UniFi Dream Machine Pro (UDM-Pro)

one of the crosstalk solutions, my name is Chris and I know many of you have been waiting for this video. I've been waiting to do it too. I have the UDM Pro in front of me and this is probably one of the most anticipated Ubiquity devices I've seen in a long time, they just came out of early access about three days ago and I just got mine today so what Is it the UDM Pro? Let's talk about that while I take this off the market. box, so the UDM Pro is essentially an all-in-one 1u rackmount device that combines a

unifi

ed controller and eight ports that basically has the USG and two 10 gigabit sfp+ ports.

It also has a hard drive slot so you can run unify protect on this as well and it has a powerful enough processor that it's supposedly capable of running like three gigabits or so with IPS IDs on, which has typically been the most heavily used process CPU intensive on the kind of

unifi

ed software you know, for example. with the USG it is generally recommended to have the intrusion protection IPs and IDs disabled in order to get the full bandwidth of the device because it affects the CPU a lot, so inside the box here we have a little more box up top, let's take that out and let's put it aside and then let's get the Pro

dream

machine

out of here.

It's actually a little heavier than I thought it would be now the MSRP on this device is 300 and look at them as sort of custom. custom styrofoam bumpers the MSRP on this device is $379, however there is an 8 terabyte hard drive option not sure if the one I received from ubiquity here has the 8 terabyte drive or not, by the way, ubiquity sent this device to me for free, however my opinions, as always, are my own, okay, let's unwrap this here, we can see the two sfp+ ports sticking out on the front here, how beautiful, there's a lot What to talk about, well, first I'm going to see that there is a little tab here where the hard drive goes.

I go to pull it and it just disconnects. There we go, okay, so I don't have the 8 terabyte hard drive included with my UDN Pro, so I'll have to find one. hard drive to put in here I'm pretty sure I have a spare one somewhere, so let's wait on this for a second, let's see what comes in this little extra box just to get it out of the way, well inside the extra drive. little box we have a hardware kit so there are all the screws and a power cable with rack mount ears and the UDM pro looks like some kind of little quick start guide or something or it has the QR code for the Quick Start Guide quick start right here, the QR code was also on the inside of the box, as we've been seeing with ubiquity products lately.

Oh, really nice, so here's the hardware kit. I'll try to get a close up of this. It also has some rubber feet and all the screws. that you need, as well as some rack mounting hardware, I'll save all of this too, but yes, it has rubber feet, so if you want to put it on the desk from outside of this thing or just have it on your desk, you can do that too, beautiful, so I'm going to zoom the camera in a little bit closer so we can get a closer look at the front and back of this udm Pro.

Okay, here we go, let's talk about the components that are right in the front. So starting over here, this is the 1.8 inch touch screen, it's the same touch screen that we have on the new Switch product line, the usw switches and the pro switches, remove a little screen protector, here we go , all good, so the hard drive bay is still here. it clicks so you basically push it in and then it opens, you can take it out now. This will fit a 2.5 inch hard drive and a 3.5 inch hard drive, which is pretty good. Put it back, of course, it's to unify the footage and protect it.

I have 8 gigabit ethernet ports now one of the complaints I saw online a lot of people were complaining that these are not power over ethernet ports and I figure that's how they keep the price down again this thing is 379 without the hard drive, so to keep that price low they didn't put any POA, they asked him to put 2 10 gigabit SFP+ ports, so here we have a Gigabit LAN port, an rj45 LAN port and then we have 2 SFP+ ports for 10 gigs. Fiber, one of them is When sfp+ and one of them is Land sfp+ and again, I don't know how it looks and is unified, but these are separated specifically as When and Land SFP+.

Okay, let's take a look at the back of this. So it's interesting that this device works with the US model Unify Smart Power RPS. The PRPs are essentially a redundant power supply that somehow plugs in here now that the product says it's coming soon, so I don't know if it's early access or what I'll have to look for, but it has some level of power redundancy built in. I think essentially what the RPS is is it's basically a backup battery or backup power that can be plugged into a bunch of different devices, so instead of having an actual dual power supply on the back of this box, you have a standard Molex power. connector here and then you can connect this to the UPA, the USP - RPS device and this can maintain power if the power goes out here for some reason, that's how I understand it if I do a little research on that and if I find out I'm wrong I'll update the video.

There's also a light and LED here on the back to tell if the RPS is actually working well or not, so before I get too far into the setup, I wanted to open up the top of this UDM Pro just to see what it looks like. You can see here that I put a hard drive in the hard drive tray. This is actually the original hard drive that came with my uck gen to the cloud key gen 2 plus. So I just replaced that with a 5 terabyte drive. I took the original drive out of there and put it here because I just didn't have a three and a half inch drive, but that one should work fine, hopefully, here.

We can see the screen is telling me we're ready to set this up, which we'll get to in just a second, but take a look inside this udm pro, it's pretty interesting, so you'll notice a couple of things right off the bat. Number one is there's a lot of space here and I posted this on Twitter and that's the first thing people complain about is like, oh my gosh, look how much space is left, you know, in this 1u chassis, but again, like you already know. You can't really have it both ways if they hadn't made it a 1u form factor people would have complained about it not being rack mountable but now that it's a 1u form factor people are complaining that there's too much room in the case, but you know, one thing they might do is eventually notice that there's enough room for a second hard drive tray, so maybe they'll come out with another version that has two hard drives and then basically, They don't have to readjust this layout at all to do, as you know, a RAID one configuration on the hard drives, so maybe that's an option, but there are a couple of other interesting things here.

The only thing that really impressed me is this custom airflow tray, so they have two fans. Here you have a fan right here and a fan here in front of the SFP+ ports. I guess it's on top of the CPU and then we have another fan back here that's in front of the hard drives and I'm not sure if that's to cool the hard drive or what, but it's a little hard to see, but this kind of custom krei it's like molded plastic that diverts all the airflow through the vents at the top of the back of the chassis, so if this is the case, check out these holes here at the top where it comes out. the airflow, it's right through these holes and when it's like that, there's actually no big fan holes on the side of this thing.

It kind of made it more aerodynamic, so the air builds up here and then rises up this ramp to here and then the air builds up here, rises up this ramp here and then goes out the back all the way through. the rear of the chassis. which is pretty cool, another thing that's cool is if you look here really closely, you can see that the ramp, the plastic ramp for the airflow, also has holes cut out for these like capacitors or whatever they are. these things, and I'm sure that just provides some additional cooling. I'm not sure if it's for cooling or if they actually just needed a little bit of extra space for those things to stick out of the little motherboard, the main board that's down there, because they do stick out. a little bit higher than the ramp here, but it's a cool design, they've actually tiled it pretty well, but enough about the inside of this thing, let's go ahead and set it up right, so I'm I'm going to set up this Dream Machine Pro a through the web GUI.

I was originally going to do it on my phone and actually, I don't know if you can see this, but it says on my phone that a new Dream Machine has been found in Unify so I can set it up. I do it on the phone, but it's actually easier for video purposes to do it in a browser, so what I have here is the initial step. When you're setting this up, it's already timed out, so I'm going to hit try again, but basically I just navigated to one at 81-68 1.1, which is the default LAN IP address of the UDM pro, so I have my laptop set up at 192 point 168 1 point our win cable so I'll say try again and it says connect to the internet testing the internet connection so let's connect this now.

My Internet connection will be a static IP address, so you may need to go into Advanced Internet Options. let me click on that and we'll set it to static now I need to remember my IP address, okay, I have that information. You can also choose when or when to use SFP, which will be the top sfp+ port here, so I'm just going to say when and then we'll give you our IP address gateway subnet mask and some DNS server information on most the cases or should I say that most people will probably have a dynamically assigned LAN IP address, in which case it would connect to the wind port and automatically detect your IP settings if you have static, although this is the process you should follow, so we are going to say: apply, here we go, now you tested the Internet connection successfully and we are going to name the unified

machine

of your

dream

s Pro UDM Pro we will call it something smarter than that well, we will call it Dreamweaver and there we are going to agree to the terms then you log in to UI com okay now we're going to go into our single sign on our ubiquity and information single sign on and it looks like you can skip this so you have to have internet connectivity and you have to have a login ubiquity single session, it looks like you need to configure this, so we'll say the following and it asks me for my 2fa, let's go ahead and include that in the update schedule.

Keeping your network up to date gives you the latest performance and security features. So how often do we want to check for updates on a daily basis? 3 a.m. m. 2 a.m. m. okay, next step 4 of 7 Autotuning will go ahead and say yes and then send diagnostics and performance information. This will not be in production. I don't normally turn these things on anyway, so we'll just say this. step 5 of 7 check check your settings to see if it seems undefined, it looks like you need to fix that, okay, and we'll just say the following initial speed tests ooh, that's not a very fast download.

I certainly get more than 22 megabits per second. I have a 400 megabit connection. I think what I'll do is eventually move this UTM to my other desktop here closer to the firewall and the router and all that kind of stuff, all the right speed tests. Wow, no, that's not very good, download and upload results. I'm supposed to get 400 by 20, not 20 by 20, so let's change that, let's say 400 by 20, set the speeds to what your ISP has promised you 400 by 20 and we'll say finish setting up the network, configure your devices and network configuration this may take several minutes here we go Dreamweaver network version 5 12.50 9 that's new okay so we have configurations or users let's look at the users first so my account is the only user here.

I'm an admin and there are no groups or there's a B&T group okay network here we go so security, analytics, diagnostics and usage data for ubiquity let's not do that and then we'll just unify so we'll immediately unify . and now I am getting an error when saving the analysis agreement. Okay, let's go back to the local UTM Pro portal because I want to see the settings here, so Dream Machine Pro Firmware Chris Sherwood we can see the CPU, CPU load, CPU temperature. memory storage capacity storage is not mounted that would be my drive that I plugged in you may not get that drive until you reboot because I don't think it's a hot swappable drive applications we have yes,so it says search for it protect it it says that a hard drive is required to start this application and then we have a network that is unify protection, which is protect access, that's interesting, we will have to install it at some point and then speak by voice or unify, called beta access, it's interesting.

I don't think so. I know they're doing some access control stuff in early access, but I haven't touched any of the access control devices yet and then if we click on advanced, we can enable SSH on the device, we can rename it and we can change our settings, like as the firmware automatically updates, you know, what I don't see here is a way to turn this off gracefully, well, there's no way to turn this off gracefully, so we'll just have to unplug it, God. . I hate doing that, although instead I'll unplug the plug from my power strip down here.

Oh yeah, okay, I just turned it off, so I'll put the case back on. I'll move it to the other side of my office here and then we'll reconnect and log in to unify. What we can see now I moved the UDM Pro here to the corner of my desk and plugged it back in on that internet issue I was seeing where I was only getting 20 megabits down, 20 megabits up is kind of a card. Spectrum problem. I tried it through UDM. I was still getting, you know, maybe a maximum of 80 megabits per second. I took out my computer, plugged it directly into the modem and gave myself a static LAN IP address on my computer and it was still slow. speeds, so it's something I got a call letter about.

I'll deal with it on Monday, as long as it's active and you know, I'm fine with it, but I'm supposed to get 400 megabits and 20 megabits isn't. helping me test the capabilities of this UTM, but other than that, let's take a look, we're back in the interface here and I'm going to install some of the helper applications that come with the UDM, so if I click on settings the first thing What we see here is that my second hard drive is now recognized, so it's only a one terabyte hard drive, but it's good enough for our tests and simply plugging it in and restarting the UDM was enough to recognize that hard drive.

Now let's click. in the applications and now we have the ability to install Protect, as it now detects that there is a hard drive that can be installed Protect, so we are going to go ahead and install Protect and since we are testing this, we are also going to install access and talk, we'll just install everything and I'll come back when everything is installed. Now we have all the applications installed. Here it is unify, unify, protect, access and speak, so I don't really know anything about access or speak. but let's go ahead and click on it and see what we get.

Step one to unify access. Set what your building name is. Let's try this home office. No items found. Now is a good time to connect items to your network to configure them. I don't have any, let's go ahead and skip the access time settings, ok, 9:00 to 5:00, it looks something like this, Monday to Friday, check the settings, okay, finish preparing unified access, ok , oh wow, look at this, so these must be dropped events. on the left side here we have total activities add users add visitors add NFC cards and that's why we have panel users Wow locations visitors all visitors visitor registration next visitors the elements must be the different ones, you know door control, you know access control stuff policies and credential scanners, so this allows you to block probably which users can access which doors and all that and then events, wow, that's crazy, so this is all new to me, like said.

I have worked with access. control systems before, but certainly not unifying access, so it will be interesting to see what happens with this. I don't even remember if there's anything in the early access store. I'll have to go check it out, but I hope to get my hands on some of this equipment at some point. I can do a full review on unified access. Now with the UDM you have the ability to switch between applications here in the top right corner, so I can click here and I can switch. for example, to unify the conversation, let's see, thank you for using it and if I talked about the ubiquity zEnterprise VoIP solution, this process will walk you through its configuration, accept the terms, let's do it right, just do the standard configuration, since it doesn't bother you I owe nothing to 500 users who are not on the whitelist. went wrong, try again, ok, advanced settings will appear.

No, error 500. User 500 is not whitelisted, so I won't worry about that for now. There is some kind of error. This is also in beta and I'm not supposed to show the beta. stuff on video anyway, so we'll skip the talk for now. I'll revisit the talk when it's a little more mature and hopefully comes out of beta at some point, so let's get back to protecting, so protecting should be where we are. you used to not have cameras add cameras okay okay so I have a g4 pro camera here let's go ahead and turn this on oh I'm going to need a switch right?

Yes, I will have to have a switch. Alright, I'm going to have to hook up my 24 port OE p switch in order to power this camera, so let me do that next. I'm going to grab a 24 port POS and plug it in. I'll go into unify and then I'll be able to plug this camera in and we can take a look at protect, which we shouldn't see anything new and protect, but anyway I like to have a camera running and then we'll choose the video is backed up once I've done all that. , good. I went back and did a quick and dirty test lab setup.

I have 24 ports which are US 24 to US 51. I also have a nano HD hotspot and then I have also connected a g4 pro camera to protect so everything works fine and let's take a quick look at the protection. Here we can see my g4 pro if I look at my live view, of course right now it's just pointing at my ceiling, but you can see it's working fine now. One thing I realized I couldn't find information on is how many cameras UTM pro supports and I think I know the answer. The answer will be good, it depends, right? a stronger process sir than the Gentoo plus cloud key which supports up to 20 cameras so I guess ubiquity would specifically say it depends in terms of the number of cameras that UDM Pro supports because it depends on whether you are using unify talk. and to what extent are you using it, are you using unified access and to what extent are you using it? just unify with a few devices and protect operation, you could have many more cameras than if you had many devices and unify many devices into one access that is working all the time, people come in and out of your doors and you run your entire phone system with this is also correct, so that's what I mean by that it depends on you not having hard and fast data like a specific higher number of cameras, but what I would assume is that it will be at least that many. as they say the gen 2 plus cloud key can support which is 20 so i guess 20 is probably the minimum max number of cameras if that makes any sense anyway so i wanted to do something else before actually downloading my Thoughts on UDM Pro I've had some time to play with this.

There's a lot to unpack here and there are some things that I think you'll have to wait for other videos, like, the whole threat management thing is more about unifying. It's included in UTM Pro, but it's more of a unifying feature than something specific to UTM Pro, so I'm going to talk about the threat management and IP SIDS stuff, but first I want to talk about the touch screen, so let's take the camera, let's focus on the touch screen so we can show you the capabilities of this little 1.3 inch touch screen on the UTM Pro. Okay, here is the touch screen on the UTM Pro.

