Has UI gone downhill ? or is it just because of all the negative feedback ?
Data leaks happen! It shouldn't but that's just how the world is. UI has been honest about it, and informed every customer as a precaution. (I assume they're still investigating).
I can't be sure, but since UniFi Video went offline at the same time the breach was announced, a week earlier than it was scheduled to, that might have been the entry point.
In any case, the UDM (despite all the negative talk) is a fine machine, and does what it promises to do. If you want similar performance you're either looking at building something yourself, or paying twice of what you paid for a firewall appliance. The Netgate SG-3100 has less performance at twice the cost.
You need a UI account to set it up, but that doesn't mean you have to allow managing it from the cloud. Disable the cloud controller access and any access to your firewall configuration will have to happen from your local network. I'm unsure if you can disable the UI account, but i have a spare UDM sitting around so i will test it.
I built up my companies network infrastructure on unifi gear the past two years. I did so because we don't have budget for a professional network engineer, but we do have some important network requirements that I needed to be able to set up with minimal learning curve. For the most part this turned out great, there's a powerful UI that lets you configure all of the basics. And lets you inspect everything without having to relearn a bunch of tools and concepts everytime. I'd say perfect for a situation where the CTO has to 'solve' the network.
What disappointed me is that some aspects are really unfinished, and it looks like there's no intention of it to be fixed.
For example we bought their pro firewall (which has been out for years), it's got 2 WAN ports for automatic fail over. To use the 2nd WAN port I had to switch over the UI back to legacy mode. Ok weird but I guess the new UI is still sort of new. But then it turned out that to configure automatic fail over in the most common way, I needed to ssh in and edit configuration files manually.
It didn't turn out to be very hard, but it was just jarring. One of their flagship products, and of the 4 ports it has, 1 port is not supported in their main UI and it's most common use is not possible even in their legacy UI.
Unifi Protect has similar incompleteness issues.
I don't think there's a company that does it better than Ubiquity right now, just disappointed that it stops there.
I agree there's a lot of unused potential with their existing product line, but as you said, nobody does it better currently.
I've been running Ubiquiti gear for years, from a single 2.4GHz UAP with the Edgerouter products, to my current setup with UDM Pro, 10 GB backbone and multiple NanoHD access points, and to use an Apple quote, "It just works". I don't have a complicated setup, just some basic VLANs, firewall rules, radius assigned VLANs via MAC, and IDS/IPS, so maybe that's why i'm not having any issues with it.
I have the technical skill to set it up from scratch if i wanted a second day job, but i don't anymore. I've run on homebuilt devices, on a Soekris net4801, on an Alix APU1D4, on m0n0wall and PfSense in various configurations, latest on a Netgate SG-3100, and while the SG-3100 comes very close to being a network appliance, it still managed to crash to a point where i was flashing it and setting it up over a USB cable, and while Netgate support was very helpfull, that's hardly something you'd ask the average consumer to do.
On the access point side of things the only real contender would be Meraki, but those are 2-3 times the cost of UniFi gear. You could of course also get a bunch of Zyxel/Netgear/whatever consumer devices and put them in bridge mode, and lose all central management.
In fairness, SSH in and edit a file is the "standard" here. I used to manage a bunch of Cisco devices, and I don't believe there was a GUI at all.
I would generally expect the UI to be for enthusiasts, with the more advanced functionality hidden in the CLI (kind of like Windows). WAN Failover probably isn't super popular among enthusiasts
Data leaks happen! It shouldn't but that's just how the world is. UI has been honest about it, and informed every customer as a precaution. (I assume they're still investigating).
I can't be sure, but since UniFi Video went offline at the same time the breach was announced, a week earlier than it was scheduled to, that might have been the entry point.
In any case, the UDM (despite all the negative talk) is a fine machine, and does what it promises to do. If you want similar performance you're either looking at building something yourself, or paying twice of what you paid for a firewall appliance. The Netgate SG-3100 has less performance at twice the cost.
You need a UI account to set it up, but that doesn't mean you have to allow managing it from the cloud. Disable the cloud controller access and any access to your firewall configuration will have to happen from your local network. I'm unsure if you can disable the UI account, but i have a spare UDM sitting around so i will test it.