What are some Ubiquiti Unifi Alternatives? or Z's Ditching Unifi for Good Thread

Zarathustra[H]

Extremely [H]
Joined
Oct 29, 2000
Messages
38,641
Alright,

So I've about had it with Ubiquiti.

The willingness to lie to customers about their massive security breach, to save their stock price while they customers were vulnerable was the start of it.

The fact that they are killing Unifi Video, which you could run a local only instance of on youur own server and replacing it with Unifi Protect, a dedicated device, which includes cloud integration was another issue.

I'm fairly convinced the locally hosted Unifi Controller is the next to go.

My plan is to completely get rid of all things Ubiquiti I can, as they ahve gotten rid of everything I liked about them.

The only problem is, what are the alternatives?


Wireless Access Points

My requirements are:
- Must be able to integrate and manage multiple access points
- Must support multiple SSID's on the same units, using different VLAN's
- Controller Must be able to be hosted locally, preferably on Linux or Unix
- Must not have any cloud features, or at least must be able to have them completely turned off.
- Must not have any recurring license fee's (I'd reluctantly pay a single time license fee, if it is not too nuts in home user dollars)

So, is anyone else doing this? I looked into MikroTik's access points, but there are a lot of complaints on their forums about ac (Wifi 5) software still being in beta with missing features, and there is no latest gen solution yet,

I don't even know where else to look. Cisco is likely going to have lots of things I don't like based on my requirements above.

Anyone have any other suggestions?




Video Replacement

I already have all of these damn Airvision / Unifi Video cameras I have spent money on. I'm looking for a sooftware solution that can utilize RTSP (which is what they use) and control and collect data from them using motion sensing, etc.

Requirements are similar to the above:
- Controller Must be able to be hosted locally, preferably on Linux or Unix
- Must be able to integrate and manage multiple dumb IP video cameras using RTSP, doing things like motion sensing access points on the local controller
- Must not have any cloud features, or at least must be able to have them completely turned off.
- Must not have any recurring license fee's (I'd reluctantly pay a single time license fee, if it is not too nuts in home user dollars)

I have come across three solutions:

Blue iris:
Everyone says it works well, but it is Windows only, which means I'd need to get another windows license for a dedicated Windows VM on my server to use it. A bit of a pain in the ass, and an additional expense but I guess I could live with it. It also has a one time $69 license fee. Again, not what I really wanted, but I can live with it.

ZoneMinder:
This appears to have everything i want, is free and open source and runs on Linux/Unix. Only downside appears to be that it is pretty complicated to set up, and from all accounts I can find the documentation is close to worthless.

Shinobi:
This appears to be another alternative. Easier to set up than Zoneminder, but still open source. Has some weird quirks, such as it uses the Webm format instead of typical video formats to store recordings. Will need to read up.



I'd appreciate any suggestions in both categories of WAP and Video!
 
I am very happy with Fortinet. I use their Fortigate(firewall), FortiAP(access points) and FortiSwitch(you guessed it) products. The AP and switch controllers are built into every firewall and can also be managed directly on the AP or switch directly if so desired. They do have an optional cloud features as well if one CHOOSES to use them. I do not. Please note, the cloud features must be explicitly enabled. They have a video product but beyond the fact it exists I know nothing of it. Price wise they occupy pretty much every niche from cheap to million+ solutions.
 
Last edited:
I am very happy with Fortinet. I use their Fortigate(firewall), FortiAP(access points) and FortiSwitch(you guessed it) products. The AP and switch controllers are built into every firewall and can also be managed directly on the AP or switch directly if so desired. They do have an optional cloud features as well if one CHOOSES to use them. I do not. Please note, the cloud features must be explicitly enabled. They have a video product but beyond the fact it exists I know nothing of it. Price wise they occupy pretty much every niche from cheap to million+ solutions.

Have started reading up on these. They seem like a potential solution, though I don't know if I want to swap out my pfSense firewall for one of theirs.

Also, as if the whole Cardi B stealing the term WAP wasn't bad enough, all of these Fortinet AP's have model numbers starting with "FAP"... 🤣

1622587395268.png


They are a teeny bit on the pricy side though...

