Unifi UDM Pro Max : Large scale deployments are here
ฝัง
- เผยแพร่เมื่อ 5 พ.ค. 2024
- In this video I take a look at the all new Unifi UDM Pro Max from Ubiquiti. The UDM Pro max has two hard drive bays for Unifi protect redundancy in a RAID 1 configuration. The UDM pro Max can handle about 200 Unifi devices and thousands of clients. The UDM Pro Max can also do 5Gbps with IDS/IPS on ( suspicious activity) and comes in at $599 USD MSRP
▶ Unifi pro max USA affiliate link :
store.ui.com/us/en/pro/produc...
▶ Unifi pro max EU affiliate link :
store.ui.com/eu/en/pro/produc...
▶ Ubiquiti affiliate link :
store.ui.com/us/en?a_aid=MacT...
▶ Hire us on our website
mactelecomnetworks.com/
▶ Watch my VLOG channel:
/ @techntails
▶ Join our Discord Channel:
/ discord
------------------------------------------------------------------------------------
Affiliates I use:
▶ VOIP.MS
www.voip.ms/en/code/Mactelecom
▶Canadian Amazon Store front:
www.amazon.ca/shop/mactelecom...
▶USA Amazon store front:
www.amazon.com/shop/macteleco...
▶NordVPN:
go.nordvpn.net/aff_c?offer_id...
------------------------------------------------------------------------------------
▶ Find us on social media:
▶ Instagram:
/ mactelecomnetworks
▶ Facebook:
/ mactelecomnetworks
▶ Twitter:
/ mactelecomn
▶ TikTok:
/ mactelecomnetworks
0:00 Intro
0:53 Taking a closer look at the UDM Pro Max
3:01 Installing the UDM Pro Max into my network rack
5:27 Initial configuration
7:10 Migrating Unifi protect to the UDM Pro Max
9:01 UDM Pro Max Price and Specs
10:02 Setting up Automatic shadow mode
12:14 Testing UDM Pro Max automatic shadow mode
12:58 Testing IDS/IPS Speeds
14:47 Final thoughts - วิทยาศาสตร์และเทคโนโลยี
I think it missed the ball and should have had 4x SFP+ ports to allow for true redundancy and resiliency.
2 internet links for wan failover.
2 core switch links for an individual link to a pair of aggregation switches. (Each aggregation switch has a link to both UDM Pro Max)
Most redundant and resilient setups have 2 of everything. If a core switch dies, the secondary link to the secondary switch takes over. It still has a single point of failure with 1 link cable to 1 switch and if a aggregation switch dies, it still needs manual input to physically move the SFP uplinks from dead switch to active switch
I like your idea better
You’d normally have a second core
That will be the UDM Enterprise later this year... I hope! With no HDD bay to get 16 x 2.5GE, active redundant cooling and dual PSUs on top of what you ask with at least 4 x SPF+.
@@Traumatree won’t see dual psu
Great review. Not a product that I need to replace my UDMP but it's nice to see where the future is going.
LET'S GOOOOO!!!!!!! Great device! Great video, Cody!
Interesting stuff, Cody. Heard all about this and the roadmap yesterday at the London UWC which you flagged in one of your Livestreams. Was very interesting to hear from the CEO and all the other head guys. Thanks for the heads up!
I'm kinda hoping some nuts will go for the Pro Max "just cos" and there'll be a few UDM SE units going cheap for me to upgrade!
Nice. I can't wait to test out the HA.
Great video! The UDM Pro MAX looks like a great console to go with if you don't already have a UDM SE. And the automatic high availability is going to be a wonderful thing once they release Unifi OS 4.0. Its strange though that they have abandoned the PDU Pro's single WAN input to dual WAN outputs for the UDM console high availability feature.
Great Video, Thank You!
The HA cabling is actually really clean. No big parallel cable, no multiple cables from front to back. Just mirrored cables to the agg switch and the WAN. It makes perfect sense. Now to get that same HA mode running on the UDMSE.....
or regular UDM Pro
VRRP is not the same as HA. Also the cabling method is just the same as with any other router vendor.
