I think it missed the ball and should have had 4x SFP+ ports to allow for true redundancy and resiliency. 2 internet links for wan failover. 2 core switch links for an individual link to a pair of aggregation switches. (Each aggregation switch has a link to both UDM Pro Max) Most redundant and resilient setups have 2 of everything. If a core switch dies, the secondary link to the secondary switch takes over. It still has a single point of failure with 1 link cable to 1 switch and if a aggregation switch dies, it still needs manual input to physically move the SFP uplinks from dead switch to active switch
That will be the UDM Enterprise later this year... I hope! With no HDD bay to get 16 x 2.5GE, active redundant cooling and dual PSUs on top of what you ask with at least 4 x SPF+.
I think I could live with Ethernet RJ45's for a backup link as this should not be used for extended times, but more for a backup. No matter what system you have, there will be one point somewhere that ends in a single point of failure. I am not sure any of the UDM series are really designed for mission critical absolutely cannot fail installs. I love the ideas you have, but looking at the device, we would lose something to add the extra things you suggest. It may end up 1 hdd bay instead of two. Also, I think cost is a factor. If the device complete goes offline, the second device kicks in and if you have a long term outage, you could go to site and manually move cables. I am guessing if a device physically fails, you'd attend site to physically check it. Not disregarding your comments, I just am not sure that is the market the UDM Series, even the Max version, is aimed at. IF you look at the Enterprise series devices, take the CloudKey Enterprise as an example, they are usually a lot more expensive, and a lot more powerful with processing. I think someone mentioned a UDM Enterprise. That's an interesting idea and Maybe UI will come out with that for the functionalty an enterprise would need, though I would be thinking in Enterprise you'd likely use a self hosted or cloud hosted console as there are likely to be multiple sites.
The HA cabling is actually really clean. No big parallel cable, no multiple cables from front to back. Just mirrored cables to the agg switch and the WAN. It makes perfect sense. Now to get that same HA mode running on the UDMSE.....
Great video! The UDM Pro MAX looks like a great console to go with if you don't already have a UDM SE. And the automatic high availability is going to be a wonderful thing once they release Unifi OS 4.0. Its strange though that they have abandoned the PDU Pro's single WAN input to dual WAN outputs for the UDM console high availability feature.
Once again, another great and informative review. Your videos have been of tremendous help to me and my company. Was a pleasure using your service on my last project. I will not hesitate to reach out to you on my future projects
Hi, for manage and control data trafic in small hospital network with 8 Vlan segment and 10 - 30 users each vlan &10 AP U6pro for wifi , which one of (UDM-Pro OR Miktrotik CCR2004-12S )is recommended, 10G connection between Switches and router is necessary. We don't have any camara.
Hopefully they do a ubiquity dream machine max. And a distribution power system for UK 220v power cabling, how is the optional power bank coming along?
What a pitiful update to the CPU, just a slightly higher clocked model. They should have finally moved past A57 cores and made this 10gbps IPS capable.
@@kristopherleslie8343 Is it reasonable though? The higher clocked SKU of a 12 year old architecture and adding 1 more hard drive bay while removing the extra power supply for PoE likely is a wash on cost difference, yet Ubiquiti wants to charge a $100 extra for something that was had already been $100 overpriced as it was? Reasonable would be a new CPU arch and higher clock speed with 10gb IPS capable for $800. Their competitor just did that and actually beat that price.
@@TangDynasty1983 it depends on your topology. But the simplest way would be modem -> unmanaged switch -> routers. A managed switch like Unifi, you simply create a vlan and use 3rd party gateway. Then you apply that as the native vlan to the 3 ports, 1 port for uplink to modem and 2 ports for downlinks to router. It can be any switch. You can even do it with the UDM built in switch. Edit: keep in mind you would need more than 1 public ip unless you are simply using the HA shadow mode feature or you didn’t care about NAT
I'm currently running 2 UDM Pros in Shadow mode with 2 ISPs in a fail-over config, would I need a switch inbetween each ISP's modem and each UDM Pro to achieve HA Shadow mode? From what I've gathered, most ISPs in the US handout a single IP so I'm not sure if this would work in a failover config without 2 extra switches and double-NAT which doesn't seem ideal. Does that sound right or am I missing something?
A bit of a miss on the lack of syncing between devices on the drive for failover. There's a lot of technologies out there where they could have easily done this, hoping this is a feature in the future. Nice video doing a overview as per usual.
Cody, I'm close to grabbing two of these for my network. We are looking at having 50 U6 Long Range APs for around 500+ total devices, 20 Access Controlled Doors and around 150 Cameras. The cameras would be using the Enterprise NVR. Would these machines be able to handle this or should we step up to the EFG?
Thanks for the great video! I've been waiting for a more robust box for one of my installations, so this looks like a step in the right direction for my use case...HOWEVER...I did notice that in the section showing the Apps migrated, there was no Identity app. Do you know if the UDM Pro Max Supports Identity for one-click WiFi and Access?
