Pricing is better IMO if you have any serious number of devices. The founder has created as an open startup (https://rchase.com) and has been making good profit, so less concern of it going under too. No offense to OP on that, but switching to something like this can be a bunch of time personally, so want a clear path for startup.
Finally, and this is an personal story I know. But the support on Hostifi is fantastic. They have a knowledge base and their team is more than happy to help when issues come up. Which is great because I love the software, but am not a personal expert.
We're a small shop of around 20 desktops or so, 2 switches, and 1 router, with a couple external static IPs. I can see the benefit for trying to orchestrate multiple sites using a cloud controller, but I'd be worried about doing it for a single site given internet issues, unless there's something I'm missing.
If you have a couple static IPs at one site though, keep in mind that the USG can only do one static IP (without having to dive into CLI), so for any more advanced network like that most people are using a different router vendor but sticking with the UAPs and UniFi switches for the rest of the network.
We also have lots of people using both the built-in hotspot portal pages as well as external portals just fine.
As others have mentioned, if the controller goes down, the networks do not go down. All of the device settings are stored locally and don't depend on the controller, the only exception being that the hotspot pages do require the controller to be online in order to work.
It is doable though. I have a JSON file of the extra configuration needed to setup the additional WAN IPs and the needed port forwarding. Someone even made a codepen tool to make that configuration. Is that custom configuration not possible with hostifi?
> As others have mentioned, if the controller goes down, the networks do not go down. All of the device settings are stored locally and don't depend on the controller, the only exception being that the hotspot pages do require the controller to be online in order to work.
So while I'm aware the network does not require the controller to be online in order for the devices to work, the problem is that, if there's an internet problem, one of the first places I look to see what the issue is is ... the controller. So with an external controller, if there isn't some extra step I'm missing to deal with internet outages, I'm essentially stuck if I'm trying to figure out what the problem is and change the configuration.
> Internet down
There's not really anything you would need to change on the controller to fix a WAN issue that you couldn't fix by changing the WAN settings on the USG's web interface... Never had a problem so far with it anyway, with 25,000+ UniFi devices that people have connected to HostiFi. Also, one benefit of a WAN down situation with the cloud controller is you get a notification email about it. On a local controller you won't get a WAN down notification email because... well, it can't send it.
Also based on your pricing it is cheaper to buy a Cloud Key if you plan to use your devices longer than 10 months.
The benefit comes in when you have many locations, and can replace a bunch of Cloud Keys with a single server, and have someone else manage updates for you and help with support questions.
At HostiFi 90% of my customers are IT service providers who use the service to replace a ton of Cloud Keys with the single server.
Ubiquiti's cloud offering is very expensive ($299/year base fee + $199/year for each +10 devices), and from customers who have told me about it before they switched to HostiFi, the support is not good, they don't keep the servers updated, and you can't get access to use a custom domain name/modify some of the stuff under the hood.
I would never ever trust a Ubiquiti product being open on the internet though - especially their software products. Too many issues with their firmware on their "carrier"-classed radios, as well as buggy integration with UNMS makes me a bit wary.
Unifi offers a cloud controller as hosted service, see https://help.ubnt.com/hc/en-us/articles/360006288413.
Especially if the vpns are setup from the controller you create a delicate chicken-and-egg problem. How are you to provision it the first time?
You also open up yourself to the problem of accidentally locking sites out and having to reconfigure each site from within.
Now you might not like that, but realize that this service is exactly that.
You might be comforted by the fact that a breach of the controller doesn't affect your internal networks.
...until you realize that having control over the controller means root access on all of your sites. So it shouldn't be that comforting.
I would never use a cloud-based WiFi controller for the very reasons you specify, and that means that if I need to remotely manage Wifi while I'm out of the office, I'm using a VPN.
A lot of companies don't have the same security concerns. That's all I'm saying. And some for those who, say, manage wifi access intended for the public at multiple sites, like a Hotel or coffeeshop chain for example, this might be just the ticket. They don't have to setup and maintain a bunch of individual controllers, and can centralize everything in one console, and let someone else maintain the server it runs on.