"hey, i need HA, but could you throw in a dual drive NVR that isn't HA? Also, can it have 8 gig ports, but make sure to leave out POE so i can't use them with cameras or 2.5gb ports so it's completely useless...oh, can you use the same 12 year old CPU, just make the clocks higher? It would sell like hotcakes!" -Said No-one ever.
Thanks for the great video! I've been waiting for a more robust box for one of my installations, so this looks like a step in the right direction for my use case...HOWEVER...I did notice that in the section showing the Apps migrated, there was no Identity app. Do you know if the UDM Pro Max Supports Identity for one-click WiFi and Access?
Hopefully they do a ubiquity dream machine max. And a distribution power system for UK 220v power cabling, how is the optional power bank coming along?
What a pitiful update to the CPU, just a slightly higher clocked model. They should have finally moved past A57 cores and made this 10gbps IPS capable.
Step by step, they need every dollar in your pocket:)
What would you expect for being reasonable
@@kristopherleslie8343 Is it reasonable though? The higher clocked SKU of a 12 year old architecture and adding 1 more hard drive bay while removing the extra power supply for PoE likely is a wash on cost difference, yet Ubiquiti wants to charge a $100 extra for something that was had already been $100 overpriced as it was?
Reasonable would be a new CPU arch and higher clock speed with 10gb IPS capable for $800. Their competitor just did that and actually beat that price.
@@LordSaliss I asked what would be reasonable was waiting on your reply.
Gotta wait for the UDM Pro Max Ultra for that capability
Great review as always bro!
Thanks you as well just finished your video
A bit of a miss on the lack of syncing between devices on the drive for failover. There's a lot of technologies out there where they could have easily done this, hoping this is a feature in the future. Nice video doing a overview as per usual.
Great video as usual, Cody. What about the noise level? Louder than the UDMSE?
interesting new product =) would love to see anyony testing large scale networks, like these 1000clients. looks like unifi tries to design in a way, where you more and more dont need a server running the controller and have a separate usg for midscale networks with just say realworld 500-1000 clients parallel online
Are there any more utility type devices coming, such as Cloud Ultra?
Will udm se have also timeline recording to ssd like udm pro max? Or no updates for se model?
Hello, does the UDM-Pro-Max have still the issue that all traffic going out of the WAN port is affected by by natting, so that I can not use it with VLANS on the WAN interface behind a third party SD-WAN or even other firewall solution. This would be a real benefit using the device in enterprise environments where networks/devices must be reached from other locations without port forwarding which is useless in enterprise scenarios. Would be nice if you find some time to to at this.
Thanks for your videos, greetings from Chile.
I have a question, is it possible to use UDM pro or UMD SE as a Cloud Key, I manage a large network and the CloudKey is no longer able to load the network application.
The question is because I have a third party Firewall.
The current configuration is:
Firewall, towards an Aggregate and the cloud key connected to the second switch.
What I'm looking for is: Firewall -> UMD-> and then the rest of the network.
On the unifi website there is a cloud key enterprise but it is not available yet.
I hope you can help me.
Kind regards
I'm currently running 2 UDM Pros in Shadow mode with 2 ISPs in a fail-over config, would I need a switch inbetween each ISP's modem and each UDM Pro to achieve HA Shadow mode? From what I've gathered, most ISPs in the US handout a single IP so I'm not sure if this would work in a failover config without 2 extra switches and double-NAT which doesn't seem ideal. Does that sound right or am I missing something?
@Mactelecom Networks I have a bunch of flat ethernet cables, do you know of any cable combs that work well with flat cables?
Is HA mode going to be on any of the UXG line? The UXG-Pro at a minimum should have this.
Are you hooking up the same ISP connections or is this with 2 separate ISP?
I have the same exact question, my ISP modem only has one downstream port...
Confused. I don't have an ISP modem so my ISP connection goes directly into my UDM Pro.
You can use a switch to add ports to your isp modem.
should I use a managed switch or unmanaged switch? Thanks.