Hello. how are you? I have a question regarding this device versus a USG Pro 4. In the USG Pro 4, LAN ports 1 and 2 are independent ports, and I can configure an independent segment for each of them (each one on VLAN 1). Is this possible with this new line of devices? I purchased a UCG Ultra, and it cannot do this. The UniFiOS only allows creating VLANs, meaning it only has one network on VLAN 1 for the whole device. Which device would allow me to do everything I need? Thanks. Best regards.
hey cody i switched to a UDM Pro max from my SE and now im not getting alerts to my protect app it says they are all still set up but nothing is flowing threw, any ideas?
My UDM Pro is running a bit low on memory It's a fairly large deployment, 5 unifi switches, 50 APs, 7 vlans (1 with /22) and 7 Wifi networks with IPS/IDS enabled. One VLAN is dedicated for 29 IP cameras with a separate NVR. It's becoming unstable especially when there are more than 400 clients. Is the pro max a good upgrade for the price?
I have a question, slightly off topic I guess. I have a Cloudkey+ ( Previously called Cloudkey Gen 2 Plus ) and a USG Pro and I want to upgrade the USG Pro as it is limited in speed when IPS is enabled and UI have recently moved it to "Legacy" status. The cloudkey works fine, no issues, but I am also looking at moving to Protect and retiring synology surveillance station. My question is, for a home environment with 8 cameras, a few switches and 4 AP's, would it be better to invest in a Gateway Max UXG-MAX and a UNVR or would it be better to get the UDM Pro Max? I would not want the UDM Pro or UDM SE as I want at least 2 HDD's for Protect so there is data protection. Thanks :) Just thinking, you say only 3gbps/3gbps connection That's really a fast connection and faster than a lot of large businesses use. But it is nice to see the Max can handle upto 5gbps IPS if needed. I don't think most users the UDM series are aiming for would have speeds above 1gbps on their internet.
Interesting stuff, Cody. Heard all about this and the roadmap yesterday at the London UWC which you flagged in one of your Livestreams. Was very interesting to hear from the CEO and all the other head guys. Thanks for the heads up! I'm kinda hoping some nuts will go for the Pro Max "just cos" and there'll be a few UDM SE units going cheap for me to upgrade!
Thanks Patrick, but that will not give me a public ip address as the modem is in bridge mode. Sounds like I have to go to the ISP and request a 2nd ip address.
@@XpertCS But you have and use only 1 public IP at the time, on primary router. When secondary takes over it will have that public IP address (if automatic or PPPoE does not matter, it will just take a couple of seconds to reconnect to your IPS servers trough their modem in bridge mode, to give you public ip address)
Thanks for your videos, greetings from Chile. I have a question, is it possible to use UDM pro or UMD SE as a Cloud Key, I manage a large network and the CloudKey is no longer able to load the network application. The question is because I have a third party Firewall. The current configuration is: Firewall, towards an Aggregate and the cloud key connected to the second switch. What I'm looking for is: Firewall -> UMD-> and then the rest of the network. On the unifi website there is a cloud key enterprise but it is not available yet. I hope you can help me. Kind regards
"hey, i need HA, but could you throw in a dual drive NVR that isn't HA? Also, can it have 8 gig ports, but make sure to leave out POE so i can't use them with cameras or 2.5gb ports so it's completely useless...oh, can you use the same 12 year old CPU, just make the clocks higher? It would sell like hotcakes!" -Said No-one ever.
Hello, does the UDM-Pro-Max have still the issue that all traffic going out of the WAN port is affected by by natting, so that I can not use it with VLANS on the WAN interface behind a third party SD-WAN or even other firewall solution. This would be a real benefit using the device in enterprise environments where networks/devices must be reached from other locations without port forwarding which is useless in enterprise scenarios. Would be nice if you find some time to to at this.
Thanks for the quick review, but IMO there are a few important things missing. 1. Could you include a block diagram showing how all the ports are connected and their respective speeds? Is the internal switch still only connected to the CPU at 1Gb/s? 2. How is it possible that the throughput is only ~2.6Gb/s with IDS/IPS enabled, when the Pro/SE was previously advertised as being capable of handling 3.5Gb/s with everything turned on? 3. In the event of an HA failover, is the session table properly synchronized between the two devices to ensure that TCP connections aren't dropped?
@@_nick___ I’ve learned that with the “3.5 Gb/s IPS throughput” they mean LAN-WAN / LAN-LAN traffic without the use of vlans. The throughput is way less with vlans on either LAN or WAN enabled.
If you are running a multi-site SD-WAN (Fortinet) such as retail sites and implement the UDM ProMax, will all of the site AP's (U6-Ent) route back to this for www breakout? Or do you need one per site?