It's buying one cloud key, opening one port in the firewall and ensuring you have a dyndns or something to the site with the cloud key.
Former Ubiquiti employee here.
The CEO is insanely toxic. Insulting people in the company Slack, publicly firing people on the spot, constantly trying to micromanage everything, shutting down entire offices without warning. It's crazy.
So much wasted potential. Most of the good employees left or were fired while i was there. Projects were changed or cancelled monthly. No one knew what was going on.
UDM and Protect are shining examples of "never rewrite your product from scratch." USG XG was an unmitigated disaster. Dropping controller support for Broadcom-based APs was ridiculous. All seem to be technical debt driven decisions.
If I were to pick the single best indicator of a terrible leader, it would be blaming subordinates for things they are resonspible for. Even if it is 100% the teams fault, the manager is, you know, suppossed to manage them away from such failure.
No organization with such a CEO can survive. We sell unifis at work and I have some in my home, but I will look elsewhere now.
Oh man, what a headache.
Depending how one configured things, there’s at least 3 ways to provision devices - all 3 incompatible and will cause issues with each other. User manuals refer to Apps no longer in existence. In no instance have I had a “just works” experience. In two instances the option I needed to configure was not available through any of the 3 (4?) dashboards and I had to resort to sshing into the device.
4 weeks later I’m still experiencing ISP fiber modem disconnect issues every 48 hours and can not connect remotely to debug. The impression I get is 90% of the performance “gains” one gets from switching from Asus to Ubiquiti come from dedicating one $300 piece of hardware (which overheats) for each network function (firewall, switch, router, AP) rather than using a single threaded all-in-one device. Then people still bolt on accessory devices like pi-holes when a USG should be perfectly capable of performing the task.
In our case, we ended up using Mikrotik devices for our physical layers and Unifi as our APs. So far, the performance of the Wifi devices is excellent (though tuning high density configs was a bit of a pain), and the Mikrotiks give us exceptional control over the behaviour of the network topology.
Playing to the strengths of each vendor was the way to go for us. Worked out way cheaper as well.
Do you think there's a potential for disruption in this market?
Yes absolutely, and UniFi itself provides a template and easy window because the hardware is now so dated. A similar management system but properly extended with solid certificate management and support, nice RADIUS, better L3/L2 (L3 master, L2 hardware fallback), friendly VLAN, gateway device that can actually handle stuff like Pihole, friendly WireGuard backing and usage, and hardware in general that moves forward towards >1G would be very interesting to a lot of people currently on UniFi but beginning to feel the winds of obsolescence blowing. Specific selling point of zero-cloud tie-in (beyond if you yourself want to run it on a cloud service), controller in container or VM standard. Have something (like algo and many others do) to generate mobile profiles, or offer hooks to MDMs or both for ease of deployment.
As far as I know there isn't really anything that does a nice job of putting all this stuff together, despite it arguably being something foundational that more and more people should be doing. Using Let's Encrypt, good automatic cert usage should be trivial. VLANs and VPN are something everyone with IOT should be thinking about. Etc. None of this is radical new technology, just quality implementations and a good GUI bringing together existing stuff, and with zero remote service reqs beyond the optional signing authority (and it should support just running your own root, let the appliance have a USB to make use of HSMs like a Yubikey too). I mean, I'd be delighted if there was no opening here because there is someone else already doing all this like UBNT was working towards too before the current state of affairs, but as far as I know there isn't. Higher end stuff in the market isn't that friendly, you need to be a real expert, the low end integrated stuff is the long standing shit show and/or a bunch of totally standalone components, and "smart" integrated stuff is all cloud sub.
The cloud deployment AFAIK would allow for better multi-tenant management, and SaaSifying the management experience.
From personal experience, running the controller on a Pi in your home network is good enough for most scenarios. Plus if you want to customize, you can poke around the APIs and wire up what you want. It's pretty powerful once you get the hang of it, and there are some fabulous libraries available thanks to community contributions on Github.
Some clients just allow access via site-to-site vpns. Seems like a better solution than paying for a VPS to host free software
Here's a nearly identical version that a number of folks use: https://hostifi.net/