Looks like I have a lot to learn, I haven't kept up with WiFi tech lately.

A few questions if you don't mind:

1.) What does the dedicated scanning radio do?

2.) Do you know how many SSID's each can support?

3.) Can I set different SSID's to use different VLAN's?

Much appreciated!
 
Last edited:
I was looking at the Ruckus R550, and R650. And boy oh boy, those prices. But, ebay is a great alternative. Lot's of good deals there for retired ruckus stuff.
 
I was looking at the Ruckus R550, and R650. And boy oh boy, those prices. But, ebay is a great alternative. Lot's of good deals there for retired ruckus stuff.

Indeed. Most of the stuff is previous gen 802.11ac stuff though. 802.11ax (or Wifi 6 or whatever the stupid new names are) are still crazy expensive.

I'm still trying to decide what to do. As much as I have come to dislike Ubiquiti Networks, the Unifi AP's are still manageable. Since I am not using their cloud services, their shitty behavior regarding that, doesn't affect me, and I have not been forced onto the cloud, yet...

The thought was to ditch the Unifi ac's while upgrading to ax from a different vendor, but I am not sure I want to spend money and get a side-grade.

Maybe I'll wait until Ubiquiti forces me to take action, or when an ax upgrade is cheaper, maybe I'll spend stupid money on latest gen Ruckus or Fortinet gear or maybe side grade. I just haven't decided yet.
 
Have started reading up on these. They seem like a potential solution, though I don't know if I want to swap out my pfSense firewall for one of theirs.





A few questions if you don't mind:

1.) What does the dedicated scanning radio do?

2.) Do you know how many SSID's each can support?

3.) Can I set different SSID's to use different VLAN's?

Much appreciated!

I'm not sure I'd go with standalone FAP as you would loose the controller which is integrated into the firewall. If you wanted fortiap I would consider a fortigate as a requirement.

1.In a non-enterprise/non-retail environment I'm not sure the scanning radio would do much. It is possible to use them for AP suppression but outside a business environment that would be frowned upon and with newer standards less effective. In business environments they are used for things such as movement mapping and data gathering (think retail and the dark art of tracking mobiles)

2. The number of SSID is determined by the controller (fortigate it runs on) as each is counted as an interface. This will vary from fgt to fgt and fap to fap.

3. As for SSID+vlan tags the short answer is yes though in fgt+fap integrated environment there are easier and arguably better/more secure ways to do this.
 
Last edited:
WiFi 6 is not a stupid name.

802.11ax, however, is. :D

Well, I've always preferred more descriptive names. 802.11ax points you straight to the standard. The Wifi 4, 5, 6 nomenclature is less precise (each contains multiple standards) and is kind of dumbed down, if you ask me.
 
Damn. Those Ruckus devices aren't cheap either.

Didn't realize just how much of a bargain the Unifi units were all this time.
Why do you think Ubiquiti is a bargain? cause they use cheap parts versus the Ruckus that is Ent. level gear that could serve 10x more people off one AP than any Ubiquiti could. Not to mention the superior quality firmware releases vs Ubi. and also support you get.
 
Still don't get the fascination with Ubiquiti. It just seems way overpriced for mediorce hardware, just for the ability to have everything same branded and be able to use their cloud management software.
 
Still don't get the fascination with Ubiquiti. It just seems way overpriced for mediorce hardware, just for the ability to have everything same branded and be able to use their cloud management software.

Gotta go back ~5+ years or so when they made their reputation as a SOHO/SMB focused company that made really nice, capable hardware/software (remember when the Edgerouter Lite came out and was actually kinda hard to get?) for a good price. No subscriptions or cloud-based crap.

When the Unifi APs came out, your other choices were basically either home routers converted with Open/DD-WRT (an increasingly fraught choice given driver support issues), or prohibitively expensive enterprise-grade gear. No one else had reasonably-priced APs that generally performed better than your typical home router, while allowing you to centrally-manage things with a cheap controller or software dumped into a RPi or VM guest.