@@TangDynasty1983 it depends on your topology. But the simplest way would be modem -> unmanaged switch -> routers. A managed switch like Unifi, you simply create a vlan and use 3rd party gateway. Then you apply that as the native vlan to the 3 ports, 1 port for uplink to modem and 2 ports for downlinks to router. It can be any switch. You can even do it with the UDM built in switch.
Edit: keep in mind you would need more than 1 public ip unless you are simply using the HA shadow mode feature or you didn’t care about NAT
Riiight. Looks fine. I wonder if that comes to the UDM-Pro/-SE with UniFi OS 4, where Cody seems to be running v4.0.2.
Thanks for the video!!
Thanks for the quick review, but IMO there are a few important things missing.
1. Could you include a block diagram showing how all the ports are connected and their respective speeds? Is the internal switch still only connected to the CPU at 1Gb/s?
2. How is it possible that the throughput is only ~2.6Gb/s with IDS/IPS enabled, when the Pro/SE was previously advertised as being capable of handling 3.5Gb/s with everything turned on?
3. In the event of an HA failover, is the session table properly synchronized between the two devices to ensure that TCP connections aren't dropped?
theoretical vs real world would be my guess. I'm not sure the PRO/SE can really handle 3.5Gb/s anyway with everything maxed out.
@@_nick___ I’ve learned that with the “3.5 Gb/s IPS throughput” they mean LAN-WAN / LAN-LAN traffic without the use of vlans. The throughput is way less with vlans on either LAN or WAN enabled.
Big video!
Thanks for the update Cody.
But just why?
If your network is that big, go with the proper components
Gateway Pro
Aggregation switch
UNVR pro.
Really? people want to build a network for 1000 devices, but want to skimp on hardware.
Makes no sense...
I will be doing a large installation for fairground wifi in a few months and am wondering if this would be preferred over a UXG-Pro?
I suppose it would depend on your projected network traffic and the total amount of WAPs
Do you know whether Shadow Mode will work between different models - specifically UDM Pro Max and UDM SE?
They have to be the same model
I still can't figure out how this is HA when both UDM connect to a single Aggregation switch... if that switch is down, the HA is useless.. anyone found a way to get trunk from both UDM to a pair of
aggreg switches?
Nice work Cody! Shirt looks great! 😂
😂 it really does
How's your dual connection to your ISP configured? Do you have two modems?
In most common redundant pfSense setups that use carp, you have 1 modem with 2 links to each. Each router has an address (192.168.1.1 / 192.168.1.2) and then use a gateway carp address (192.168.1.3) for the DHCP lease, so whether router 1 or router 2 is master, the DHCP lease given makes sense as that address is always up.
Until we get OS 4.0, we won’t know how Ubiquity is doing the fail over but it might be something similar
So High High Availability will come to all Pro/SE Consoles?
Correct
Hi Cody, I would appreciate it if you can test UDM Pro Max with PPPOE wan 3.0 gbe with IPS/IDS turned on. With UDM SE I can get max 2.3 gbe Bell Fiber.
So does the modem need 2 Ethernet ports if both pro max are plugged into it?
If so their own modem can’t be used which is stupid.
Now give us SD-WAN rules so that we can move packets seamlessly to the next gateway for UCaaS!
I wish someone would test UDP throughput on this model, UDP is the crux of existing Unifi gateway lines, just 500mbps of UDP will cause sever packet loss and if it goes on long enough, crash any controllers on UDM series.
This is cool, don't get me wrong, but can we create IPv6-only VLANs yet?
you should hook a brother up with that SE.. 😉
Who's RJ45 to SPF+ transceivers do you use? The one from UI has been out of stock for months.
The ones I used were from ubiquiti. 10gtec isn’t bad either
dO THEY HAVE A UNET THE WORKS AS A MODEM?
I was excited when i heard of this product. I thought it would come with POE ++, but it doesnt even come with POE... I just want "one device" that will do cameras and door access for my home, dream wall was almost there if it wasnt for it using only micro sd cards and the UDM SE doesnt have POE++ :c
This is for large businesses, not home use. This will have Poe switches plugged into so it doesn’t need Poe on it
Does it allow multi-site management?
Single site
If i'm coming from an UXG-Pro to this, would I still need my cloud key Gen2plus? Thanks~
Nope you could get rid of the cloud key
❤
How did you split the cable for the ISP connection?
My cable model has 4 ports on the back.
If you only have 1 port than you would have to put a switch after your modem
@@MactelecomNetworks I see. Yeah, I have that already, I use a MokerLink 10Gbps switch because I have 3 IP addresses for 3 different setups, two Unifi setups and the other TP-Link.
@@MactelecomNetworks Hey Cody. I'm pumped to get my hands on a pro max. You have a switch recommendation to place in the middle of a modem and UDM?
@@grbeck3312cheap and dumb. For that I am a fan of the purple or silver Netgear units.
When is UniFi os 4.0 scheduled to be released?
That I’m not sure. It will have to come to early access first
Let’s get a Dream Wall Pro with a HDD bay and bottom Ethernet ports!
Will you be switching to Udm pro max at home?
I have it running in my house right now. But these are really meant for large deployments
i'm curious how you got 2 connections from same ISP ?
My ISP has multiple connections on the back of the modem. If you only have one port you would need to put a switch after the modem
@@MactelecomNetworks I have an Arris Sb8200 with 2x rj45 connections on the back. Is that something that would work for this or do you need something fancier?
@@MactelecomNetworks whats your ISP .. i'm also in Canada, using bell ATM and my fiber goes straight into my UDM Pro
@@MactelecomNetworks doing double NAT?
Still no network access control, SD-Wan still limited to 15 sites :( How "large scale" can you go when you're limited to 15 sites.
Did I miss something, why isn't anyone reviewing UXG-MAX? I was hoping to replace a friend's old USG-3 and keep his cloud key plus. This new device appears to tick all my boxes.
I may do a video on it I have it but was waiting on this to release first
I got tired of waiting and jumped on the UXG Pro. But ideally I would have the Max for home use. Looks like a neat product. Now a new cloud key is in order
How does having 1 internet connection work with Ubiquiti HA? You can’t get the same public ip address to 2 MAC addresses.
If your isp modem has 2 or more lan ports, you plug each pro max into a separate port.
Thanks Patrick, but that will not give me a public ip address as the modem is in bridge mode.
Sounds like I have to go to the ISP and request a 2nd ip address.
@@XpertCS But you have and use only 1 public IP at the time, on primary router. When secondary takes over it will have that public IP address (if automatic or PPPoE does not matter, it will just take a couple of seconds to reconnect to your IPS servers trough their modem in bridge mode, to give you public ip address)
Sounds about right… I know I have one ISP who hardcodes it to a MAC address but will get that sorted.
Thanks
Strange that the max doesn't have 2.5Gbps switch ports and no POE. Can you put the dual drives in striping (raid 0)?
If you’re using a UDM pro max you would most likely have other switches that have 2.5Gb and poe. Remember this is for large scale
Also no raid 0 just raid 1
@@MactelecomNetworks ya, I get it's for large scale, but seems like a strange product within their line. A better solution would be UXG Pro (which I have) and then NVR or NVR Pro I think.
What's the realistic amount of clients this can handle if I'm running about 6 to 8 switches and about 70 APs?
They say 2000+
Yeah I know they say 2000+. But I want to know real well what you believe or what you think it can do based on experiences like the dream machine SE and pro had said 1,000+ what's the maximum you have seen them in real use handle because I want to use one for a small stadium but it won't be just for clients it will also be for the it'll be for the main connection source for the media people also
Same CPU only 0,3 MHz more… 8gb of ram… double the size of unifi clients and device capacity… but „only“ 5 Gbs IDS/IPS?…not what i expected of a pro max version.
Would be better with a octa core cpu and upgradeable ram…
For that money i get a udm pro and one nvr with better performance for protect.
but maybe there is a usecase for some people.
Can I restore backup from udm se to udm pro max? :)
Yes, you can move network from one controller to another. You can do full config within the same model series. So udm, UDMP, udmse, udmpm should all be able to swap their device configs around.
