All the security you need in one handy box

As an all-in-one security gateway, Ubiquiti’s UniFi Dream Machine Pro takes some beating. This sleek 1U rack appliance provides gateway, routing, VPN and firewall services, plus threat protection, deep packet inspection and wireless network management too, courtesy of the integrated UniFi Controller. Slot a hard disk into the front-facing bay and the appliance can even be used as a recording vault for UniFi IP surveillance cameras.

Connectivity is well covered, as the appliance incorporates a managed eight-port Gigabit Ethernet switch, alongside a Gigabit WAN port and two 10GbE SFP+ high-performance fibre ports for LAN and WAN duties. And the UDM Pro is no lightweight when it comes to performance: Ubiquiti claims a high firewall throughput of 3.5Gbits/sec with IDP/IPS enabled – quite remarkable at this price point. It’s achieved thanks to a speedy 1.7GHz quad-core ARM CPU, partnered with a generous 4GB of DDR4 RAM and 16GB of flash storage.

The one thing that’s notably missing is a built-in wireless access point: the desktop Dream Machine includes its own AP, but that wouldn’t make a lot of sense in a metal rack cabinet. Power over Ethernet isn’t supported either, but you can combine the appliance with one of Ubiquiti’s affordable PoE switches; we used its USW-Pro-24-PoE model for testing.

Gateway installation is a cinch. After connecting the appliance’s WAN port to an internet line, we used the UniFi Network iOS app on an iPad to discover the Dream Machine over Bluetooth. The app’s quick-start wizard then linked it to our Ubiquiti cloud account and automatically installed the latest firmware.

From here on, you can use the UniFi web portal to access the Network and Protect apps. The Network page opens with a smart dashboard of graphs showing measured internet speeds, most active clients and applications, client device types and wireless experience scores. Everything you need to know about your networks is on hand, with a detailed topology view, lists of all managed UniFi devices and connected clients, plus a complete breakdown of all traffic. The latter includes pie charts for web, media streaming, file sharing, network protocols and more, along with breakdowns of upstream and downstream traffic.

As for protection, deep packet inspection is enabled by default; you can either activate passive IDS to alert you to intrusions, or use IDP to block them, choosing a detection sensitivity level and selecting the types of threats you want to be protected against. URL content filtering can be applied too, with separate settings for work or home environments.

We were also able to use the iOS app to add the USW PoE switch to our account, and were blown away by its clever augmented reality (AR) feature: point your device camera at the ports and a live overlay immediately pops up, showing which ones are active and what’s connected to them.

For wireless testing we connected a set of UniFi nanoHD access points to the PoE switch and added them to our cloud account. Once online, they started broadcasting our predefined SSIDs and guest networks, with details automatically appearing in the portal’s wireless experience graph.

Video surveillance is just as easy to set up. The appliance accepted our Seagate 10TB SATA drive without a murmur and instantly made it available for recording incoming video. After we’d added a UVC G4 Bullet IP camera to our account, we were able to view its live feed from the portal, enable smart detection and set up custom motion-detection events and recording actions.

The UniFi Dream Machine Pro is an impressive piece of kit to say the least, delivering an incredible range of easily managed features at an unbelievably low price. There are some great UTM appliances on the market, but the Ubiquiti simply does it all.

Galactica Group was founded in the summer of 2014 due to the fusion between Galactica IT Solutions (London) and Info Tech USA (New York). With an innovative customer-centric work-flow, the Group was designed for IT consulting and solutions, which has extended to a wide range of digital, technical, infrastructural, web and software services for businesses. Galactica Group can help with Digital transformation, Cloud Services (with a dedicated sub-branch named GITG-cloud), IT computing services, support consultation, crisis management and disaster recovery, cyber-security, network and infrastructure managed solutions while offering appropriate education support services