But now, yeah... They've tried to grow and expand their product line too fast, gotten sloppy with software quality, apparently fallen behind on radio/antenna design, and (like a lot of companies) are trying to make things into subscriptions to ensure continuous cash-flow (and because SMBs love cloud shit because it's one less thing they have to worry about/hire someone to manage).
 
Still don't get the fascination with Ubiquiti. It just seems way overpriced for mediorce hardware, just for the ability to have everything same branded and be able to use their cloud management software.

Gotta go back ~5+ years or so when they made their reputation as a SOHO/SMB focused company that made really nice, capable hardware/software (remember when the Edgerouter Lite came out and was actually kinda hard to get?) for a good price. No subscriptions or cloud-based crap.

When the Unifi APs came out, your other choices were basically either home routers converted with Open/DD-WRT (an increasingly fraught choice given driver support issues), or prohibitively expensive enterprise-grade gear. No one else had reasonably-priced APs that generally performed better than your typical home router, while allowing you to centrally-manage things with a cheap controller or software dumped into a RPi or VM guest.

But now, yeah... They've tried to grow and expand their product line too fast, gotten sloppy with software quality, apparently fallen behind on radio/antenna design, and (like a lot of companies) are trying to make things into subscriptions to ensure continuous cash-flow (and because SMBs love cloud shit because it's one less thing they have to worry about/hire someone to manage).

Yup. I first started buying Ubiquiti gear just over 10 years ago.

At that point I lived in a condo where the 2.4ghz band was ridiculously congested. I tried buying increasingly well reviewed, expensive and fancy looking consumer routers but every time the result was the same. I'd get something like 0.3 MB/s even if just across the same room from the thing.

Then someone in these forums (in a thread I can no longer seem to find) recommended I give Ubiquiti's Unifi AP's a try.

I ordered their base b/g/n AP. It cost me only $82 with prime on Amazon. I remember being a little annoyed that I needed a controller, but I put a VM on my server and once it was up and running I was absolutely floored. It was as if the 2.4Ghz congestion wasn't even there. It cut right through everything. Going from getting absolute crap performance when holding my phone to the damn antenna of the best consumer router money could buy at the time (a Netgear WNDR3700 if memory serves), I suddenly had brilliant speeds, full 802.11n performance in the entire condo, and very good speeds even outside.

It was like some sort of black magic, and this "Enterprise level" (to me at the time, because I didn't know any better) Access Point had cost me less than a high end consumer router.

The reason Ubiquiti had quite a fan club was:
1.) Ridiculous performance compared to consumer devices at the time (at least in congested areas)
2.) Gave SOHO users a taste of enterprise (even if it wasn't true enterprise) at a low cost we could afford
3.) Allowed for easy expansion by adding and adopting more AP's
4.) Allowed us to use our own hardware for the controller. No need for pesky licenses or buying dedicated controller hardware
5.) The engineers who actually designed the things were active on the user forums, making suggestions and taking notes for future features and fixes, making it almost feel like a collaborative open source project.

They were essentially everything they are not today. Customer friendly, innovative, affordable and flexible.

Now they have become just another Meraki, adding licenses, cloud services, mandatory purchased hardware controllers instead of running your own, and whats worse, lying to their customers about compromised data. Now they are trying to play in the full on Enterprise environment, with prices moving into the enterprise arena (though not quite as high as others yet) licenses, cloud services, etc, with one big difference. They don't have the hardware and software design to back it up.

At $82 per AP, no license fees ever, and flexibility to run your own hardware, and devices much more performance and reliable than consumer gear, they were an excellent stepping stone for the SOHO user until their needs grew to where they required Cisco or other high end enterprise gear. In some cases at the close to $500 per AP level where their new stuff is, and increasingly pressure to move to cloud services and licenses, they no longer are.
 
I guess everyone is finally discovering why Ubiquiti was never "enterprise" - they merely unlocked a distributed and scalable architecture at a much lower price point. I've been using their AP's at my parents house for almost 10 years and it's got to the point where I'm crossing my fingers every time I perform a firmware upgrade.

Unfortunately, there is really nothing else in the space that can compete at the price point unless you buy used enterprise gear or have hookups that can get you hardware for free.