Hi, are you still double nating? or are you able to get the full 3/3 with PPPOE? (i am with bell pppoe, and the pro was not able to get full speed in pppoe). thank you
I still can't figure out how this is HA when both UDM connect to a single Aggregation switch... if that switch is down, the HA is useless.. anyone found a way to get trunk from both UDM to a pair of aggreg switches?
interesting new product =) would love to see anyony testing large scale networks, like these 1000clients. looks like unifi tries to design in a way, where you more and more dont need a server running the controller and have a separate usg for midscale networks with just say realworld 500-1000 clients parallel online
I wish someone would test UDP throughput on this model, UDP is the crux of existing Unifi gateway lines, just 500mbps of UDP will cause sever packet loss and if it goes on long enough, crash any controllers on UDM series.
In most common redundant pfSense setups that use carp, you have 1 modem with 2 links to each. Each router has an address (192.168.1.1 / 192.168.1.2) and then use a gateway carp address (192.168.1.3) for the DHCP lease, so whether router 1 or router 2 is master, the DHCP lease given makes sense as that address is always up. Until we get OS 4.0, we won’t know how Ubiquity is doing the fail over but it might be something similar
Hi Cody, I would appreciate it if you can test UDM Pro Max with PPPOE wan 3.0 gbe with IPS/IDS turned on. With UDM SE I can get max 2.3 gbe Bell Fiber.
Did I miss something, why isn't anyone reviewing UXG-MAX? I was hoping to replace a friend's old USG-3 and keep his cloud key plus. This new device appears to tick all my boxes.
I got tired of waiting and jumped on the UXG Pro. But ideally I would have the Max for home use. Looks like a neat product. Now a new cloud key is in order
I was excited when i heard of this product. I thought it would come with POE ++, but it doesnt even come with POE... I just want "one device" that will do cameras and door access for my home, dream wall was almost there if it wasnt for it using only micro sd cards and the UDM SE doesnt have POE++ :c
If you’re using a UDM pro max you would most likely have other switches that have 2.5Gb and poe. Remember this is for large scale Also no raid 0 just raid 1
@@MactelecomNetworks ya, I get it's for large scale, but seems like a strange product within their line. A better solution would be UXG Pro (which I have) and then NVR or NVR Pro I think.
Yeah I know they say 2000+. But I want to know real well what you believe or what you think it can do based on experiences like the dream machine SE and pro had said 1,000+ what's the maximum you have seen them in real use handle because I want to use one for a small stadium but it won't be just for clients it will also be for the it'll be for the main connection source for the media people also
@@MactelecomNetworks I see. Yeah, I have that already, I use a MokerLink 10Gbps switch because I have 3 IP addresses for 3 different setups, two Unifi setups and the other TP-Link.
@@MactelecomNetworksis this also going to work for PPPoE used by fiber optic providers? I have CAT6 cable to my WAN1 port and that port is set as PPPoE. I have not tried it placing a dumb switch in between the fiber-to-Ethernet wall box and the UDM would work.
"pro environment" yeah, but I want the IDS/IPS throughput and don't need the redundancy. also "pro max" but not enterprise. :) I wonder when UDM Enterprise is going to come out.
@@MactelecomNetworks I have an Arris Sb8200 with 2x rj45 connections on the back. Is that something that would work for this or do you need something fancier?
Yes, you can move network from one controller to another. You can do full config within the same model series. So udm, UDMP, udmse, udmpm should all be able to swap their device configs around.
@@BartLanz I've moved controller settis backup from cloudkeys to self hosted and/or dreammachines. But the actual System Config Backup in the os settings, can the restore option there be used to restore "System Config Backup" from let's say, SE to max pro with all the os settings an applications at once?
Thanks for the update Cody. But just why? If your network is that big, go with the proper components Gateway Pro Aggregation switch UNVR pro. Really? people want to build a network for 1000 devices, but want to skimp on hardware. Makes no sense...
This device honestly doesn't make sense. How do they justify charging $230 more than the UDM Pro for simply adding a single SATA drive bay? If this thing really is intended for larger deployments it doesn't make sense. Anyone that is installing hundreds of unifi devices and thousands of endpoints is not going to stick their security system on their firewall. They are going to get a separate NVR which Ubiquiti already sells. They also aren't going to use gigabit ports or even 10GBE ports for their trunk ports. They are seriously trying to portray this as an enterprise level device all while limiting most of the ports to gigabit? They do realize that gigabit Ethernet came out in 1999 right? If they actually wanted to have this be more for enterprise they should have dropped the drive cages and the 8GBE ports. Instead they should have had a 10GbE RJ45 port, a console port, and around 6 QSFP28 ports so they could actually connect to the trunk of their network. As is this thing will bottleneck it. If they wanted to add even more ports, especially since they got rid of the drive cages, that would be fine. I don't think anyone would complain about more ports or faster ports if they didn't balloon the price doing so. Edit: They would also have redundant power supplies that are hot-swapable, again if this was intended for enterprise use. If they actually want an all in one device the drive cages are great but those 8 RJ45 ports should all have POE with probably 4 having POE++ and the other 4 having POE+. They also should be at least 2.5Gbps. The RJ45 WAN port should be 10GbE capable and the 2 fiber cages should be QSFP28. If they wanted to add more ports to this that would be fine. I would be fine with more SFP+ cages or more 2.5GBE ports or another RJ45 WAN port for a backup WAN connection but I just layed out where they should have gone with it keeping the port count and type the same.
