Ubiquiti Unifi Controller

As I start to dig into each of the individual Ubiquiti components that I wrote about in my previous article,  I though it would be a good idea to start with the Unifi Controller.  The Unifi controller is the central management interface for all the components I am using.  Ubiquiti makes a version for just about every operating system so you shouldn’t have any issues finding your flavor of choice.    I use to run the MAC version when I was only using the Unifi AC access points.  I would load it if I wanted to make a change or update firmware.  It wasn’t until recently that I upgraded to the 5.x version of the Unifi Controller and saw the significant changes they had made to the platform.  This is really what prompted me to overhaul my network and standardize on the Unifi line of networking products.

I have no moved to a dedicated Unifi Controller running in a VM on Ubuntu 16.04.  As we all expect of applications these days the installation was very simple using apt-get to perform the install.  Once I had my dedicated Unifi server installed I exported the data from my install my mac and imported it into the new server and bam, all was up to date and it was ready to go.  I moved to the dedicated server while I still only had my (3) Wireless AC Access points.  AT that point I had no Deep Packet Inspection or other features provided by the Security Gateway.

The Unifi Controller Web UI

I work with many enterprise products all of which have a Web UI and I think they all could learn a thing or two from Ubiquiti on how to built an easy to use, intuitive, sexy interface.  The interface is fast, provide me useful info, and real time data.  I would say I couldn’t ask for more, but we all know that is not true.  There is a few things I would love to see in the interface, but we will get to that.

Once logged in to the controller you are presented with the homepage.  The home page is very well laid out, not cluttered and provides a nice snapshot of what is going on in your network.  Including realtime latency and throughput meters.


The screenshot above of the home page shows my Unifi Controller before I added my Unifi 24 port POE switch to my network.  As you can see the Deep Packet Inspection does not depend on any switching just the Unifi Security Gateway.  On the left is a well laid out menu bar with your most common menu items up top, and the less common, more system admin menu items located don neat the bottom.

You will also notice on the bottom of the Throughput meter is a Speed Test button.  This is useful to easily test your total internet speed, however I have noticed the endpoint in which it tests against is a bottleneck.  When I test my connection using speedtest.net I will find some of the locations my speed tests are rather slow, however I have found which servers can handle speeds over 300Mbps.  It would seem the endpoint that the Unifi Controller utilizes can’t handle more than roughly 150Mbps.  The images on the left below is the results of the Unifi Console Speed test and the image to the right is from speedtest.net.

ubnt_speed           stdn_speed

All things considered this is not really a big deal as most people still don’t have speeds over 150Mbps.

If we look at the bottom of the home page we have three graphs.  The first shows the number of managed Unifi Devices, the second shows the number of connected clients.  It’s important to note, then it the number of actively connected clients, not the tal that may exist in your environment.  The third is deep packet inspection stats.  You will not have this if you do not have a Unifi Security Gateway.

The Coverage Map

The coverage mp is a neat idea, I however have not gotten to getting this configured in my home.  I really would love to, but I have to measure my entire house and make a drawing to scale for it to be useful and like most of you, who has tine to do all that.  If you are lucky enough to have pans for your house then you are a lucky one and can get import it right in.  The cool thing about the map is it does show you coverage for both 2g and 5g.  When you look at it you really can see the difference in signal coverage for the two.  The image on the left is the 2g coverage and the image on the right is 5g coverage shown on the map.  Unfortunately it just doesn’t mean a lot to me just yet, but hopefully it will once I get my own maps up there.

coverage_map          coverage_map_5g



The Devices Page

Here is where you will find all your managed or discovered Unifi devices.  As new devices are added to the network they will show up here and you then have the option to adopt them for management or not.  Here you see the status of each device, if an upgrade is available for the device, the device IP address, Firmware Version, and uptime.  It’s nicely laid out, has good filtering to narrow devices if you have a large environment.  If you blow up the image you may notice the status of my Unifi In-Wall AP shows 10Mbps.  Although I have the switch port hard set to 100Mbps after initially seeing this issue, it still seems to be having an issue.  I’ll cover this in my article about the Unifi In-Wall Ap.




The Client Page

I really like the client page for a number of reasons.  For starters I am able to get friendly names to all the devices on my network and easily identify them.  Even more that that I can identify why SSID and access point the client is connected to our which switch and switch port.  This is super helpful for me.  If I want to block a client or kill a port it’s easy for me to quickly identify the information I need to do so.  I can also get a feel for the amount of traffic the client is using.




The Statistics Page

I see this page as a great start.  From here you can see an overview of Access Point client connectivity, access point activity and some other high level date.  You can also change the filter and get to the traffic page, which is the Deep Packet Inspection data.   When I say I see this as a good start that because it is nice, but it is still limited.  I would like to see more reports including some for the switch.  I assume this wasn’t a priority to getting the 5.x release out, and hopefully it will be coming in future versions.  One additional item I would like to see on the traffic page is more granularity.  For example when I see what is taking up traffic, Netflix for example.  I would like to be able to click on Netflix and see which clients accessed it.  You will see in another post that I can go to the client, go to Deep packet Inspection, and see what sites the client has visited, but if I see something on the traffic page that I want to investigate it can be a task to go and look at all the clients to see which has visited that particular item.  Think about a porn site showing up and you want to see which of your kids went to the site.  It would be handy to be able to just click on the site and see which clients wen there.

wireless_overview          DPI_page


The Insights Page

The page allows you to see what devices have at some point been on your network.  This is different from the clients page because this also shows inactive clients.  Some good info here to help you make sure you don’t have any unauthorized access to your network.


There are many more configurations and options within the Unifi Controller, but most of them are connected to different devices that are managed by the Unifi Controller so i will be covering them in my articles on the respective devices.  Overall version 5.x of the Unifi Controller is outstanding and as I said above most interfaces for billion dollar enterprise products that I work with do not have interfaces as nice and this.  Ubiquiti has done a top notch job.  Understanding that most enterprise organizations are not going to move away from cisco for a nice UI or even comparable features I do think these will do extremely well in schools and small to mid size organizations.  They certainly should be in more residential deployments as well.



Leave a comment

%d bloggers like this: