> I genuinely curious what bottlenecks you've hit.
1. My UDM Pro absolutely chokes and stalls with intrusion detection enabled on the firewall and 8 cameras connected. Network goes down, cameras disconnect, devices disconnect from Wi-Fi every time a car drives past a camera due to AI features triggering, etc.
For something meant for small businesses I wish they would just shove an Intel i5 or something in it. They make great switches, great APs, great everything else, just too stingy on processors on the few pieces of central equipment that people would actually be willing to spend more on.
And for a $3999 enterprise NAS with dual 25 Gbps SFP ports and 16 drives? It could surely use something more beefy than a Neoverse N2. I'd say an i7 or even i9 is warranted here.
3. The UNAS 8 I don't own but I believe it would struggle with >1Gbps links and encryption enabled
1. Same here - but it's only become a problem as protect has gained features (# of cameras stayed the same). I got a UNVR Instant and all the issues went away (I have been waiting for an updated 1U NVR but still not out yet). It sucks, but otoh protect is light years better than it had been.
I dont mind using ARM for NAS, but (to be fair I have not looked in a while) the issue is they tend to not have many pcie lanes. Looks like the N2 can have up to 64 @pcie5 so if it's built well, I don't think the CPU will be too much of a bottleneck.
Hell I'll put it out there - some company should make a NAS-specific ARM chip line to make lines of way less expensive (well pre the current troubles) base NAS enclosures with lots of NVMe etc.
Unifi docs say that the AI feature run directly on the camera or via optional devices like the AI Port or AI Key. Odd that it impacts your UDM Pro and wifi.
I'm sure even if the camera runs the neural net, the detection itself triggers clips to be stored, re-encoded, indexed, etc. and the UDM Pro's processor is underpowered even for this.
It's even underpowered for streaming -- I found Protect to be extremely laggy, taking often 30+ seconds to open the camera stream when 3-4 stream receivers were connected.
I have a udm se, 10 g3 cams, 4k bullet+ai, door entry + cam +ai, couple of the display viewports running all day and a nano hd access point and symmetric gig with intrusion etc turned on. I also have wireguard users connecting in remotely.
No problems with performance whatsoever at this point.
Ok its not enterprisy its just a small business with 20 people but seems fine to me. I run synology servers.
He did say intrusion detection so that's probably it. That, and if you're using any kind of complicated firewall rules, those aren't HW accelerated like enterprise gear, so throughput tanks.
Basic routing and switching - expect line speed.
Don't expect analysis features to run at line speed - 30-50% penalty could be normal depending on throughput.
Stay away from IPS and complicated firewall rules which usually are done in CPU, and you should be fine. HW acceleration for those (esp. TLS decryption) is a major reason fancy firewalls are very expensive. You're better off building an IDS or picking up a smaller FortiGate or Palo Alto firewall if you really want to get serious there.
The Cloud Key Gen 2 is underpowered depending what you do with it, and it runs hot. UniFi seriously needs to refresh it. (At least it’s better than the Gen 1. The Gen 1 was disastrously bad.)
The ENAS looks like fairly nice hardware. It even has ECC RAM. Not cheap, though.
It says 8 Arm Neoverse N2 cores in the blog post. So not directly ARM Cortex, derived from ARM Cortex-X3 but same family as NVIDIA Grace, Google Axion and AWS Graviton4.
It's based on Neoverse N2 which in our other platforms (e.g., ENVR Core, UDM Beast, EF Core) has contributed to vast improvements in performance versus ARM Cortex.
I have heard others say the same as you about Ubiquiti devices. I genuinely curious what bottlenecks you've hit.
I've only been using Ubiquiti as a pro-sumer, but it has held up well for my use case of Plex and little game servers.
I use a Synology NAS for my storage though, which is a slightly beefier mobile AMD chipset.
I'd be very interested to know what I should and shouldn't expect from my ARM based network stack though!