I completely agree the price point does not make sense without at least PoE & 2.5gb ports. I would 100% replace the less than 3month old UDM SE at one of my sites if it included that. The 2.5 gb and PoE would allow me to deploy the U7 access points without a replacement switch and the additional 3 2K cameras the higher processer allows + option to raid the storage would be perfect for this location.
Same CPU only 0,3 MHz more… 8gb of ram… double the size of unifi clients and device capacity… but „only“ 5 Gbs IDS/IPS?…not what i expected of a pro max version. Would be better with a octa core cpu and upgradeable ram… For that money i get a udm pro and one nvr with better performance for protect. but maybe there is a usecase for some people.
@@MactelecomNetworks I am talking about the stock market listing. $UI keeps dropping and with 1 billion in debt the future for this company is a question mark.
They stay with prosumers and upgrade the 8 ports from gig to multigig. That's all. None in enterprise world need that kind of stuffs. None in prosumers world need that. To use in my home I should buy also a separate multigig switch with a PoE. That's mean more power consumption, more maintenance, more space and a lots of unused ports. What I'm waiting for is a udm multigigs with internal ONT and a PoE for the wifi spots. Actually there isn't nothing like this on the market
@@szubster You can add a second set of drives to the failover device. In the event your primary goes down, you can set it up to have Protect begin recording on the failover device. Very minimal downtime.
I think it missed the ball and should have had 4x SFP+ ports to allow for true redundancy and resiliency.
2 internet links for wan failover.
2 core switch links for an individual link to a pair of aggregation switches. (Each aggregation switch has a link to both UDM Pro Max)
Most redundant and resilient setups have 2 of everything. If a core switch dies, the secondary link to the secondary switch takes over. It still has a single point of failure with 1 link cable to 1 switch and if a aggregation switch dies, it still needs manual input to physically move the SFP uplinks from dead switch to active switch
I like your idea better
You’d normally have a second core
That will be the UDM Enterprise later this year... I hope! With no HDD bay to get 16 x 2.5GE, active redundant cooling and dual PSUs on top of what you ask with at least 4 x SPF+.
@@Traumatree won’t see dual psu
I think I could live with Ethernet RJ45's for a backup link as this should not be used for extended times, but more for a backup. No matter what system you have, there will be one point somewhere that ends in a single point of failure. I am not sure any of the UDM series are really designed for mission critical absolutely cannot fail installs.
I love the ideas you have, but looking at the device, we would lose something to add the extra things you suggest. It may end up 1 hdd bay instead of two. Also, I think cost is a factor.
If the device complete goes offline, the second device kicks in and if you have a long term outage, you could go to site and manually move cables. I am guessing if a device physically fails, you'd attend site to physically check it.
Not disregarding your comments, I just am not sure that is the market the UDM Series, even the Max version, is aimed at. IF you look at the Enterprise series devices, take the CloudKey Enterprise as an example, they are usually a lot more expensive, and a lot more powerful with processing. I think someone mentioned a UDM Enterprise. That's an interesting idea and Maybe UI will come out with that for the functionalty an enterprise would need, though I would be thinking in Enterprise you'd likely use a self hosted or cloud hosted console as there are likely to be multiple sites.
The HA cabling is actually really clean. No big parallel cable, no multiple cables from front to back. Just mirrored cables to the agg switch and the WAN. It makes perfect sense. Now to get that same HA mode running on the UDMSE.....
or regular UDM Pro
VRRP is not the same as HA. Also the cabling method is just the same as with any other router vendor.
Great video! The UDM Pro MAX looks like a great console to go with if you don't already have a UDM SE. And the automatic high availability is going to be a wonderful thing once they release Unifi OS 4.0. Its strange though that they have abandoned the PDU Pro's single WAN input to dual WAN outputs for the UDM console high availability feature.
Once again, another great and informative review. Your videos have been of tremendous help to me and my company. Was a pleasure using your service on my last project. I will not hesitate to reach out to you on my future projects
Hi, for manage and control data trafic in small hospital network with 8 Vlan segment and 10 - 30 users each vlan &10 AP U6pro for wifi , which one of (UDM-Pro OR Miktrotik CCR2004-12S )is recommended, 10G connection between Switches and router is necessary. We don't have any camara.
Hopefully they do a ubiquity dream machine max. And a distribution power system for UK 220v power cabling, how is the optional power bank coming along?
Great review. Not a product that I need to replace my UDMP but it's nice to see where the future is going.
What a pitiful update to the CPU, just a slightly higher clocked model. They should have finally moved past A57 cores and made this 10gbps IPS capable.