I looked at Ruckus for an extremely large project 5 or 6 years ago. Their sales rep pissed my CEO off so much that he threw him out of the office. Never got a real chance to play with their hardware so can't comment one way or another on how good the experience is.
 
Yup. I first started buying Ubiquiti gear just over 10 years ago.

At that point I lived in a condo where the 2.4ghz band was ridiculously congested. I tried buying increasingly well reviewed, expensive and fancy looking consumer routers but every time the result was the same. I'd get something like 0.3 MB/s even if just across the same room from the thing.

Then someone in these forums (in a thread I can no longer seem to find) recommended I give Ubiquiti's Unifi AP's a try.

I ordered their base b/g/n AP. It cost me only $82 with prime on Amazon. I remember being a little annoyed that I needed a controller, but I put a VM on my server and once it was up and running I was absolutely floored. It was as if the 2.4Ghz congestion wasn't even there. It cut right through everything. Going from getting absolute crap performance when holding my phone to the damn antenna of the best consumer router money could buy at the time (a Netgear WNDR3700 if memory serves), I suddenly had brilliant speeds, full 802.11n performance in the entire condo, and very good speeds even outside.

It was like some sort of black magic, and this "Enterprise level" (to me at the time, because I didn't know any better) Access Point had cost me less than a high end consumer router.

The reason Ubiquiti had quite a fan club was:
1.) Ridiculous performance compared to consumer devices at the time (at least in congested areas)
2.) Gave SOHO users a taste of enterprise (even if it wasn't true enterprise) at a low cost we could afford
3.) Allowed for easy expansion by adding and adopting more AP's
4.) Allowed us to use our own hardware for the controller. No need for pesky licenses or buying dedicated controller hardware
5.) The engineers who actually designed the things were active on the user forums, making suggestions and taking notes for future features and fixes, making it almost feel like a collaborative open source project.

They were essentially everything they are not today. Customer friendly, innovative, affordable and flexible.

Now they have become just another Meraki, adding licenses, cloud services, mandatory purchased hardware controllers instead of running your own, and whats worse, lying to their customers about compromised data. Now they are trying to play in the full on Enterprise environment, with prices moving into the enterprise arena (though not quite as high as others yet) licenses, cloud services, etc, with one big difference. They don't have the hardware and software design to back it up.

At $82 per AP, no license fees ever, and flexibility to run your own hardware, and devices much more performance and reliable than consumer gear, they were an excellent stepping stone for the SOHO user until their needs grew to where they required Cisco or other high end enterprise gear. In some cases at the close to $500 per AP level where their new stuff is, and increasingly pressure to move to cloud services and licenses, they no longer are.
I've heard positive things about TP link Omada gear.

https://www.tp-link.com/us/support/download/omada-software-controller/
 
Came here to post TP link and TordanGow beat me to it.

I haven't reached your level just yet but I do see the writing on the wall.

I never got into their video stuff or their security stuff, never had any reason to.

I tried their UDM and UDM Pro lineup and ended up just re-purposing an old gaming rig into a PfSense box and haven't been happier.

Doing this and then filling in the dashboard and network visibility gaps with open source solutions has provided a great solution for my needs, and I don't have any issues with UniFi as I don't run their hardware except for where it's required, SW/AP.

Their controller is hosted on a vm along with my visibility and dashboard stack and it really does work, way more control, performance, trending information, troubleshooting etc.. all improved.
 
Ruckus and Aruba both offer "controllerless controllers" in their AP's, so any one of them can be a virtual controller. I use Ruckus at home. Yes they are expensive, but that's because Ruckus, Aruba and Cisco are enterprise grade hardware. You may not need as many AP's in a dense location. Now, if you need 1 AP for multiple locations, then yeah it can get expensive. -- I have a pair of R610 models at home. 3x3 802.11ac wave2 with MU-MIMO is more than I need. Bought both on eBay at a discount.

