USG vs. EdgeRouter

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

welcome frost on solutions my name is Chris and today I wanted to do a comparison video comparing the ubiquity USG or unify security gateway versus the edge router so I'm just going to be looking at two models they have promo versions of both of these but I'm just going to be looking at the base model of both of these which is going to be the USG unified security gateway versus the edge router light so they're both the three port versions so I think people are interested in the USG because it looks cool it connects with unify so you've got that centralized administration aspect of utilizing a unified product but I did want to spell out the differences between the two because it's very very rare that I would ever recommend a USG to someone over an edge router light so if you're looking to buy either one of these products and you want to know what's the difference between them this is the video that you want to watch hopefully it'll give you a good understanding of not only the capabilities but also the limitations of both of the devices and in particular the limitations of the USG which is a device that I don't really ever recommend the customers ever and you'll see why okay so first things first let's look at cost what are the cost differences so I'm just looking at B&H BH photo video online right now you of course you can probably find better prices etc but the USG is a hundred and eighteen dollars and ninety-five cents versus the edge router light which is ninety one dollars and ninety nine cents so figure 119 versus ninety two dollars okay so let's look at them from a performance standpoint so if we bring up the data sheets of both devices we can see the CPU of the USG is a dual-core 500 megahertz with 512 mega RAM and two gigs of onboard flash storage the edge router light is 500 megahertz dual core 512 mega Ram 2 gigs onboard flash storage so again exact same processing specs now they are a little bit different in front in the front or in the actual ports that you're giving given in the edge router light you have scroll up here you've got these three ports here each 0 1 2 and then you can configure those Four Winds lands whatever you want to configure them for in the USG it's a little bit different you've got three ports it says when land and voice so basically it's the same three ports they're just labeled differently and that becomes confusing to people so I've seen a lot of people say well what's that VoIP or for can I use that as just another land do I have to use it for voice over IP does it have quality of service for voice over IP on that port etc etc and it's just confusing so I don't like that they labeled it that way I wish it was the same thing I wish it was still eat 0/8 182 on the USG so that's the first thing I don't like about this device okay let's move on though I want to show you the actual interface of both of these devices now the USG works with your unify controller and it's kind of cool and that it can light up all of these buttons here and you now get what looks like a very cool functional you know network environment okay if you're using the edge router light all you're ever going to light up is the wireless if you're using unify right so most people are just going to have the wireless access points which only lights up this last little circle over here and all of these are grayed out so right off the bat I understand that I like it's cool to see all the lights lit up green it's really neat okay but let's actually click on some of this stuff so if we look at our devices we can see here's a unified security gateway I'm going to go ahead and click on the Gateway itself and let's look at what you can do with this thing in unify okay so we've got some statistics we've got details way on details just shows you the way an IP address and you're basically up and down packets there's no statistics currently being run and this thing networks we can see there's one land network and we've got six hosts on the network if we look at configuration we've got an alias we've got our wound settings which are going to be in this case it's a pppoe connection but this will also do DHCP it'll also do a static IP here's your DNS and everything port forwarding this is for standard port forwarding if I hit create here I can say you know forward from let's say if I was going to do like a web server or something I can say you know HTTP I can limit it down if I only want to you allow HTTP from particular IP addresses I can do that here I can tell the port that I want so say port 80 forward to port 80 and forward IP address this is the internal 192 168 1 dot 100 whatever and then forward port is port 80 and then TCP or UDP so very standard port forwarding options that are available it also has dynamic DNS so if you have something like DNS you can create that so it works with all of these various services 9 DNS Easy DNS name cheap it zone edit etc and you can have the dynamic DNS input right in here and then you've got the standard you know adding custom firmware or forgetting or moving the Gateway to another network ok so let's close that out let's look at one other place where you can do some network configuration and that's in the actual network settings of unify so if I click settings and then networks let me close out of this one cancel here we can