We can see that we have the network protection access in gray since I don't have any access devices, the conversation is grayed out since I don't have any unified conversation devices and then we have settings so let's go through these quickly on the network, we can see our performance, our Wi-Fi experience, a series of wired clients Wireless and guest clients so we have our unified network version 512 dot 59 swipe up to go back to the main menu let me come here to unify protection let's see those statistics again motion events I'm not sure how useful this is but there you can see motion events for your protected cameras.

We have the number of online and offline cameras and our unified protection version. Slide access back. We can not do anything. It's grayed out because we don't have any of those. Devices are the same with the conversation, let's take a look at the settings here, this is the settings for this display screen for the most part, the screen brightness, the background color of the screen and then we have the speed of the fan, which we can actually adjust the fan speed right now. It's set to auto and we have it at 49% with about 2800 RPM, it seems to go back to brightness and finally we have about it will show us the CPU and memory utilization of our system as well as a graph of the CPU utilization and the memory. time we have our AND an IP and our LAN IP temperature 38 degrees Celsius 100 agree Fahrenheit uptime two days 22 minutes and then the border view MAC address I'm not sure what MAC address it is since there are so many interfaces here maybe it's the I guess it's the MAC address I don't know and finally we have the UTM Pro software version so we flip up and go back to the main screen yeah that's it for the touch screen so there's a lot to unpack.

There is a lot to discuss about this and it is difficult. I've tried to organize a lot of my thoughts on UDM Pro and I'm going to go through a lot of these different topics that I'm sure will come up and have already come up, since I've been discussing UTM Pro on Twitter and all that, the first thing I want to discuss are some of the differences when you get a UTM, whether it's the dream machine, the standard, or the dream machine Pro that I. I'm looking at one of the differences here with the standard Unify and I'm talking about the unified network driver.

First of all, there are no multi-sites, so they are designed to be single view devices, so I have a unified controller in the cloud where it is hosted. on Digital Ocean and I have a bunch of different sites for different clients that I serve on that digital ocean driver. It's like a single pane of glass for all my clients and I can easily switch between them. You can connect the UDM. Propose unifying UI communications so you can manage them from anywhere and you can manage a bunch of different DMS from that central online interface, but by unifying with your dream machines you'll only get one site, so you won't You can add multiple sites. with unify on the dream machine there also doesn't seem to be a way to have a local unified login.

You have to use your ubiquity single sign-on. That said, I don't know if you can even log in to the UDM or UDM Pro if you don't have your internet connection working, for me for example I have two factor authentication enabled and you should try: disconnect the UDM from the moment and try log in and see if I can. even log in actually you know what I'm going to try right now okay so you can see here I logged out of my when I'm completely down and the internet timed out let's log out and then Let's try to log in again. so I was able to log back in, that actually worked so it's good that I thought about it for a while, but then I was able to log in and the other interesting thing and I don't know if this is because I already had an authenticated session, I didn't It asked for my two-factor authentication code when I did it, so let me reconnect to the internet.

I'm going to log out and log back in and then see if it prompts me for 2fa again, okay? access to the internet once again, let's log out, log out and log back in this time, he asked for two from a, so that's really cool. I like that he was able to do it, he knew he was disconnected. I thought about it for a while. and then it allowed me to log in with my ubiquity single sign on without two factor authentication, even though I was because I wasn't connected to the internet, now that of course becomes a security issue because now that we know or if The bad actor knew that if they had access to your Unify controller but didn't have your two-factor authentication access, you are sort of a second line of defense, if they had physical access to the device, they could disconnect your network connection and then log in , but I think it's an interesting feature to be able to log in locally without 2fa, but it's also possibly asecurity risk, but many people don't have to factor unify-enabled authentication anyway, so keep your passwords safe, don't.

No matter what the difference is between this dream machine Pro and a standard unified controller or even just the standard US G or us G Pro is that you can't connect them to a hosted unified controller, so let's say you want all the stuff that comes in the UDM Pro but you don't want to use the built-in unification of the troller you want to connect it to. a hosted controller, you can't do that again now, that may be a disadvantage for some people, but I think it really comes down to knowing what you're buying correctly, so if you have the ability to connect to a hosted controller it's important to you, then your dream machine isn't for you, but if that's something you like, then who cares if you can't connect to a hosted controller?

You have unified, why would you need to do it then? Totally fine now, if I were installing a dream machine, if I was deliberately buying a dream machine for my own home or my small business, I would use the integrated unified controller anyway. I don't see the need since it has five built-in. I don't see the need to connect it to a hosted controller, but I want to be complete in the information I'm conveying to my YouTube audience. Well, this is the same across the entire unified line of firewalls that I duplicate. -Checked that the dream machine cannot have multiple LAN IP addresses on a single interface, so if you have a block of, say, five IP addresses, five static IP addresses, you can only use one with the dream machine. dreams Pro.or the dream machine or any USG, I think the USG and the USG Pro, if you dare, you can go in and modify the configuration point JSON file to add multiple IP addresses to the interface.

I'm pretty sure you can do it. I never mess with JSON, so I always forget what you can and can't do with JSON files. By the way, don't mess with JSON files if there's something you need to do in JSON that you probably can't do by unifying it. I don't want the USG, but that raises an interesting point: if you can modify the JSON file to add multiple LAN IP addresses to the LAN interface of a USG or USG Pro, you can't do it with your dream machines because there is a difference: The dream machine differs from the American one.

The cheese is that there are no more configuration point JSON files, there is no editing of JSON files in either Dream Machine or Dream Machine Pro and this has been confirmed by ubiquity, so here we can see an article published three months ago. UTM Pro confirms that there is no configuration. gateway JSON allowed one possible slash, someone says yes you are right, UDM and UTM pro do not run Edge OS and therefore the configuration gateway JSON does not apply. Let's talk about the noise level, so I'm used to having a newer version. of fanless switches, this is the US country w24 is there is no, it is whisper quiet, there is no fan on this switch before that, I had the US 24 250 watts which had noisy fans, but I replaced them with Noctua fans and then it was silent.

Also, the UDM pro is not silent. Ok, I noticed that I can hear it all day, I took a measurement and it's running between around 46 to 48 DB right when it's idling, so on the fans, as we saw when I was going through the touch screen, the fans are running at about 50 percent, there are two fans inside the case, could you potentially replace those fans with quieter fans like? like the Noctua fan replacement I made in the US 24 250 which I probably haven't tried I'm not going to try it and if you're in a quiet office environment like me I'm in my home office and I have this sitting next to me, I listen to them all day, but if you're going to put this udm Pro in a network closet or if it's in a network rack in a data center, something like that, you'd never notice, right? 48 46 to 48 DB is much quieter than most fan-powered switches and servers out there.

If you put it next to any 1u server like a Dell server or something, it will be significantly quieter than that Dell server, so while it does have some fan noise it's really no big deal unless you're used to not have any noise, like if you have this on your nightstand next to your bed where you're sleeping, you'll notice it fine, but if it's next to it with a bunch of other servers, it won't make any difference to you, let's talk for a moment about hard drive compatibility. The hard drive I put in the UDM Pro was, I believe, a Toshiba 2.5-inch, terabyte drive that came with my cloud key generation. 2 also, that one works perfectly fine, the UDM Pro recognized it, it mounted perfectly fine, it connects perfectly fine, however not all hard drives will work in the UDM pro, now ubiquity has an article on hard drive compatibility and you can see the recommended hard drives here in the 8 terabyte type, you can go up to this 14 terabyte one, see doors, but I'm only going to talk about eight terabytes because that's the one you can buy additionally at ubiquity.

They have the Seagate Skyhawk eight terabyte 7200 rpm drive and they have the Western Digital purple 8 terabyte 7200 rpm drive, so the Western Digital purple has 5400 rpm and 7200 rpm. Now, this is quite interesting. Earlier at the beginning of this video I said that you can buy your dream machine without a hard drive or ubiquity can buy your dream machine with the hard drive pre-installed and ubiquity doesn't tell you what kind of hard drive they install if you look at the page of prices here, this has been updated now because they must have had more stock. I didn't have a price for this before, now it says eight terabyte hard drive.

It's a $190 option to add a 7200 RPM 8 terabyte surveillance class drive. The only surveillance class drives I know of on this hardware compatibility list are specific surveillance drives: Western Digital 8 terabytes 7200 rpm and Seagate Skyhawk 8 terabytes 7200 rpm. I'm not sure if the drive that ubiquity installs is one of these models or not, they don't specifically say what the model is, but both models if you look on Amazon cost around two hundred and thirty-three dollars or the Seagate Skyhawk costs two hundred and thirty-three dollars, let's see what the purple is, the purple is 223, okay, so two hundred and twenty-three dollars for the purple eight terabyte 7200 rpm drive. drive and $233 for the Seagate 7200 rpm drive, the surveillance drive, so the one they're putting in is $190, so if you're interested in having a violent or 8 terabyte surveillance drive on the UDM Pro, It's a good idea to have Ubiquiti. install it out of the box because you'll actually save some money compared to Western Digital or Seagate Skyhawk so yeah, some interesting information, I don't know if maybe it's really one of those drives I mentioned and they just buy so many that they get them with discount and just throw them in at their cost or something.

I don't really know, but if you know what eight terabyte hard drive, what is the hard drive model? it actually comes in the UDM Pro. Write it down in the comments below because I want to know. I would like to know what unit they actually include with this device so now let's take a look at the data sheet because I want to cover a couple of things here: This is the PDF data sheet for UDM pro and there are a few features listed in this datasheet where some of the features are specific to UDM pro and some of the features are just unified functions. which you get with any Unify installation, so it's interesting to distinguish which of these features in the datasheet are specific to the dream machine and which are specific only to unify, which is why I wanted to talk about the redundancy section here, so this is on the second page of the data sheet and it says that UTM Pro supports multiple redundancy options to ensure your network remains operational.

Dual gain with failover is the first one they mentioned, so it supports dual Internet/ISP connections with failover if the primary Whang connection goes down. it automatically switches to another Wang connection. I have tried this if you look here. I have an rj45 plug connected to the wind port of the type when one, so to speak, it's just called way and then when, so my LAN port is a real LAN IP. address and then this fiber cable here is connected to the 10gig SFP connected to my US W 24 switch, so basically my van 2 is just pulling a LAN IP address from my actual regular network, so which I'm simulating a duel when a failover occurs and it actually works, so let's go ahead and simulate that now so we can see here that I'm pinging the Internet if I say what is my IP, the IP address that I get.

Obviously I won't show you my way IP address but my wine IP shows the one that I have specifically assigned to the rj45 interface of the UDM Pro. Now I'm going to disconnect that cable and see the pings here, so I disconnected my win and now we are. I'm going to get some request timeouts and then I should start getting responses once again here we go so it took about ten seconds and after about ten seconds I started getting responses again so the LAN has now failed and if I update what my IP communication is. Now I get the LAN IP address for my border router because now I am the secondary when the fiber SFP on the UDM Pro just goes into my standard LAN which means it goes out of my standard LAN IP address so that's great.

It's great that a failover occurs, but one thing to keep in mind is that with Unify there is an automatic failover to a secondary when there is no proper load balancing, so you can't use two LAN connections simultaneously , which again I just want to give you. Guys, all the information maybe important to you, maybe it's just important to you to have failover in case your main internet connection goes down. What happens when I reconnect my primary Internet connection? my main internet connection again and I'm going to wait about the same amount of time, let's wait, you know, 10 to 15 seconds, it looks like a request timed out and then we ping again, which should have been the USG's ruling.

I go back to my main now that it has detected that there is a backup so let's see what my communication IP address is and sure enough I'm now back on my main IP address when so that's great it's not just a Automatic failover, it's also a nice quick automatic recovery when the Internet resumes. Look at this data sheet again. The second redundancy says that LTE failover redundancy supports the Unify LTE device for automatic failover to the U LTE cellular network. Now I don't have one of these devices to test, but this. is what you are talking about - LTE - u.s. device and this is an LTE failover but it's not a dream machine it's a unified thing so if you have unify LTE you can use it with any unify install it's not good I think you should probably have the USG but regardless it's a device that detects when the internet is down and fails over to LTE as a secondary form of connection and then you know that ubiquity charges you $15 a month for the first gigabyte of performance or bandwidth and then $10 per gigabyte after that. first gigabyte. and that's done on the 80 AT&T LTE network, so yeah, that's a unified thing, so this is on the dream machine data sheet, but it's not a dream machine thing, it's just something unified, then we have power supply redundancy and failover and it says The UDM pro supports our psu failover system, so it's kind of a dream machine because not all devices have that PRP interface that unifies us in the back.

In fact, this is the first device I've seen that actually has that interface. I think the others that do have it are the professional line of switches. Let me look it up so here is the data sheet for EE pro 24 and yes EE pro before works with EE PRP unified pro POS which supports EE proprietary external DC input interface .US PRP interface as a redundant power feature can use UPS rps with their pro line of equipment including the UDM pro, again, not a UTM pro thing, but it is kind of a ubiquity pro line. of the year, is not necessarily specific.

The UTM Pro, although it has that capability, that kind of proprietary interface that allows you to connect to that American UPS RPS or PRP whatever it's called, which is not available yet, so it's something that they haven't even released outside of early access yet . Scrolling down the Dream Machine Pro datasheet,We also see some things around threat management that, again, aren't necessarily specific to UTM Pro, although there are some aspects of threat management or sort of a threat management feature set within unified. which are UTM specific, so for example the DNS filtering aspect is just a dream machine thing, so let's look at threat management now.

I'm not going to go too deep into threat management because that's it. It almost warrants its own separate video, so threat management and unification is relatively new, but let's go over it a little bit here, so I'm a unifier and if you click on this sort of threat management shield icon here, this is what I'm talking about that within threat management you have the ability to block certain countries, for example, I have Russia blocked. I clicked on Russia, it blocked Russia, if I want to block, you know, say India. I can click on India and also block India.

Like, that allows you to do GeoIP filtering very easily and block threats from specific countries. We can see here that while I ran this, the threats that entered my device are 52 threats in total, they are medium threats and by The way I have IPS set to maximum level it is fine. I wanted to do some testing on intrusion prevention, so I have it set to maximum. I'll show you that in just a second, but we can see here that I have the top. threats by geography so Finland is hitting me really hard right now for some reason thank you very much Finland followed by Denmark I thought I had friends in Denmark I don't know why you are trying to hack me and then the Czech Republic and then the main threats we have our house of compromised spam and close me in this same threat management interface we can see our traffic log, so these are the different attacks where they are coming from and where they are trying to reach the endpoint analytics, these are the threats that are coming from. inside the earth basically like your client endpoints, if someone inside the earth is doing something suspicious it should show up in the scans of the endpoints and then we have the honeypot, which I don't really understand the ubiquitous implementation of this honeypot again threat management. things really deserve their own video and I think if I do a separate video just on threat management I'll go into a lot more depth on these features but let's take a look at the threat management settings in unify so let's go into the security settings of Internet and then here I have threat management and you can see here that I have threat management limited to level 5 maximum threat detection settings.

