![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Purpose: I am hoping this will serve as a reference to all members as to what you should be purchasing based on how comfortable you are with technology, and where you are needing to get your network. The biggest reason for this thread is to help everyone understand that reliable, secure, and better network equipment can be purchased and installed for about half the cost of the higher end consumer-grade routers. I will be repeating some things in all sections. This is intentional as some users may not want to read every word in this post. However, they should still benefit from full disclosure. So, you will see things like "always connect over Ethernet cable if possible" repeated in each section.
TL;DR
"What qualifies you to offer advice on this subject?"
"Why does any of this matter?"
"What is all this b/g/n/ac stuff? Why do I care?"
"I am a tinkerer and don't necessarily want the most expensive equipment, but I do want all the cool features like packet capture, VLAN, security, granular control, QoS, BWM, and all the other cool features that enterprises get in their expensive equipment! I must have it!!!"
If anyone has questions, recommendations, requests, or any other input that would help make this a better thread, please speak up and let me know!
The following sections are going to be left as a work-in-progress for me to build upon when I have time.
3rd party references and reading material:
-https://arstechnica.com/gadgets/2015/10/review-ubiquiti-unifi-made-me-realize-how-terrible-consumer-wi-fi-gear-is/
-https://www.troyhunt.com/ubiquiti-all-the-things-how-i-finally-fixed-my-dodgy-wifi/
Example price comparison for the recommendation I make under the "TL;DR" section for the Ubiquiti equipment:
MSRP of Netgear (R8000-100NAS) Nighthawk X6 AC3200: $260 (not including shipping)
MSRP of Ubiquiti Edgerouter X with Ubiquiti Unifi Ap-AC Lite - Wireless Access Point: $54.75 + $89.00 = $143.75 (not including shipping)
MSRP of Netgear (R8000-100NAS) Nighthawk X6 AC3200: $260 (not including shipping)
MSRP of Ubiquiti Edgerouter X with Ubiquiti Unifi Ap-AC Lite - Wireless Access Point: $54.75 + $89.00 = $143.75 (not including shipping)
TL;DR
"I just want your most reasonable recommendation for what I should be purchasing to install and setup for my home network. I want to be happy for years, not have to worry about hackers, and have reliable network equipment."
Grab a Ubiquiti Edgerouter X: https://www.amazon.com/dp/B0144R449W
Pair it with a Ubiquiti Unifi Ap-AC Lite - Wireless Access Point: https://www.amazon.com/dp/B015PR20GY
Don't forget to use the [H] referral link if you're going to be purchasing from Amazon (click this link before purchasing on Amazon for it to work)
https://www.amazon.com/?tag=hardfocom-20
Video for assistance configuring these devices:
Grab a Ubiquiti Edgerouter X: https://www.amazon.com/dp/B0144R449W
Pair it with a Ubiquiti Unifi Ap-AC Lite - Wireless Access Point: https://www.amazon.com/dp/B015PR20GY
Don't forget to use the [H] referral link if you're going to be purchasing from Amazon (click this link before purchasing on Amazon for it to work)
https://www.amazon.com/?tag=hardfocom-20Video for assistance configuring these devices:
"What qualifies you to offer advice on this subject?"
- I have years of training with enterprise and consumer-grade equipment. This includes (on the enterprise side of things) Cisco, Sophos, pfSense, ZyXEL, Sonicwalls, and others. This includes almost any type of setup you could possibly imagine; granular firewall rules to block specific protocols, Quality of Service (QoS) rules, Bandwidth Monitoring (BWM) rules, and VPN setup to name a few. On the consumer side, I've touched close to every device on the market as of posting this thread.
"Why does any of this matter?"
- Because you want a secure network that can't be compromised. This means your information is safe!
- Because you want a reliable network that you won't have to touch for years to come. Sit back and relax!
- Because you want to be an informed consumer about what features and options are available to you.
- Because the landscape for network equipment is so broad. We need some reference points.
