 Where should you host your Unify controller? Well, there's a few options on this. We're going to start with the easiest one. The easiest one is get yourself one of these Cloud Key Gen2s, specifically as a Gen2 plus, for a small business, for a small office, or even some home users. This is the easiest, set it and forget it. Get this device, plug it in. Easy to update, easy to maintain, and we'll easily manage your Unify setup. These are great options, but a lot of people ask, well, do you deploy them with every time you set up a Unify for a client? Well, that is the point of this video, not necessarily. If the client wants to maintain everything themselves and wants to purchase one of these and doesn't want to pay any type of monthly fees for maintenance or hosting, this is an awesome device. It sits inside your office and can plug into your network and manage all of your devices right there locally. You don't have to rely on third parties or external services. So that is a good option for people that want to do everything themselves. Next option, you could just load this on some computer that you have in your office or in your server stack, but that requires you to have the knowledge to do so and understand that you need to update and patch it, which of course is really important. But your threat surface is still minimal because it's internal, so it's less likely unless someone has a breached computer in there and they try to get lateral movement over to it, it's less likely to get breached because you're not directly publicly exposing it on the internet. I bring that up because the other option, I see a lot of people go with and it's not a bad option, is hosting it in some type of cloud service such as Azure, AWS, or digital ocean. And that's a great solution, but the onus is on you. You have to maintain that server all the time. You have to maintain its exposure to the internet and any threats that may come with it. So you gotta make sure the operating system as well as the Unify controller is always up to date because it's completely exposed to the internet. So that can be a little bit risky. One of the other options, if you want to look for a hosting is Hostify. I've done a review of this as well. Hostify is gonna be more than your digital ocean droplets. So yes, it does have a higher monthly fee, but that monthly fee goes towards them maintaining the backend. So you don't have to deal with the backend management. It's just done for you, including all of the updates. So that's not a bad way to go if you're managing a lot of sites and go, this seems like a reasonable way. I don't have time or want to deal with server updates and pushing updates. I just want someone to do it all for me. That's the niche that Hostify is. It's not a bad solution. It's a pretty good solution. They've got solid hosting platform. It does come at an expense though, because people are gonna say, I'm looking for the least expensive option. That's not gonna be Hostify, but if you're looking for a very solid set and forget it. And if you're someone who's busy doing other things in your core competency as an updating servers, think about the risk you're having of just having servers out there. And we've gotten contacted by clients who their servers were somehow crashed and we see that they hadn't been updated in sometimes two years. And we have some guesses. Sometimes it crashed. We don't think it was quite just a crash, more it was probably someone attempted to hack and broke it. That's, we've seen some weird stuff out there and it's usually always on these really old not maintained servers. Once again, all that problem comes on you. You have to maintain it if you put it in one of these droplets. That's where the Hostify solution comes in. Let's bring you over to the option that we use. So if it's a MSP client for us, we're gonna put them in our stack as part of the solution. So we set up all their wifi and we add them to our controller. The advantage to that as opposed to putting one on site with every single client is every time there's an update, we can update it once and every client and we have a lot of them in our MSP stack gets the update as well. All the firmware updates, one spot to manage. We don't have to go and try and manage all those controllers and once you start talking about the number of sites we have, that's a lot of time. If I were to run out to every single client and have to update and maintain both the underlying operating system and the controller every time there's an update versus you can host all those sites and we have quite a few of them all in one place. The other thing that does is we limit the exposure. The actual control interface is behind a VPN inside of our office. We don't publicly expose that. That's a nice advantage. So now we don't have to worry about someone trying to guess their way, logging into the Unify controller and it's just one, you know, anytime you can reduce your threat service, that's the idea for the ideal way you should do it. And by doing that, the only thing we do have to open is just a couple of ports you need for communication so the devices can phone home back to our server here. Now, the nice thing about the way Unify works is we can both import and export sites. So it's very dynamic. We prefer them to run in our controller. We have a very small fee for that. If the client says, I prefer to controller be on site at my office but we'd like you to maintain it that's gonna cost them more money. So we can actually export the sites and bring it over there but frequently it's the other way around. They just want us to take care of it for the most cost effective solution and hosting it internally gives us both the visibility and when you're searching for a client, just having them all in one list, all of our MSP clients through one dashboard, being able to jump to that one particular client, that's great. This is also why we do so much restricting around the controller and why it's not publicly exposed to the internet at all because obviously with great power comes great risk. So those are a couple of different options for hosting Unify controller. Hopefully that clarifies things of it. I mean, I didn't mention it but yes, for those of you that are going by just have one device at home. Yes, you can just run it even on your own laptop and only start it up when you need it. The controller does not need to run 100% of the time for example, to keep the wifi running or to keep your switches running. It does need to be running though to keep statistics. It does need to be running if you have a captive portal all the time. Other than that, if it shuts down or when we do updates, I can do updates in middle of the day because it does not take down our clients. And the one exception is going to be if they're running captive portal. We don't have that many clients at all that run it but the ones that do, yes, we will put a Unify controller internal. That way it doesn't have to leave externally to do the captive portal type of authentication. But we, I'm not a big fan of captive portal unless it's absolutely necessary. And frequently we find other solutions than the Unify controller for it. You can use the Unify with other captive portals or even set them up in services like PF Sense and other firewalls all have captive portals, many of them do. So you don't have to have it necessarily tied to the Unify device directly. It can be passed through in part of the network routing. So hopefully this clears things up a bit. And thanks. And thank you for making it to the end of the video. If you liked this video, please give it a thumbs up. If you'd like to see more content from the channel, hit the subscribe button and hit the bell icon. If you'd like YouTube to notify you when new videos come out. If you'd like to hire us, head over to laurancesystems.com, fill out our contact page and let us know what we can help you with and what projects you'd like us to work together on. If you want to carry on the discussion, head over to forums.laurancesystems.com where we can carry on the discussion about this video, other videos or other tech topics in general, even suggestions for new videos that are accepted right there on our forums, which are free. Also, if you'd like to help the channel in other ways, head over to our affiliate page. We have a lot of great tech offers for you. And once again, thanks for watching and see you next time.