For video I use Blue iris and mostly Dahua cameras, with a couple Hikvision ones. It does everything I need. I do have a dedicated i7 box though since most functions are in software. Dahua/Hikvision will be a grade better than the Ubiquiti stuff. Like many people have said, Ubiquiti is simply consumer grade crap with a pretty interface.
 
What would you guys recommend for a home office setup if Ubiquiti is losing favor? I want something that is plug 'n play and as set it and forget it as I can get. I also want to add video cameras (~4-6) around the house that is not connected to any cloud services. The UI product line ticks all of the boxes for me but I don't like the direction the company seems to be going in nor are all of the negative comments from customers reassuring. My days with tinkering with Linux and bringing up makeshift boxes are over. I'm a Mac guy now so I'm used to paying more for products that just work and are easy to use.
 
What would you guys recommend for a home office setup if Ubiquiti is losing favor? I want something that is plug 'n play and as set it and forget it as I can get. I also want to add video cameras (~4-6) around the house that is not connected to any cloud services. The UI product line ticks all of the boxes for me but I don't like the direction the company seems to be going in nor are all of the negative comments from customers reassuring. My days with tinkering with Linux and bringing up makeshift boxes are over. I'm a Mac guy now so I'm used to paying more for products that just work and are easy to use.

I have not acted yet as I am behind on everything right now, but my research thus far has me leaning towards Ruckus.

Just make sure you get a model that can be flashed with so called "unleashed" firmware, which is controllerless. If you want multiple AP's one of them apparently takes the role as controller and controls the rest.

There is a 21 page thread of this on Servethehome if you feel like spending some time reading.
 
I've been using a pair of Ruckus R610 access points in my house for years. I really only need one. They are true enterprise grade hardware.
 
I've been using a pair of Ruckus R610 access points in my house for years. I really only need one. They are true enterprise grade hardware.
I just did a quick look up of those on Amazon ... Holy smokes .. $350'ish? Being poor white trash and all, I'm going to have to stick with my EOL green lit' UniFi AP's (4 of them) and running the UniFi Controller software in a jail on my TrueNAS box .. :(
 
Ruckus and Aruba are solid solutions. Probably the best enterprise wifi gear is Xirrus. You know if you have to "light up" a stadium, large hotel, casino, cruise ship, et-al.
Looks like Cambium bought them in 2019...

https://www.cambiumnetworks.com/xirrus/

Getting back to Earth...

I like unifi for home and soho for sure. Really pissed when they EOL'd unifi video. Protect is OK but it would be better, far better if they had a DIY option. And FFS fix the iOS app for protect! With UHD cameras there's simply not enough storage options. Some users need long periods of retention and low stream rates/frame rates in this day and age is unacceptable. I've been asking them to support iSCSI over 10Gbps SFP+ which the DMP and NVR products have (hardware wise) for external storage options but they feel its not necessary.

Speaking of the green lights on the old APs all of our APs blue glow is gone except in totally dark rooms. Those blue LEDs fade quickly. Maybe the next round will be RGB! I hope not! ;-)
 
"Speaking of the green lights on the old APs all of our APs blue glow is gone except in totally dark rooms. Those blue LEDs fade quickly. Maybe the next round will be RGB! I hope not! ;-)"

now that I think of it, my blue glow is fairly dim as well
 
Local cops have great affinity for Deliberant/LigoWave. They set up long-distance mesh networks all over town for surveillance cameras. It is quite scary...
 
I just did a quick look up of those on Amazon ... Holy smokes .. $350'ish? Being poor white trash and all, I'm going to have to stick with my EOL green lit' UniFi AP's (4 of them) and running the UniFi Controller software in a jail on my TrueNAS box .. :(
To me, wireless is one of those things where only Enterprise gear qualifies as "adequate", while consumer gear is "garbage". Yes, that is a snob attitude and I'll own it. I don't feel that way about switches or other network gear. Some low end stuff is fine for home use, obviously. But the #1 (network) complaint people tend to have in the home is about WiFi.
 
I just did a quick look up of those on Amazon ... Holy smokes .. $350'ish? Being poor white trash and all, I'm going to have to stick with my EOL green lit' UniFi AP's (4 of them) and running the UniFi Controller software in a jail on my TrueNAS box .. :(
I feel like spiderman pointing at another spider man, man.
 
