I’m currently running pfSense on an old Netgate 5100 in front of an otherwise all-Unifi system for my home/homelab. I’ve been considering upgrading my router, since I have the chance to get 2GB FiOS, so I’d need a router with more than 1GbE ports, such as the Netgate 4200 or one of the newer Unifi firewalls.
I watched several of @LTS_Tom’s newish videos on pfSense vs. Unifi 9, and on switching from the former to the latter, and while they’re great for an overview, and discussing a lot of the features, by far the most important thing for me is that pfBlockerNG just works incredibly well. I don’t have any particularly fancy features, I just follow some basic lists, whitelist a few things, and for the most part I never get any ads or other Bad Stuff on my entire network.
Can Tom or anyone speak to the equivalent features in the new Unifi ecosystem? I do like the idea of single-pane-of-glass for my entire network infrastructure, and I don’t have any esoteric requirements that would require full access to all the pfSense goodness. But I really need the level of blocking that pfBlockerNG does pretty much perfectly and easily.
Feedback from people who tested the newer edge cloud devices, namely the lower end versions say it can’t handle wire speed (IE: 2+ gb/s), particularly with IDS/IPS functions active.
I have a brand new express 7 due any time now, I don’t think I’ll see wire speed out of it but I most needed it for the newer cloud key software. The UCG Fiber model I actually wanted won’t be arriving any time soon, its constantly backordered. Apparently I’m not the only one who doesn’t want wireless built into my cloud management edge device.
Honestly i’d suggest ordering the new Netgate 4200 with 2.5 gigabit ports, and independent phy for each. if your really serious about it.
Thanks. I’m leaning towards this as well. While I’d like to pretend that this is because I need the great power and flexibility of pfSense, the reality is, this one thing just works so well for me that I’d need a great reason to give it up. I barely use any Unifi features either, so it’s not like I’m spending time constantly modifying my network infrastructure.