The reason I did it is because I wanted to test the ubiquity of performance and it says that performance doesn't actually have performance specific to the Dream Machine Pro, but they do have performance for ID and IPS on the USG. It's supposed to limit it to 85 megabits per second if you have intrusion prevention enabled on the USG. 250 megabits per second for intrusion prevention on the USG Pro and then 1 gigabit. per second for US intrusion detection gxg enabling smart Q or ppp over IPS will also incur an additional performance penalty, so if you have smart Q enabled, if you have ppp enabled, if you have intrusion prevention on your device, it really likes to limit the amount of total bandwidth for USG devices, however they are unified.

The throughput of the dream machine is 850 megabits per second, that is the dream machine, okay, this is dream r2. Well, this is it again. I would expect the dream machine Pro, which has a better CPU, then this guy would have a performance greater than 850 megabits per second during the intrusion. Dpi prevention smart queues etc are enabled, but just to prove a point, I have pert intrusion prevention set to maximum level. I also have dpi activated, so dpi here we go, dpi is activated and I don't remember it, I don't think. I have smart Qs on, but so do I.

I don't have many devices, basically just my computer and a couple of network equipment are the only thing on this network right now, so I don't read. I don't think I have smart Qs turned on, but let's get back to threat management here and I just want to run a speed test to show you that I'm at least getting full performance on my four hundred by twenty charter spectrum cable connection. with dpi and threat management on and enabled so here goes the speed test and here we go so we can see I was able to get 454 times 22 with all of that enabled so it doesn't seem like there's a bottleneck for prevention of intrusions with this device at least not for the internet speed I have if you have a gigabit or higher connection and you have AUD pro send me the results of your speed test because I want to see if there is some kind of upper limit I know 850 megabits or more for threat management and everything is maxed out on the UDM Pro.

I don't think there should be, but it could also depend on, for example, if you have 30 cameras connected and 10 VoIP phones and a full access control system that will affect the CPU, so the amount of bandwidth that is hindered by threat management may vary on the UDM Pro depending on what you have or what else you are using on the UDM Pro. Again, I'd love to hear your experiences with that. Write it in the comments below so we have geoip filtering too. I have it enabled, that's where you get the map and you can click and block certain countries.

DNS filters are applied. filters to your network and they block malicious adult phishing sites on your network so DNS filtering again is an alpha feature it says alpha so I don't want to talk too much about it but you can add filters and make security block malicious domains, block only pornographic and adult material or configure your network as a family network in quotes that says it blocks VPNs, search engines for explicit pornographic and malicious domains and YouTube are set to safe mode so I think that this DNS filtering is an alpha version, it has a long way to go, a lot more customization of the DNS filter is needed before I think it's really super usable, but I'm glad to see that they are starting to implement this kind of thing, I think that's ideal for a kind of general or comprehensive solution with Dream Machine and Dream Machine Pro, deep packet inspection that we already talked about.

I have enabled network scanners, so here we have automatic scanning endpoints connected to your network to identify potential security threats and vulnerabilities and then we apply a honeypot to any of your networks to detect malware, malware worms and other types of malicious traffic that attempt to scan your network for vulnerabilities. Honeypot alerts can also be found in the threat management panel, so I don't have those turned on either. Let me go ahead and turn both on and we'll finally apply those changes. If we click on advanced, we can say restrict access to malicious IP addresses, which prevents clients with IP addresses that are known to be malicious from accessing your networks and then you can also turn on restrict access to Tor or the Tor network.

You can now also whitelist specific IP addresses if you want to whitelist. You know if you want to go through clean filters without getting caught in IPS and malware. filtering out all that kind of stuff again, although that's all for a separate video, threat management is great, like I said. I'm glad to see it's making a lot of progress, but yes, I'm still going to use my circular DNS as my sort of threat management with my own network, but that's also because I run an edge router and not my dream machine , although I was thinking about it and tell me what you guys would think about this because I like this dream machine Pro.

I was really thinking about maybe doing a separate video where I talk about how I migrated from my edge router and my cloud key network completely to my dream machine and just see what that process is and then run it on my dream machine as my own production. connect with my IoT devices and my cell phones and tablets that we have in my home and just see the experience of owning and operating my dream machine for a certain period of time, including threat management and intrusion prevention, and everything that's a video. that you guys would be interested in let me know in the comments below so let's wrap things up nicely let's have a real chat about the UDM Pro and I guess my thoughts on this device in general and I'm a little bit divided on the device. because I actually really like the device, that being said, although I'm not exactly sure who would benefit best from this right in terms of a home user.

This is great, but it's also a bit overkill for a home user. You don't necessarily need the unified access stuff, you don't necessarily need the unified talk stuff unless you're, like me, a big ubiquity enthusiast who just gets all the new ubiquity stuff and likes to try it out and play with it. I don't really need a voice over IP phone system or access control for your front doors, so unless you're just a big fan of ubiquity, I don't think this is really intended for the home market, so does that mean which is intended for Sebby and I say I guess it's closer to SMB, but my problem with recommending the Dream Machine Pro for SMB is the lack of redundancy, now the ubiquity in the datasheet talks about redundancy, they talk about switching double gain error, that's cool, they talk about failover capability to that LTE device, that's cool, they talk about USP RPS, you know, DC power backup redundancy, kind of Dual power supply backup, this is great, but what about the device itself?