@@BartLanz I've moved controller settis backup from cloudkeys to self hosted and/or dreammachines. But the actual System Config Backup in the os settings, can the restore option there be used to restore "System Config Backup" from let's say, SE to max pro with all the os settings an applications at once?
But still just 1Gbe Ports... wtf? Why not all 2.5Gbe?
They stay with prosumers and upgrade the 8 ports from gig to multigig. That's all. None in enterprise world need that kind of stuffs. None in prosumers world need that. To use in my home I should buy also a separate multigig switch with a PoE. That's mean more power consumption, more maintenance, more space and a lots of unused ports. What I'm waiting for is a udm multigigs with internal ONT and a PoE for the wifi spots. Actually there isn't nothing like this on the market
"Pro max" but no rgb?
The naming is typical Ubiquiti style. Establish a marketing theme them apply it wherever lol
This device honestly doesn't make sense. How do they justify charging $230 more than the UDM Pro for simply adding a single SATA drive bay? If this thing really is intended for larger deployments it doesn't make sense. Anyone that is installing hundreds of unifi devices and thousands of endpoints is not going to stick their security system on their firewall. They are going to get a separate NVR which Ubiquiti already sells. They also aren't going to use gigabit ports or even 10GBE ports for their trunk ports. They are seriously trying to portray this as an enterprise level device all while limiting most of the ports to gigabit? They do realize that gigabit Ethernet came out in 1999 right?
If they actually wanted to have this be more for enterprise they should have dropped the drive cages and the 8GBE ports. Instead they should have had a 10GbE RJ45 port, a console port, and around 6 QSFP28 ports so they could actually connect to the trunk of their network. As is this thing will bottleneck it. If they wanted to add even more ports, especially since they got rid of the drive cages, that would be fine. I don't think anyone would complain about more ports or faster ports if they didn't balloon the price doing so. Edit: They would also have redundant power supplies that are hot-swapable, again if this was intended for enterprise use.
If they actually want an all in one device the drive cages are great but those 8 RJ45 ports should all have POE with probably 4 having POE++ and the other 4 having POE+. They also should be at least 2.5Gbps. The RJ45 WAN port should be 10GbE capable and the 2 fiber cages should be QSFP28. If they wanted to add more ports to this that would be fine. I would be fine with more SFP+ cages or more 2.5GBE ports or another RJ45 WAN port for a backup WAN connection but I just layed out where they should have gone with it keeping the port count and type the same.
I completely agree the price point does not make sense without at least PoE & 2.5gb ports. I would 100% replace the less than 3month old UDM SE at one of my sites if it included that.
The 2.5 gb and PoE would allow me to deploy the U7 access points without a replacement switch and the additional 3 2K cameras the higher processer allows + option to raid the storage would be perfect for this location.
Wow pro max -- what about pro max ultra max pro?
Not worth the money, they probably had too many SE bords in stock and this is a way to get rid of them.
Such a small upgrade for the price
Double the devices and double the clients is a small upgrade 🙃
Ubiquiti stock is really getting hammered. Will this company go bankrupt?
What are you trying to buy? Everything I’ve needed in the past year or two has been avaiable
@@MactelecomNetworkshe doesn’t mean physical product stock, he means stock price of the company.
@@MactelecomNetworks I am talking about the stock market listing. $UI keeps dropping and with 1 billion in debt the future for this company is a question mark.
Lacks PoE....
If you’re buying this device you should have poe switches. It’s for large scale
At that large scale, two drive bays are useless, as you would use NVR
@@szubster You can add a second set of drives to the failover device. In the event your primary goes down, you can set it up to have Protect begin recording on the failover device. Very minimal downtime.
Then why two drive bays lol, nvr but can’t even connect cameras to it. This is a joke
Keep the unreleased devices coming!
3 gig wan 😢 to my measly 1 gig wan 😂
Tan sexy, me encantan sus video y como explica
3.5 to 5gbps I wouldn't say is 'significant'. Not even if someone were to use it in a small to medium business. This is a unifi shill guy.
😂 how many small to medium
Business do you know with 5gbps connections?
Shill ok. I like Ubiquiti that’s what I sell so that’s what I do videos on