see my network it's a corporate network 102 168 0 1 slash 24 and let's go ahead and edit that and see what we can do so here's the IP address of the interface and you can enable DHCP server with a regular standard DHCP server scope DHCP server option so again very simple what you can do with it a few DHCP options etc and then let's go ahead and cancel the notice by the way no option 66 no additional DHCP options anything like that so let's go ahead and cancel out of this and let's go ahead and say create new network because there are a couple of other options you can do you can create VLANs with this so I can create a VLAN VLAN 10 or something and you know basically output that VLAN through the main land port if I want to and then that interconnects with the unify switches if you also have unify switches in your environment ok I can do a site-to-site VPN and this is probably actually one the one of my favorite things about the USG and probably the only thing that I the only place where I feel that the USG has an advantage over the edge router light is that the site-to-site VPN creation is incredibly simple so let's say I've got my unify controller and I've got two different sites each of them has a USG well all I got to do is come in here give it a name click site-to-site VPN and then select the other site and then hit save and that site-to-site VPN is then created automatically it's very very easy with unified to create a site-to-site VPN awesome I love that about it ok remote user VPN this is actually sort of a failing in my opinion of both the USG and the edge router is that by default in the graphical user interface you cannot create password PPTP you know remote user VPNs like it only works with a radius server so they only have radius server authentication in the GUI itself which not everyone has a radius server right so why not in the GUI give the option to add in usernames and passwords instead of the radius server being the only option ok so I don't like that um by the way it's not saying that you can't have usernames and passwords it just means that now you have to ssh into the backend of the router into the what's called the viata OS and you have to set that stuff up manually using the CLI which a lot of people don't want to get into the CLI ok so I can set up a corporate network guest network etc so this is where I can basically set up my various networks ok so that's about it right so if you are anything beyond a very vanilla installation you're now your now host right if you need to do multi or snap destination that if you need to do any more type of advanced port forwarding or any more type of advanced routing than what is what I've just shown you your now host ok you can't do it with the USG or you can but you have to go into the backend and have to again use the viola OS and hopefully you don't screw something up right I've had these USGS where a simple screw-up puts it into a reboot loop that it's very difficult to get out of right so basically it reboots it comes online for about a minute in which you have that one minute to make changes and try to recover it before it reboots again right and so like if you don't I've worked on these things for hours where basically once every five minutes I have a one minute window to make changes and try to get them fixed and it just drives me insane I hate that okay so let's take a look now at the edge router light and the full edge OS okay so here's edge OS this is version 1.8 so we can see here I've got a bunch of different networks I can create new interfaces veel and interfaces pppoe interfaces right here I can also change f1 f2 or e zero within e zero the LAN port if I hit config I have the same options I can configure this with DHCP DHCP for IP version 6 or I can manually define an IP address and then let's look through some of these tabs so we've got traffic analysis now this is what's known as a deep packet inspection I don't have it turned on right now I had played with it earlier that's why there's some status some statistics in here but if I say enabled and then yes well now we're doing a deep packet inspection we're using some of the the CPU power to actually you know gather statistics about what clients are hitting what servers and that sort of stuff and I actually get my transmit rate my receive rate of my various devices and that's going to start to populate and then I get this graph over here which shows me who is using what now flipping back to unify for a second we do have some of that so if you click on clients you can see which of your clients are connected via Wireless which your clients are connected directly wired in you can filter on those two different types of clients you also get some level of statistics and insights into what your clients are doing so the reporting is OK on both sides I do prefer this deep packet inspection though Oh for the reporting that comes with the unified okay so let's go ahead and disable deep packet inspection because that does take up CPU power okay now let's click on the routing tab so here we go here's my standard routing tab I can add static routes if I need to I can do OSPF if I need to let's click on firewall net here is my basic port forwarding options or I can actually put in firewall policies I can do in out and local policies for every single one of the interfaces I can set up different Nats I can set up