Okay, so imagine you're putting everything in. of your eggs in this basket, right into the UDM Pro basket, you have unified running on it, you have your access control, you may have your voice over IP phone system running on it, you have unified protection, you know surveillance for everything your small or medium office, what happens when UDM Pro fails? So, let's say five years later, you'll know that you get to that kind of mean time for any piece of hardware to fail in a data center. What happens when UDM Pro fails? you're putting a lot of eggs in the dream machine basket, so I don't know if I would be comfortable with the dream machine Pro even if you had the USP RPS to back up your power, even if it had a second hard drive that doesn't It is used to make a backup copy of your surveillance stuff.

What happens if the motherboard turns off? What if you are a land port? The Ethernet port for the LAN or the sfp+ port is turned off. You're like dead in the water. suitable for a large part of your business, so I'm not sure I would necessarily recommend it for a small business, unless perhaps you would have purchased from the dream machine professionals if you had a second one that was a spare in a rack or if, for example, you're an MSP and you're putting dream machine professionals into all your clients' businesses, but you happen to have a handful of them sitting around in your store or in your warehouse ready to go in case they fail, so that's it.

About the only thing I really don't like is the concern of putting all your eggs in one basket and running all these really important, mission-critical things on a single 1u appliance, not that it can't be done. It may or may not be done by companies everywhere, but it is usually done separately. Typically you might have an access control system and you only have one of those and it's a single point of failure, but if your access control fails your video cameras are still online, you know your points of failure wireless access are still working and of course they would still be working if this failed, but you understand what I'm saying, this is the core of your network.

I just feel like that's how it would be. be more, personally I would feel more comfortable having different dedicated appliances; if any of them go off, it has less impact on your business than if this device goes off, so I don't know, you guys, let me know what you think below The two biggest complaints I've received so far about the UDM Pro online , since I've been talking about it on Twitter, are, first of all, I took pictures of the interior and I think I talked about this earlier in the video I was filming. This video lasted like four days, so I don't remember exactly what I've talked about and what I haven't, but the fact that the chassis is very, very empty, so inside the chassis there's a lot of open space and I'm sticking with it.

You know, ubiquity or any hardware manufacturer just can't win, right? You have people who will complain that there is a lot of open space in a 1u chassis and then if you converted it to a form factor that doesn'tCan be rack mounted to save space. inside the device itself there will be people who complain that it's not a rack mountable 1u device so that doesn't bother me too much so the people who are naysayers and say there's too much space inside the device will tell you know. Haters gonna hate right? Let those people say what they want.

The other complaint I got online is that this device should have power over Ethernet for the eight-port switch, which I agree again, it's a trade-off, right? I agree that it would have been great to have power over Ethernet even if it was just for four of the ports or something, but think about it from a ubiquitous point of view. They are making this device, if they put power over Ethernet to this device it would cost more and we probably need additional cooling which maybe means more fans or bigger fans which maybe means more noise so your choice is making this more expensive for people who need power over ethernet when not necessarily everyone needs power over ethernet and the trade off is that we may not sell as many but we will sell them at a higher price instead of not putting power in over Ethernet and bring it down to a more cost-effective price and for people who need power over Ethernet, they are Now you're going to buy our switches right because you're going to access the entire unified ubiquity infrastructure, you're probably going to buy a unified POS switch to combine with the Pro machine of your dreams, so in my opinion, looking at it from a ubiquitous point of view, I feel that I made the right decision by keeping the device more profitable because more people will buy it at that price and they will be people who will need P o and they'll still buy you an OE p switch anyway, so I don't care about that decision.

However there is one trade off that I would have really liked to see in this device and that I think would have justified a higher price and could even justify a separate device like a UDM pro pro and that would be a second hard drive, well I would love to have I've seen a raid of a set of hard drives to unify protection on this device and it probably would have been worth an extra hundred dollars to me, as if this had capacity for two hard drives, I would have paid $479 for them. this instead of $379 because then I would feel better about the footage I get from video surveillance on a raid, a set of hard drives.

I really think that, again, I understand the ability to want to keep the thing profitable, but ubiquity would be really cool and not too difficult if you're listening. I think I would have another version of the UDM Pro with a second hard drive, so just my two cents, let me know what you think about it below overall, although I really like the UDM Pro, I'm excited about it. I like the ubiquity, coming out with these interesting products and I'm happy to play with it. I've been immersed in this DM Pro for about three or four days now and man, I mean. to the point where I'm thinking about changing my entire network just to have the experience of, "Hey, I'm a Dream Machine Pro user.

I'm a Dream Machine Pro Network, so I think I'll give it a try." I'll probably make more videos on that. I may also want to make videos about the threat management I talked about, but I want to hear from you what you think about Dream Machine Pro and I don't want to hear complaints. I don't want to hear detractors. I want to hear constructive criticism about the device. If you have it or if you think the device is awesome, let me know in the comments below and let me know what you thought in this video. If you made it this far in the video, it will probably end up being a 40 minute video or something like that.

Thanks for sticking with me.and thanks for sticking with the Dream Machine Pro review. If you enjoyed this video and would like to see more videos like this, make sure to hit the thumbs up button, click subscribe, hit the bell icon, everything those kinds of things that we YouTubers are supposed to say to you and thank you very much for watching until the end. Comments are always welcome, put them below and yes, that's it for Dream Machine Pro. I hope you enjoyed this video and see you in the next one your