"What is all this b/g/n/ac stuff? Why do I care?"
Before I go in to the wireless stuff below, I want to say that if you can run an Ethernet cable to your devices, run the Ethernet cable! You will have a far better experience no matter what you use your Internet connection for! Now on to the wireless overview.
These are wireless "standards". It loosely refers to the frequency that your wireless signal will use to transmit your data over your wireless signal. You care because this can determine if you have weak or strong signal to your devices.
A good rule of thumb is that if you are not able to directly plug your devices in to your router, you will be looking for AC. It's the newest standard and will offer the highest throughput (total amount of data able to be transmitted and received to/from all devices simultaneously). All devices (phones, PCs, consoles) do not have AC compatibility, but don't worry! Your wireless router is backwards compatible with the b/g/n that your device uses, in the case that your device isn't AC compatible. If you get a router with AC, you will almost always end up with 2.4GHz and 5GHz frequencies, so no worries there.
These are wireless "standards". It loosely refers to the frequency that your wireless signal will use to transmit your data over your wireless signal. You care because this can determine if you have weak or strong signal to your devices.
A good rule of thumb is that if you are not able to directly plug your devices in to your router, you will be looking for AC. It's the newest standard and will offer the highest throughput (total amount of data able to be transmitted and received to/from all devices simultaneously). All devices (phones, PCs, consoles) do not have AC compatibility, but don't worry! Your wireless router is backwards compatible with the b/g/n that your device uses, in the case that your device isn't AC compatible. If you get a router with AC, you will almost always end up with 2.4GHz and 5GHz frequencies, so no worries there.
"I am a tinkerer and don't necessarily want the most expensive equipment, but I do want all the cool features like packet capture, VLAN, security, granular control, QoS, BWM, and all the other cool features that enterprises get in their expensive equipment! I must have it!!!"
Welcome to the tricky world of controlling every little detail of your network traffic! You will have a few really nice options to choose from here.
Wireless disclaimer: Keep in mind that most of this hardware (just like the recommendation at the beginning of this thread) doesn't include WiFi out of the box. You must purchase a separate Access Point (AP), which is essentially a wireless antenna that connects to your router/firewall over Ethernet cable, in order to add WiFi to your network. If you already own a wireless router, you might be able to turn it into a wireless access point, thus avoiding the need for an additional purchase. Check your manufacturer's documentation for this feature before purchasing a separate AP if you're looking to save money.
Some of these devices require a subscription for certain features. Do your research on these devices prior to purchasing to ensure you are getting the features that you need for the price that you want.
Wireless disclaimer: Keep in mind that most of this hardware (just like the recommendation at the beginning of this thread) doesn't include WiFi out of the box. You must purchase a separate Access Point (AP), which is essentially a wireless antenna that connects to your router/firewall over Ethernet cable, in order to add WiFi to your network. If you already own a wireless router, you might be able to turn it into a wireless access point, thus avoiding the need for an additional purchase. Check your manufacturer's documentation for this feature before purchasing a separate AP if you're looking to save money.
- My first recommendation starts at free*:
*pfSense is completely free if you have spare/unused hardware lying around that you don't currently use. It's also possible (although I personally wouldn't recommend running it long-term in this configuration) to run pfSense in a Virtual Machine (VM) on your existing computer. This would require your existing computer be the main device plugged in to your modem, and all other devices passing through it. I won't cover this here, as it isn't recommended. However, there are guides out there if you truly just want to tinker and explore the feature set.
pfSense hardware for purchase also exists. I will link their site directly for reference. You can check out their offered devices here: https://www.netgate.com/products/appliances/ Again, remember these devices don't have WiFi built-in. Check "Wireless disclaimer" above.
pfSense hardware for purchase also exists. I will link their site directly for reference. You can check out their offered devices here: https://www.netgate.com/products/appliances/ Again, remember these devices don't have WiFi built-in. Check "Wireless disclaimer" above.