Step by step, they need every dollar in your pocket:)
What would you expect for being reasonable
@@kristopherleslie8343 Is it reasonable though? The higher clocked SKU of a 12 year old architecture and adding 1 more hard drive bay while removing the extra power supply for PoE likely is a wash on cost difference, yet Ubiquiti wants to charge a $100 extra for something that was had already been $100 overpriced as it was?
Reasonable would be a new CPU arch and higher clock speed with 10gb IPS capable for $800. Their competitor just did that and actually beat that price.
@@LordSaliss I asked what would be reasonable was waiting on your reply.
Gotta wait for the UDM Pro Max Ultra for that capability
Are you hooking up the same ISP connections or is this with 2 separate ISP?
I have the same exact question, my ISP modem only has one downstream port...
Confused. I don't have an ISP modem so my ISP connection goes directly into my UDM Pro.
You can use a switch to add ports to your isp modem.
should I use a managed switch or unmanaged switch? Thanks.
@@TangDynasty1983 it depends on your topology. But the simplest way would be modem -> unmanaged switch -> routers. A managed switch like Unifi, you simply create a vlan and use 3rd party gateway. Then you apply that as the native vlan to the 3 ports, 1 port for uplink to modem and 2 ports for downlinks to router. It can be any switch. You can even do it with the UDM built in switch.
Edit: keep in mind you would need more than 1 public ip unless you are simply using the HA shadow mode feature or you didn’t care about NAT
I'm currently running 2 UDM Pros in Shadow mode with 2 ISPs in a fail-over config, would I need a switch inbetween each ISP's modem and each UDM Pro to achieve HA Shadow mode? From what I've gathered, most ISPs in the US handout a single IP so I'm not sure if this would work in a failover config without 2 extra switches and double-NAT which doesn't seem ideal. Does that sound right or am I missing something?
A bit of a miss on the lack of syncing between devices on the drive for failover. There's a lot of technologies out there where they could have easily done this, hoping this is a feature in the future. Nice video doing a overview as per usual.
LET'S GOOOOO!!!!!!! Great device! Great video, Cody!
What do you do if you don't use the ISP router?
Take Bell for example, i always plug into the ONT and use VLAN 35.
Cody, I'm close to grabbing two of these for my network. We are looking at having 50 U6 Long Range APs for around 500+ total devices, 20 Access Controlled Doors and around 150 Cameras. The cameras would be using the Enterprise NVR. Would these machines be able to handle this or should we step up to the EFG?
Do you need dual WAN? How are the two uplinks from WAN connected?
Thanks for the great video! I've been waiting for a more robust box for one of my installations, so this looks like a step in the right direction for my use case...HOWEVER...I did notice that in the section showing the Apps migrated, there was no Identity app. Do you know if the UDM Pro Max Supports Identity for one-click WiFi and Access?
For security reasons, does the UDM Pro max compare to any SonicWall or Fortigate model?
Hello. how are you? I have a question regarding this device versus a USG Pro 4. In the USG Pro 4, LAN ports 1 and 2 are independent ports, and I can configure an independent segment for each of them (each one on VLAN 1). Is this possible with this new line of devices? I purchased a UCG Ultra, and it cannot do this. The UniFiOS only allows creating VLANs, meaning it only has one network on VLAN 1 for the whole device. Which device would allow me to do everything I need? Thanks. Best regards.
hey cody i switched to a UDM Pro max from my SE and now im not getting alerts to my protect app it says they are all still set up but nothing is flowing threw, any ideas?
My UDM Pro is running a bit low on memory
It's a fairly large deployment, 5 unifi switches, 50 APs, 7 vlans (1 with /22) and 7 Wifi networks with IPS/IDS enabled. One VLAN is dedicated for 29 IP cameras with a separate NVR.
It's becoming unstable especially when there are more than 400 clients. Is the pro max a good upgrade for the price?
I have a question, slightly off topic I guess. I have a Cloudkey+ ( Previously called Cloudkey Gen 2 Plus ) and a USG Pro and I want to upgrade the USG Pro as it is limited in speed when IPS is enabled and UI have recently moved it to "Legacy" status. The cloudkey works fine, no issues, but I am also looking at moving to Protect and retiring synology surveillance station.
My question is, for a home environment with 8 cameras, a few switches and 4 AP's, would it be better to invest in a Gateway Max UXG-MAX and a UNVR or would it be better to get the UDM Pro Max? I would not want the UDM Pro or UDM SE as I want at least 2 HDD's for Protect so there is data protection.
Thanks :)
Just thinking, you say only 3gbps/3gbps connection That's really a fast connection and faster than a lot of large businesses use. But it is nice to see the Max can handle upto 5gbps IPS if needed. I don't think most users the UDM series are aiming for would have speeds above 1gbps on their internet.
Are there any more utility type devices coming, such as Cloud Ultra?
So does the modem need 2 Ethernet ports if both pro max are plugged into it?
