Problem / Question
We are currently evaluating options to upgrade our wireless access points in a location (10 access points). Our current solution is SonicWall SonicPoint, which we have found to be unreliable, difficult to configure and manage, and expensive.
I am considering replacing my NSA 2600 firewall with a Fortinet appliance and am exploring Fortinet access points for the same. However, these are rather costly; therefore, I am also looking into cheaper alternatives such as Unifi, D-Link, ASUS, and TP-Link for my wireless access point requirements.
I require a Wireless Access Point (WAP) to provide both corporate and guest networking capabilities. Additionally, I would like for the WAP to feature a mesh network configuration, allowing clients to connect to the Access Point with the strongest signal, this is something that SonicWall does not offer.
I had a concern that the combination of networks would make it more challenging to create two SSIDs (corporate and guest). Typically, this would be achieved with a VLAN. Is there any potential problem with incorporating Unifis that would be able to function with VLANs?
Are there any alternative solutions available? I am currently using Fortinet APs and the associated costs are quite high. I would appreciate any suggestions or advice. Thank you.
Solution / Answer #1
I have extensive experience with over 1000 Unifi installations, managing 80 sites of various sizes, including marinas, nightclubs, and small-to-medium businesses. I believe that TP-Link, D-Link, and Asus products are sufficient for household purposes, but not recommended for business use.
Unifi does not offer routing and advanced firewall services. While the USG/Dream machines are suitable for basic needs, for more complex requirements, such as IPS/IDS/Routing, adding a Netgate pfsense appliance is recommended.
From my experience, the failure rate of Unifi devices is lower than that of home access points. Furthermore, Unifi does not require any licensing fees, making it much more cost-effective than Fortinet, Cisco, and Ruckus devices. Additionally, Unifi saves money on support costs, which is typically the most expensive aspect of product sales.
I find Microtik products to be quite appealing; however, their configuration can be confusing as some tasks are done through WEBOS whilst others are completed using CLI. Furthermore, the cost is low and there are no licensing fees; however, the support services are not as comprehensive as other options.
Some customers have chosen to replace their Fortinet equipment with Unifi equipment due to the higher costs associated with renewing their Fortinet licensing.
Solution / Answer #2
I highly recommend considering Ubiquiti for your needs. Their products offer an excellent range of features at an affordable price, and have consistently proven to be reliable.
Solution / Answer #3
Unifi is highly proficient in utilizing Virtual Local Area Networks (VLANs). All-in-one devices can be suitable for certain applications, however, I prefer discrete devices for increased control over specific tasks. For instance, a router can handle routing, a Next Generation Firewall (NGFW) provides firewalling, and a switch can be used for switching. An Access Point should not be confused with a router. Furthermore, WIFI hand-off does not constitute mesh networking.