- Next recommendation is the recommendation I made at the beginning of the thread. This offers, at a very low entry cost, many great features, and top-notch security with very little configuration needed. As this combo comes in around $130 for the two, it's second in the list. There's still plenty of tinkering, options, features, etc available to you as the advanced user. While the combo does include the AP that gives you wireless, if you only purchase the Edgerouter, you will not have Wi-Fi built-in.
Some of these devices require a subscription for certain features. Do your research on these devices prior to purchasing to ensure you are getting the features that you need for the price that you want.
- ZyXEL USG20-VPN https://www.amazon.com/dp/B01E1DSKUS
This is a good entry-level enterprise option. This also comes in options with built-in WiFi, so you won't need to purchase or setup a separate AP.
Manufacturer link: https://www.zyxel.com/us/en/products_services/usg20_vpn_usg20w_vpn.shtml?t=p
Don't forget to use the [H] referral link if you're going to be purchasing from Amazon (click this link before purchasing on Amazon for it to work) https://www.amazon.com/?tag=hardfocom-20
Manufacturer link: https://www.zyxel.com/us/en/products_services/usg20_vpn_usg20w_vpn.shtml?t=p
Don't forget to use the [H] referral link if you're going to be purchasing from Amazon (click this link before purchasing on Amazon for it to work)
https://www.amazon.com/?tag=hardfocom-20- Sonicwall SOHO https://www.amazon.com/dp/B01LXHI2MT/
These are a solid option. They are a bit more expensive, and require paid subscriptions to gain access to the additional features in the software.
Manufacturer link: https://www.sonicwall.com/en-us/products/firewalls/entry-level
[H] Amazon referral link https://www.amazon.com/?tag=hardfocom-20
Manufacturer link: https://www.sonicwall.com/en-us/products/firewalls/entry-level
[H] Amazon referral link https://www.amazon.com/?tag=hardfocom-20
- Cisco Meraki MX firewall https://www.amazon.com/dp/B00T8A247U
These are also a solid option. They are cloud-managed, and offer a lot of features. Just like with any of these higher end recommendations, you should check all the features and do your research on what you're getting.
Manufacturer link: https://meraki.cisco.com/products/appliances/mx64
[H] Amazon referral link https://www.amazon.com/?tag=hardfocom-20
Manufacturer link: https://meraki.cisco.com/products/appliances/mx64
[H] Amazon referral link https://www.amazon.com/?tag=hardfocom-20
If anyone has questions, recommendations, requests, or any other input that would help make this a better thread, please speak up and let me know!
The following sections are going to be left as a work-in-progress for me to build upon when I have time.
Live streaming services such as DirecTVnow, PSVue, Sling, and others (IPTV falls in to this category)
Traditional streaming services such as Netflix, HBOGO, Hulu
Video games (console and PC) - wired/wireless
Facetime, Skype, Discord, Steam voice chat, VVoIP/video phones - wired/wireless
Security cameras - wired/wireless
Honorable mention - The DD-WRT stuff is worth mentioning here. The drawback, and why it wasn't featured above, is that you are still stuff on lower-end consumer-grade hardware.
Traditional streaming services such as Netflix, HBOGO, Hulu
Video games (console and PC) - wired/wireless
Facetime, Skype, Discord, Steam voice chat, VVoIP/video phones - wired/wireless
Security cameras - wired/wireless
Honorable mention - The DD-WRT stuff is worth mentioning here. The drawback, and why it wasn't featured above, is that you are still stuff on lower-end consumer-grade hardware.
3rd party references and reading material:
-https://arstechnica.com/gadgets/2015/10/review-ubiquiti-unifi-made-me-realize-how-terrible-consumer-wi-fi-gear-is/
-https://www.troyhunt.com/ubiquiti-all-the-things-how-i-finally-fixed-my-dodgy-wifi/
should last you a good long time. And, you will have features available to you should the need arise in the future. Which, for me, always seems like it does 