If so their own modem can’t be used which is stupid.
will you do a ck-enterprise review?
Interesting stuff, Cody. Heard all about this and the roadmap yesterday at the London UWC which you flagged in one of your Livestreams. Was very interesting to hear from the CEO and all the other head guys. Thanks for the heads up!
I'm kinda hoping some nuts will go for the Pro Max "just cos" and there'll be a few UDM SE units going cheap for me to upgrade!
Will udm se have also timeline recording to ssd like udm pro max? Or no updates for se model?
How does having 1 internet connection work with Ubiquiti HA? You can’t get the same public ip address to 2 MAC addresses.
If your isp modem has 2 or more lan ports, you plug each pro max into a separate port.
Thanks Patrick, but that will not give me a public ip address as the modem is in bridge mode.
Sounds like I have to go to the ISP and request a 2nd ip address.
@@XpertCS But you have and use only 1 public IP at the time, on primary router. When secondary takes over it will have that public IP address (if automatic or PPPoE does not matter, it will just take a couple of seconds to reconnect to your IPS servers trough their modem in bridge mode, to give you public ip address)
Sounds about right… I know I have one ISP who hardcodes it to a MAC address but will get that sorted.
Thanks
So High High Availability will come to all Pro/SE Consoles?
Correct
Thanks for your videos, greetings from Chile.
I have a question, is it possible to use UDM pro or UMD SE as a Cloud Key, I manage a large network and the CloudKey is no longer able to load the network application.
The question is because I have a third party Firewall.
The current configuration is:
Firewall, towards an Aggregate and the cloud key connected to the second switch.
What I'm looking for is: Firewall -> UMD-> and then the rest of the network.
On the unifi website there is a cloud key enterprise but it is not available yet.
I hope you can help me.
Kind regards
"hey, i need HA, but could you throw in a dual drive NVR that isn't HA? Also, can it have 8 gig ports, but make sure to leave out POE so i can't use them with cameras or 2.5gb ports so it's completely useless...oh, can you use the same 12 year old CPU, just make the clocks higher? It would sell like hotcakes!" -Said No-one ever.
Hello, does the UDM-Pro-Max have still the issue that all traffic going out of the WAN port is affected by by natting, so that I can not use it with VLANS on the WAN interface behind a third party SD-WAN or even other firewall solution. This would be a real benefit using the device in enterprise environments where networks/devices must be reached from other locations without port forwarding which is useless in enterprise scenarios. Would be nice if you find some time to to at this.
Does the UDM PRO MAX support Link Aggregation on the SFP+ ports set to LAN Ports?
Thanks for the quick review, but IMO there are a few important things missing.
1. Could you include a block diagram showing how all the ports are connected and their respective speeds? Is the internal switch still only connected to the CPU at 1Gb/s?
2. How is it possible that the throughput is only ~2.6Gb/s with IDS/IPS enabled, when the Pro/SE was previously advertised as being capable of handling 3.5Gb/s with everything turned on?
3. In the event of an HA failover, is the session table properly synchronized between the two devices to ensure that TCP connections aren't dropped?
@@_nick___ I’ve learned that with the “3.5 Gb/s IPS throughput” they mean LAN-WAN / LAN-LAN traffic without the use of vlans. The throughput is way less with vlans on either LAN or WAN enabled.
If you are running a multi-site SD-WAN (Fortinet) such as retail sites and implement the UDM ProMax, will all of the site AP's (U6-Ent) route back to this for www breakout? Or do you need one per site?
Hi, are you still double nating? or are you able to get the full 3/3 with PPPOE? (i am with bell pppoe, and the pro was not able to get full speed in pppoe). thank you
@Mactelecom Networks I have a bunch of flat ethernet cables, do you know of any cable combs that work well with flat cables?
Is HA mode going to be on any of the UXG line? The UXG-Pro at a minimum should have this.
I still can't figure out how this is HA when both UDM connect to a single Aggregation switch... if that switch is down, the HA is useless.. anyone found a way to get trunk from both UDM to a pair of
aggreg switches?
Great review as always bro!
Thanks you as well just finished your video
Great video as usual, Cody. What about the noise level? Louder than the UDMSE?
interesting new product =) would love to see anyony testing large scale networks, like these 1000clients. looks like unifi tries to design in a way, where you more and more dont need a server running the controller and have a separate usg for midscale networks with just say realworld 500-1000 clients parallel online
I wish someone would test UDP throughput on this model, UDP is the crux of existing Unifi gateway lines, just 500mbps of UDP will cause sever packet loss and if it goes on long enough, crash any controllers on UDM series.
How's your dual connection to your ISP configured? Do you have two modems?
In most common redundant pfSense setups that use carp, you have 1 modem with 2 links to each. Each router has an address (192.168.1.1 / 192.168.1.2) and then use a gateway carp address (192.168.1.3) for the DHCP lease, so whether router 1 or router 2 is master, the DHCP lease given makes sense as that address is always up.
