper backups and security precautions?
No offense, but if they’re really concerned with this, the company might want to look into contracting with a managed services provider that can manage these things on a regular basis for them. You need to regularly install updates on networking devices just like you do on computers. Fortinet has at least 4 different supported firmware branches that I’m aware of so they don’t automatically update. You have to choose which branch of firmware you’re most comfortable with and keep it up to date and then choose when you want to change branches based on your needs.
Not sure what you mean by “perpetuating old guard antics.” All I did was say those systems might be worth it over what unifi provides depending on the needs. Fortigate in particular is recommended by most security people I talk to especially for smaller businesses.
Recommending something like pfsense to someone who has already said they have minimal networking knowledge is also not helpful.
You mention proper appliances and yet don’t give any details. I’m personally curious what you mean by that.
We were invited to an event, introducing us to Meraki stuff, with no mention of all the additional costs. We were given a few APs, told they were gifts to try them out.
So we did, they were better than the nothing we had, but then we found out afterwards that everything required a subscription that had to be paid for, forever or the device wouldn’t really work.
Perhaps at this point they’ve changed, but I am not only tired of companies trying to lock us into subscriptions I will now actively avoid them - and more so I’ll avoid Meraki due to their vendors decision to completely not mention continuous never ending costs for network hardware.
I ended up having us go with UI devices which I’ve been pretty happy with - not perfect, I’ve had my issues with them including a time frame where any updates would freeze the device (it still worked) and needed to be rebooted via SSH or in person, but that was primarily a configuration issue that the UI allowed us to make.
Other than that, I am happy with UI. I buy the device, it works, and we don’t pay forever for the device.
I can’t give you any pricing, but expect Palo to be the most expensive option. If you want a balance between cost and level of effort required to maintain, Fortigate may be the best option. Once it’s setup, the main important thing is to keep it running the recommended firmware version. Depending on what features you use, further monitoring/tuning may be required. For example if you enable web filtering and IDS/IPS policies (which you should), you’ll probably have to spend a fair bit of time tweaking the polices until you get it just right.
He’s factually wrong. These bullshit bros don’t want you to find out sdlan/sdwan can do their job with a few clicks ;).
They are not that pricey and the license is for support and I guess IDS and AV… nvm 
play sad saxo sound lol
As long as it works for you and the business. Personally, I don’t want to be woken in the middle of the night and go into the office to swap some cables. HA is a must for my environment.
I guess I just want to be sure I set the protections proper…
Old guard = I should charge for the luxury of using clamav…
Pfsense is as complicated as either of the junk you suggested while also performing about 10x better at 0 of the cost.
I think you hit the nail on the head. You have got to come up with what works for your business. If a brief down time to swap, some cables is fully acceptable, then I think the whole ubiquiti lineup is very functional in a business environment. If even that few minutes of downtime is not acceptable then you need an HA set up and to look elsewhere.