> I genuinely curious what bottlenecks you've hit.
1. My UDM Pro absolutely chokes and stalls with intrusion detection enabled on the firewall and 8 cameras connected. Network goes down, cameras disconnect, devices disconnect from Wi-Fi every time a car drives past a camera due to AI features triggering, etc.
For something meant for small businesses I wish they would just shove an Intel i5 or something in it. They make great switches, great APs, great everything else, just too stingy on processors on the few pieces of central equipment that people would actually be willing to spend more on.
And for a $3999 enterprise NAS with dual 25 Gbps SFP ports and 16 drives? It could surely use something more beefy than a Neoverse N2. I'd say an i7 or even i9 is warranted here.
3. The UNAS 8 I don't own but I believe it would struggle with >1Gbps links and encryption enabled
1. Same here - but it's only become a problem as protect has gained features (# of cameras stayed the same). I got a UNVR Instant and all the issues went away (I have been waiting for an updated 1U NVR but still not out yet). It sucks, but otoh protect is light years better than it had been.
I dont mind using ARM for NAS, but (to be fair I have not looked in a while) the issue is they tend to not have many pcie lanes. Looks like the N2 can have up to 64 @pcie5 so if it's built well, I don't think the CPU will be too much of a bottleneck.
Hell I'll put it out there - some company should make a NAS-specific ARM chip line to make lines of way less expensive (well pre the current troubles) base NAS enclosures with lots of NVMe etc.
Yeah mine solved once I got a UNVR as well but I would have rather paid for a better processor in the UDM Pro and not needed to buy a separate UNVR.
Turn off the intrusion detection and your throughput should be significantly better.
Unifi docs say that the AI feature run directly on the camera or via optional devices like the AI Port or AI Key. Odd that it impacts your UDM Pro and wifi.
I'm sure even if the camera runs the neural net, the detection itself triggers clips to be stored, re-encoded, indexed, etc. and the UDM Pro's processor is underpowered even for this.
It's even underpowered for streaming -- I found Protect to be extremely laggy, taking often 30+ seconds to open the camera stream when 3-4 stream receivers were connected.
Yeah . Sounds like horseshit to me to be frank.
I have a udm se, 10 g3 cams, 4k bullet+ai, door entry + cam +ai, couple of the display viewports running all day and a nano hd access point and symmetric gig with intrusion etc turned on. I also have wireguard users connecting in remotely.
No problems with performance whatsoever at this point.
Ok its not enterprisy its just a small business with 20 people but seems fine to me. I run synology servers.
He did say intrusion detection so that's probably it. That, and if you're using any kind of complicated firewall rules, those aren't HW accelerated like enterprise gear, so throughput tanks.
This is worse with the older devices.
For example: https://www.youtube.com/watch?v=p4yKf044meY
https://community.ui.com/questions/UniFi-Gateway-Intrusion-D...
Basic routing and switching - expect line speed. Don't expect analysis features to run at line speed - 30-50% penalty could be normal depending on throughput.
Stay away from IPS and complicated firewall rules which usually are done in CPU, and you should be fine. HW acceleration for those (esp. TLS decryption) is a major reason fancy firewalls are very expensive. You're better off building an IDS or picking up a smaller FortiGate or Palo Alto firewall if you really want to get serious there.
The Cloud Key Gen 2 is underpowered depending what you do with it, and it runs hot. UniFi seriously needs to refresh it. (At least it’s better than the Gen 1. The Gen 1 was disastrously bad.)
The ENAS looks like fairly nice hardware. It even has ECC RAM. Not cheap, though.
It says 8 Arm Neoverse N2 cores in the blog post. So not directly ARM Cortex, derived from ARM Cortex-X3 but same family as NVIDIA Grace, Google Axion and AWS Graviton4.
It's based on Neoverse N2 which in our other platforms (e.g., ENVR Core, UDM Beast, EF Core) has contributed to vast improvements in performance versus ARM Cortex.