Until we get OS 4.0, we won’t know how Ubiquity is doing the fail over but it might be something similar
Still no network access control, SD-Wan still limited to 15 sites :( How "large scale" can you go when you're limited to 15 sites.
Hi Cody, I would appreciate it if you can test UDM Pro Max with PPPOE wan 3.0 gbe with IPS/IDS turned on. With UDM SE I can get max 2.3 gbe Bell Fiber.
Riiight. Looks fine. I wonder if that comes to the UDM-Pro/-SE with UniFi OS 4, where Cody seems to be running v4.0.2.
Thanks for the video!!
Did I miss something, why isn't anyone reviewing UXG-MAX? I was hoping to replace a friend's old USG-3 and keep his cloud key plus. This new device appears to tick all my boxes.
I may do a video on it I have it but was waiting on this to release first
I got tired of waiting and jumped on the UXG Pro. But ideally I would have the Max for home use. Looks like a neat product. Now a new cloud key is in order
I will be doing a large installation for fairground wifi in a few months and am wondering if this would be preferred over a UXG-Pro?
I suppose it would depend on your projected network traffic and the total amount of WAPs
Nice. I can't wait to test out the HA.
I was excited when i heard of this product. I thought it would come with POE ++, but it doesnt even come with POE... I just want "one device" that will do cameras and door access for my home, dream wall was almost there if it wasnt for it using only micro sd cards and the UDM SE doesnt have POE++ :c
This is for large businesses, not home use. This will have Poe switches plugged into so it doesn’t need Poe on it
This is cool, don't get me wrong, but can we create IPv6-only VLANs yet?
Do you know whether Shadow Mode will work between different models - specifically UDM Pro Max and UDM SE?
They have to be the same model
Great Video, Thank You!
Who's RJ45 to SPF+ transceivers do you use? The one from UI has been out of stock for months.
The ones I used were from ubiquiti. 10gtec isn’t bad either
Strange that the max doesn't have 2.5Gbps switch ports and no POE. Can you put the dual drives in striping (raid 0)?
If you’re using a UDM pro max you would most likely have other switches that have 2.5Gb and poe. Remember this is for large scale
Also no raid 0 just raid 1
@@MactelecomNetworks ya, I get it's for large scale, but seems like a strange product within their line. A better solution would be UXG Pro (which I have) and then NVR or NVR Pro I think.
If i'm coming from an UXG-Pro to this, would I still need my cloud key Gen2plus? Thanks~
Nope you could get rid of the cloud key
When is UniFi os 4.0 scheduled to be released?
That I’m not sure. It will have to come to early access first
dO THEY HAVE A UNET THE WORKS AS A MODEM?
Does it allow multi-site management?
Single site
What's the realistic amount of clients this can handle if I'm running about 6 to 8 switches and about 70 APs?
They say 2000+
Yeah I know they say 2000+. But I want to know real well what you believe or what you think it can do based on experiences like the dream machine SE and pro had said 1,000+ what's the maximum you have seen them in real use handle because I want to use one for a small stadium but it won't be just for clients it will also be for the it'll be for the main connection source for the media people also
How did you split the cable for the ISP connection?
My cable model has 4 ports on the back.
If you only have 1 port than you would have to put a switch after your modem
@@MactelecomNetworks I see. Yeah, I have that already, I use a MokerLink 10Gbps switch because I have 3 IP addresses for 3 different setups, two Unifi setups and the other TP-Link.
@@MactelecomNetworks Hey Cody. I'm pumped to get my hands on a pro max. You have a switch recommendation to place in the middle of a modem and UDM?
@@grbeck3312cheap and dumb. For that I am a fan of the purple or silver Netgear units.
@@MactelecomNetworksis this also going to work for PPPoE used by fiber optic providers? I have CAT6 cable to my WAN1 port and that port is set as PPPoE. I have not tried it placing a dumb switch in between the fiber-to-Ethernet wall box and the UDM would work.
Nice work Cody! Shirt looks great! 😂
😂 it really does
Will you be switching to Udm pro max at home?
I have it running in my house right now. But these are really meant for large deployments
"pro environment" yeah, but I want the IDS/IPS throughput and don't need the redundancy. also "pro max" but not enterprise. :) I wonder when UDM Enterprise is going to come out.
Let’s get a Dream Wall Pro with a HDD bay and bottom Ethernet ports!
i'm curious how you got 2 connections from same ISP ?
My ISP has multiple connections on the back of the modem. If you only have one port you would need to put a switch after the modem
@@MactelecomNetworks I have an Arris Sb8200 with 2x rj45 connections on the back. Is that something that would work for this or do you need something fancier?
@@MactelecomNetworks whats your ISP .. i'm also in Canada, using bell ATM and my fiber goes straight into my UDM Pro
@@MactelecomNetworks doing double NAT?