firewall in that groups that's something that's like for instance here's a great example of something that I would be able to do with the edge light that I'm not able to do with the USG I'm just talking about in the GUI all right let's say I was doing sip peering I've got a voice over IP PBX sitting on my network and I want to receive sip peering from a sip provider maybe that sip provider has multiple IP addresses that they can send me sip pairing from they've got an East Coast and a west coast data center so I make that in the edge router luck in the edge OS I can create a group of IP addresses right basically this IP address and this IP address and I'm going to call that my external sip group and then I can create a rule that says only accept inbound connections on these sip ports from this group of IP addresses right and then I can manage that group of IP addresses by adding and removing stuff same thing if I have you know remote users at home and I want to open up like port 80 only to some remote users I can put those remote users in a group and then create a rule that says allow port 80 only for this group etc so again very flexible what you can do with the firewall rules in the edge router light you cannot do that on the USG okay let's take a look at services services is going to be DNS pppoe and dhcp server the DHCP server options are basically the same you do get an extra unify controller field here that you can use in the edge router light if you have a unified controller on-site but mostly that's done automatic I very rarely use that here we look at VPN so again we've got our PPTP remote access again only available with radius ubiquity please to make it so that you can add users into into the GUI and not have to do radius only PPTP please you can also set up IPSec site-to-site connections it is more complicated to do site to site in the edge router I'm not going to lie about that it's they make it very easy in the USG it is more complicated in this device now we've also got a QoS tab so QoS we can do smart queue management if you're interested in what smart queuing is I did do a video on smart queuing and I will put a link to that video right up here in the corner and then they also have advanced QoS options which to be frank I still have not even put my hands on yet I have not touched how this advanced QoS stuff works I know it's very advanced though so ok finally users tab we have different users that I can add if I want more people to be able to administer this edge router I can add those users here which you can also do in the USG on a per site basis and then config tree just shows me all of the sort of a a graphical representation of the viola back end options that have been set and then finally I have wizards so I've got my load balancing wizard a load balancing - I haven't seen this one this must be a new wizard oh yeah I have seen this this is in 1.8 it's load balancing wizard for when you've got multiple wireless bridges it's being able to failover between multiple wireless bridges so that's pretty cool certainly something you can't do in the USG okay so other things toolbox it's got toolbox of tools bottom line though is that if you look at the power of what you can do in the GUI of the edge router versus what you can do in the GUI of the USG or in the unified controller hands down the edge router wins like every single time so it's the same CPU and RAM it's much more configurable much more flexible what you can do with it and it's cheaper so again it's not hard to understand why I can't possibly recommend the USG on top of those three things which should be enough I've had problems with the us she as I described earlier where there's just weird stuff I've seen a USG that just lost connection to unify and had to be factory reset before it could be reconfigured and then I've seen that reboot loop on many occasions where you have to specifically format a config dot properties JSON file or something validate that file online upload it to a specific directory in unify so that the USG can pick up that file and hopefully you didn't screw anything up because if you screwed something up it's going to be put in that reboot loop I don't like dealing with any of that it's terrible right so the downside is you don't get the the cute little buttons you don't get the light pretty lights lit up and unify but you have much more power and control so hopefully you guys have understood the point of this video and the point of this video is to steer everyone towards the edge router light or the edge router series running the full-blown edge max or edge OS as opposed to the USG so if you like this video and this was useful information to you please give me a thumbs up your thumbs up really helped grow the channel and I appreciate everything up.that I get if you haven't subscribed to the channel hit the subscribe button down below and you will see many more videos much like this one so my name is Chris with crosstalk solutions I hope you enjoyed this video and thank you so much for watching

Info

Channel: Crosstalk Solutions

Views: 589,802

Rating: 4.9392271 out of 5

Keywords: ubiquiti usg, usg, unifi security gateway, unifi, unifi controller, ubuiquity, edgerouter, edgerouter lite, er-lite, erlite-3, ubiquiti edgerouter

Id: XvWOx3PvYFM

Channel Id: undefined

Length: 16min 57sec (1017 seconds)

Published: Tue May 31 2016