 Tommy here from Orange Systems and we're going to talk about the unify routing equipment specifically the USG series and the dream machine kind of the upgraded replacement for the USG and Why you should or should not buy them and my goal is not to at all bash on the product But it's to explain why we don't use them very often and the shortcomings of it or the scenario that we do use them in And this is just that frequent question We get tagged in in Twitter people filling out contact forms or people who purchased a product hoping it did something More than it does so we're gonna break down some of those details for you So you you can decide for yourself whether or not this is a product that fits your needs or doesn't but first If you'd like to learn more about me or my company head over to Lawrence systems calm If you'd like to hire short project There's a hires button right at the top if you'd like to help keep this channel sponsor-free and thank you to everyone Who already has there is a join button here for YouTube and a patreon page your support is greatly Appreciated if you're looking for deals or discounts on products and services We offer on this channel check out the affiliate links down below They're in the description of all of our videos including a link to our shirt store We have a wide variety of shirts that we sell and new designs come out well randomly so check back frequently and Finally our forums forums.laurancesystems.com is where you can have a more in-depth discussion about this video and other tech topics You've seen on this channel now back to our content So Unify offers a handful of routing products gateways such as the security gateway pro Unify dream machine pro Unify dream machine and I've reviewed the two different dream machines And I did a review a while ago of the USG and as you know, we're a big fan of all the Unify Hardware in terms of switching as I have Unify switches behind me lots of their access points They're switching and access points are wonderful and we love them and we deploy a lot of them We think it's a really great platform and I've got quite a few videos on that topic But the question always comes up of what about their USG line or any other routing equipment? Why aren't you completing the network from start to finish with Unify and here's the breakdown of that? So while the Unify software is nice and it does offer that you know single pane of glass that everyone wants So their router is in there. They can get their DPI statistics They can see the switches being online and they can see the access points with the Unify software to find networking controller This is where it really falls short VPN is the first one We're going to talk about the VPN on it is just not that great now. Can you do site to site VPN? Absolutely That's actually one of the easier things that does seem to work where you take two USGs You point them at each other in the controller and go Hey this one talk to this one and it sets it up for you that part easy The details is where it starts to matter one We've had a few clients that have said and it seems it been fixed in some of the later software updates Where the VPN goes down but gives them no notice and actually shows up in inside the menu Rebooting them fixes it. No one wants to reboot a Router at a business in the middle of the day. That's just well that sucks Next what about open VPN because specifically to site to site VPN does not do You know your standard road warrior open VPN. This is the second part where it falls flat They offer L2 TP VPN and the problem with that is multiple users behind single IP addresses that breaks It's just a less robust system for managing VPN. So that's another problematic way to do it now Someone may point out that yes Tom You can go into the USG though and go to the command line and start adding features and you know basically Modifying it outside of what is officially supported from Unify and yes, you could but you're not going to get support from me You're not going to get support from Unify for it I mean you'll actually maybe have some trouble finding support to get that done We've had a few people call us with like lots of modifications that they've done to the USG's You know via special config files And it's just not something we're willing to support because it's a headache and that's why they're looking for support You get some community support in the forums on there and I don't think it's a great commercial solution Next let's talk about the fact that we still can't in here in 2020 on Any other products? This is the and we'll go back here and when we talk about the security gateway pro. You're like cool RG45 Ports you have SFP ports It seems like this would be a fancy device that you could do something like this But you can't you can't install a block of IPs was set up I should not install a block of IPs on the WAN port I don't know why this feature is so elusive for unify to be able to do in their controller software But it is so if I have a block of five static IPs now when I was signed them That's not an option now This is where people right away jump to the special config files and mainly configure from the command line command line to be able To do it, but that's just not really practical when you want to say all right. I have a block of IPs I want different things running on different ports and managing it I mean if you don't mind managing a firewall from the command line great But there's better solutions out there So this is one of the fall flats of if you need multiple or a block of IPs. It's just problematic What about the DPI doesn't it have those DPI features? That's the feature. I really need well Let's dive into that specifically and we're gonna look at the dream machine here As I have one pulled up and set up now here is a fully set up unify system with the dream machine at the head end So we have that single pane of glass where we get the fancy menus and everything else Let's look at the statistics and yes, we do have DPI statistics first challenge now before you get excited I know people love dashboards Let's drill down Okay, we can drill down and say this dream machine watched a lot of YouTube this particular Chromecast did Okay, except for you know, it's missing you can't really get much more than a face on this because This is when you start diving into it. We don't have a time frame We know that this device used That much on YouTube. We have this cool graph 419 gigs 399 million packets. Let's hit detail again over what time frame when let's drill down further What did it use yesterday or the day before? That's where these stats really start to show their problems is they look great on the surface when you dive into them You're like, oh, I have no details on exactly the statistics that you need to know I want to know historical data on this. Okay, I Can get like this per day, but it still doesn't give me how much was YouTube this day. It's not real DPI stats It's very I don't know basic ones and this is one of those huge issues with the USG I know people really like the USG or dream machine They both do the same thing with the DPI stats and this is one of the biggest reasons people seem to want them but this is one of those challenges with it of Not being able to have any real what I call actionable statistics So you have some general stats and you know generally what people are doing, but there's no specificity to it There's no details You can drill down a little bit further But not enough to really break it down like we can look at different users and see which users did what so this galaxy right here Is galaxy phone? Okay, this much mp4 YouTube again, but still anyway more hit details There's still no time frame for any of this to give me real correlation data on it It's still a nice feature to have in here. I think it's just kind of cool, but it also what's my action item? I'm gonna get for this right here and Now while we're in here, we'll talk about threat management. Once again, it checks the box of saying it has it It gives you some really cool graphics, but doesn't give you really solid Actionable information on here. That's where once again, we start to fall flat. We know that it Did some honey pots are set up on here. I done this before I did the video Once again, very basic information without any real Actionable items on there now a few other quirkiness about it handling DHCP handling lots of the other stuff can be done on these But yeah, it's a little bit trickier to do some of the reservations under it's not like other firewalls It's very it's like where they felt have fallen short on their devices It's one of the pain and about parts so where I do recommend it So knowing all of that what I said, where would I recommend one of these? Well? We have a few really small businesses using them a couple salons I think we have just a handful of small offices like where there's nothing really critical They want a guest network and I think home users are a great target for this even the USG pro for home users going Hey, I just want something that works that updates and is secure. I don't think they're an insecure product I don't think they're a product that we've had any problems at all when it comes to updates matter of fact Way better than any of the consumer equipment when it comes to updates and and not Not being flawed and actually doing firmware updates and keeping you secure all that works great So that is a place where I'm going to recommend it So if you just need I go if you just need the basic routing functions No extra IPs and I even worried about it does offer port forwarding But it's for a lot of the home users not even trying that they just want something that works right away dream machine Even the dream machine pro they're solid for those features people who say I want whole home VPN And I want all the special routing and advanced features. I want to load balance really well and in detail There it falls flat again And we do get home users that seem to request that a whole home VPN is a popular one where you can plug it Into the router and have it or even selective routing that is not a spot where it falls short to do selective routing Where you send some servers some of your equipment going out over the VPN some of your clients and others not So maybe you have something that you're downloading something you need a country of origin code change and you want to go over the VPN That's really cool advanced routing I got videos on those particular topics, but not for the USG and not for the dream machine because once again They fall flat on those particular things. So hopefully that helps you a little bit This is the reply you probably got if I if you had asked me to configure the USG To do something it just doesn't do this what this video is for I just want people to be very informed before they purchase one of these I know It's tempting if you're buying unified access points and unified switches to go ahead and put a USG at the front But that's actually a frequent thing that we've been doing over the last year and we still get requests for it here in 2020 Hey, can you help me replace my insert name of USG routing product because it won't do these other features that I really want So that's where it comes in. It's not a product I'm not hating on the product I'm just want to make sure people are very aware of its shortcomings and yes here in 2020 It's July of 2020 specifically with the latest controller software those shortcomings still exist You're looking at essentially the latest version here and this is just how it works. So hopefully this was helpful I just want to keep people informed on this But if you just need basic routing function or want to recommend to a home user It's it's really great if you don't need those features. Thanks And thank you for making it to the end of the video If you like this video, please give it a thumbs up If you'd like to see more content from the channel hit the subscribe button and hit the bell icon If you like YouTube to notify you when new videos come out If you'd like to hire us head over to laurancesystems.com fill out our contact page And let us know what we can help you with and what projects you'd like us to work together on If you want to carry on the discussion head over to forums.laurancesystems.com Where we can carry on the discussion about this video other videos or other tech topics in general Even suggestions for new videos. They're accepted right there on our forums, which are free Also, if you like to help the channel in other ways head over to our affiliate page We have a lot of great tech offers for you. And once again, thanks for watching and see you next time