My apologies if this was mentioned already and I missed it, but if you're going to use Blue Iris I would recommend running it bare metal on a machine that has Intel onboard video vs running it in a VM. If it can use Quicksync it will use significantly less CPU, perform better and use less power. You can get something like a used Dell Optiplex with an i7-4770s for probably less than you'd pay for a legitimate Windows 10 license to throw in a VM. These days you can probably even get something with an i5-8400 for not that much more than a Windows license itself would be. I've never found anything that compares Blue Iris, even though I would prefer to use something *nix for something like that if I could but Zoneminder, etc. are very far behind Blue Iris.
 
Zarathustra[H] did you ever move forward with anything from Ruckus? I was finally ready to start seriously committing to some new networking gear and options after a while on the back burner about adding security cameras. I thought Ubiquiti might be a somewhat convenient option to have it all unified, but yeah keep running into comments like yours along with the breach allegations.
 
Zarathustra[H] did you ever move forward with anything from Ruckus? I was finally ready to start seriously committing to some new networking gear and options after a while on the back burner about adding security cameras. I thought Ubiquiti might be a somewhat convenient option to have it all unified, but yeah keep running into comments like yours along with the breach allegations.

I haven't yet. It's still on the back burner. Been busy with other stuff after moving, unfortunately.
 
The Ruckus APs I want are waaay over priced now. R650 or R750
 
Zarathustra[H] did you ever move forward with anything from Ruckus? I was finally ready to start seriously committing to some new networking gear and options after a while on the back burner about adding security cameras. I thought Ubiquiti might be a somewhat convenient option to have it all unified, but yeah keep running into comments like yours along with the breach allegations.

FWIW, it now appears that the breach was an inside job, with the perpetrator turned "whistleblower" as the cherry on top:
https://www.bleepingcomputer.com/ne...ev-charged-for-trying-to-extort-his-employer/

Could have happened to most any company. Though it certainly looks like they may need to review some of their policies for admin oversight/review (i.e., changes like that shouldn't be invisible to everyone but the one pushing them to production).
 
FWIW, it now appears that the breach was an inside job, with the perpetrator turned "whistleblower" as the cherry on top:
https://www.bleepingcomputer.com/ne...ev-charged-for-trying-to-extort-his-employer/

Could have happened to most any company. Though it certainly looks like they may need to review some of their policies for admin oversight/review (i.e., changes like that shouldn't be invisible to everyone but the one pushing them to production).

Oh wow interesting turn of events to say the least. Yeah it was this thread I found last night and was reading the linked article. And spent just a little bit searching about Ruckus after some of the comments. Does make it a little better I suppose. Still some eh decisions to make since I don’t have the space to put real rack equipment and their desktop offerings aren’t always feature comparable (dream machine vs dream machine pro for example).
 
For the Acces points, look into the Aruba Instant Access Points. I love them. We had Cisco before with no controller. We did setup some software to push and backup configs but it was a pain. Looking into the controller and licensing was not something we wanted to do. Got an email to go to a webinar and get a free device. Easy as heck! When I went to have them deployed. I setup one for the building turned on the proxy stuff so now I only had one device in the radius config and all devices use that one IP for auth, I plugged that in and told my installer to put up the rest but let me know what rooms have what MAC address. Beyond that even before they were bought by HP(e) they had the same mindset that firmware updates are free. So you don't have to worry about a vulnerability but no support contract.

If you still want a controller, you can still buy IAPs and get a controller and license, I believe it's perpetual but if you don't keep the up to date, at a certain point you'll stop being able to get newer OSes. The IAPs can be converted (this is built in) into ones for the controller and back. However, if you want to do it all on your own and don't have multiple locations, I think you're not going to need the controller.
 
For the Acces points, look into the Aruba Instant Access Points.

I've used both Cisco controller based, and Aruba IAP in different companies. My current company uses Aruba IAP and it works great. Most of the heavy lifting for auth is via ClearPass, so I don't need too many smarts in the AP's.
 
Back
Top