Can I restore backup from udm se to udm pro max? :)
Yes, you can move network from one controller to another. You can do full config within the same model series. So udm, UDMP, udmse, udmpm should all be able to swap their device configs around.
@@BartLanz I've moved controller settis backup from cloudkeys to self hosted and/or dreammachines. But the actual System Config Backup in the os settings, can the restore option there be used to restore "System Config Backup" from let's say, SE to max pro with all the os settings an applications at once?
Thanks for the update Cody.
But just why?
If your network is that big, go with the proper components
Gateway Pro
Aggregation switch
UNVR pro.
Really? people want to build a network for 1000 devices, but want to skimp on hardware.
Makes no sense...
But still just 1Gbe Ports... wtf? Why not all 2.5Gbe?
Now give us SD-WAN rules so that we can move packets seamlessly to the next gateway for UCaaS!
you should hook a brother up with that SE.. 😉
"Pro max" but no rgb?
The naming is typical Ubiquiti style. Establish a marketing theme them apply it wherever lol
This device honestly doesn't make sense. How do they justify charging $230 more than the UDM Pro for simply adding a single SATA drive bay? If this thing really is intended for larger deployments it doesn't make sense. Anyone that is installing hundreds of unifi devices and thousands of endpoints is not going to stick their security system on their firewall. They are going to get a separate NVR which Ubiquiti already sells. They also aren't going to use gigabit ports or even 10GBE ports for their trunk ports. They are seriously trying to portray this as an enterprise level device all while limiting most of the ports to gigabit? They do realize that gigabit Ethernet came out in 1999 right?
If they actually wanted to have this be more for enterprise they should have dropped the drive cages and the 8GBE ports. Instead they should have had a 10GbE RJ45 port, a console port, and around 6 QSFP28 ports so they could actually connect to the trunk of their network. As is this thing will bottleneck it. If they wanted to add even more ports, especially since they got rid of the drive cages, that would be fine. I don't think anyone would complain about more ports or faster ports if they didn't balloon the price doing so. Edit: They would also have redundant power supplies that are hot-swapable, again if this was intended for enterprise use.
If they actually want an all in one device the drive cages are great but those 8 RJ45 ports should all have POE with probably 4 having POE++ and the other 4 having POE+. They also should be at least 2.5Gbps. The RJ45 WAN port should be 10GbE capable and the 2 fiber cages should be QSFP28. If they wanted to add more ports to this that would be fine. I would be fine with more SFP+ cages or more 2.5GBE ports or another RJ45 WAN port for a backup WAN connection but I just layed out where they should have gone with it keeping the port count and type the same.
I completely agree the price point does not make sense without at least PoE & 2.5gb ports. I would 100% replace the less than 3month old UDM SE at one of my sites if it included that.
The 2.5 gb and PoE would allow me to deploy the U7 access points without a replacement switch and the additional 3 2K cameras the higher processer allows + option to raid the storage would be perfect for this location.
Same CPU only 0,3 MHz more… 8gb of ram… double the size of unifi clients and device capacity… but „only“ 5 Gbs IDS/IPS?…not what i expected of a pro max version.
Would be better with a octa core cpu and upgradeable ram…
For that money i get a udm pro and one nvr with better performance for protect.
but maybe there is a usecase for some people.
Big video!
Ubiquiti stock is really getting hammered. Will this company go bankrupt?
What are you trying to buy? Everything I’ve needed in the past year or two has been avaiable
@@MactelecomNetworkshe doesn’t mean physical product stock, he means stock price of the company.
@@MactelecomNetworks I am talking about the stock market listing. $UI keeps dropping and with 1 billion in debt the future for this company is a question mark.
They stay with prosumers and upgrade the 8 ports from gig to multigig. That's all. None in enterprise world need that kind of stuffs. None in prosumers world need that. To use in my home I should buy also a separate multigig switch with a PoE. That's mean more power consumption, more maintenance, more space and a lots of unused ports. What I'm waiting for is a udm multigigs with internal ONT and a PoE for the wifi spots. Actually there isn't nothing like this on the market
Wow pro max -- what about pro max ultra max pro?
Not worth the money, they probably had too many SE bords in stock and this is a way to get rid of them.
Such a small upgrade for the price
Double the devices and double the clients is a small upgrade 🙃
❤
Tan sexy, me encantan sus video y como explica
Keep the unreleased devices coming!
3.5 to 5gbps I wouldn't say is 'significant'. Not even if someone were to use it in a small to medium business. This is a unifi shill guy.
😂 how many small to medium
Business do you know with 5gbps connections?
Shill ok. I like Ubiquiti that’s what I sell so that’s what I do videos on
3 gig wan 😢 to my measly 1 gig wan 😂
Lacks PoE....
If you’re buying this device you should have poe switches. It’s for large scale
At that large scale, two drive bays are useless, as you would use NVR
@@szubster You can add a second set of drives to the failover device. In the event your primary goes down, you can set it up to have Protect begin recording on the failover device. Very minimal downtime.