Transcript

Pedro Ramirez   0:10
OK.
Hello everybody. Thank you for joining us for this webinar.
We're gonna wait just a couple, two or three minutes to see if we can get more registered people on the on the meeting here. So just just a couple of minutes more.
Sorry about that. I was muted. Uh.
OK, I got disconnected for a couple of minutes, but we're ready to go. So let me introduce myself. My name is Pedro. I'm in charge of unified enterprise sales for Flytec within the United States and Latin America.
And if for those of you who don't know Flytec very well, our headquarters are in the Miami area. We've been a master distributor of Ubiquiti Unified for over 15 years. We normally carry several $1,000,000 of inventory for the brand all the.
Time.
We try to have as much as we can. It's sometimes it's a little bit difficult. They keep coming up with so many great products that are so popular, but we do our best. We have our own in-house tech support for helping you design.
Your projects. I did want to mention there's going to be a Unified World Conference in Miami on Tuesday, November 4th. During this presentation, I'm going to put a link there for anybody that wants to register for that. It's free.
It's a one day event where Unify usually talks about everything that's coming out. New, new hardware, new software, new features, new things for the Enterprise Partner Program. So hopefully you can join us there and I can meet you in.
Person, I'm also gonna put a link to our website to Flytec's website where you can buy Ubiquiti Unified products and so that's that's about all the commercial here. So we have Andrew Piper, a Unified.
Unified Solutions engineer that's going to be in charge of the presentation. So, so, so please go ahead, Andrew.

Andrew Pieper   5:55
Hey everyone, thanks for the introduction Pedro. Nice to nice, nice to be with everyone today. I always enjoy meeting with you and I swear I do one of these flight. It feels like I do one of these flight tech webinars here about every month just about. I think you guys do the most webinars of anybody. So I I get to know your customers pretty well and and.

Pedro Ramirez   5:57
I think there OK.

Andrew Pieper   6:14
I always enjoy meeting with you guys and thanks for taking the time. Today what we're going to be doing is we're going over one of our most exciting areas that our company is growing in. So those of you that don't know Unifi, we've been around for a while now.
Really started doing network indoor wireless, that's the type of thing. About 15 years ago that was the beginning of Unifi and since then we've grown to be like an end to end IT solution all built around the same kind of value proposition which is.
Free cloud access, really intuitive and easy to use software and license free. So everything without recurring costs. And this has been an exciting trajectory cuz we're really at the point now within the last couple years we've really started to create a product that is.
That is ideal for enterprise environments. Now some of you may be been out and read it before, been on some of these social media platforms and heard the discussions or debates about is Unify enterprise ready. I work with in helping migrate a lot of large customers from other vendors to Unify and the amount of.
Large customers I see moving to Unified have a great experience. I work with multiple new people every week. They're doing that and sometimes it's thousands of sites. I can tell you we absolutely have a product that can handle enterprise deployments. A lot of those concerns you may see about is Ubiquiti Enterprise reflect honestly.
Valid criticisms, just things that we've addressed within the last two or three years. People used to say we have no phone support and that's a problem for enterprise. That makes sense. We needed phone support to be able to serve enterprise environments and we've of course incorporated that and we have now 24/7 phone support, but it's still hard to get that message out, especially where we don't have people knocking down your door. We don't have a big enough team to do that.
And so I try to get the word out, but of course everyone's got a different opinion on it. But seeing that I work first down on the customer, I can tell you unified solution now is very suitable for enterprise organizations. And today we'll talk about kind of one of the key parts of the.
Our enterprise product suite that has really put us has been a necessary requirement, something we need to add, which is our Enterprise Fortress Gateway. This is our newest gateway device that can handle whatever skill you throw at it. So this is a gateway that has 25 gig.
Fiber ports on it. It can have 25 gig WAN. It can do multi WAN including failover and load balancing. It's got redundant power supplies. You can see here can be set up in VRRP mode with automatic failover and sync all that configuration from over to the second device. So as soon as there's an outage it can be automatically transferred to the other device.
And handle that network connectivity without minimizing network downtime. This basically adds a lot of new features to the product line that we needed to be an enterprise ready. I can't tell you how long I heard from customers we want redundant power supplies. Now with our enterprise stack of products, we've got all redundant power supplies on it.
And what's cool is we've tested this at the highest scale and we've used it in real deployments. FedEx Forum is one example where we did it for, you know, they use the Enterprise Fortress Gateway and Shadow Mode, two of those units for the whole stadium and it handles everything very well.
We also have tons of other case studies. If you go here to our case studies here, we've got several other examples where many of these are using our Enterprise Fortress gateway or Enterprise gateways, including K12 school districts, universities. I'm seeing all types of customers and I'm seeing a lot of popularity among.
Education, especially because, you know, education is a perfect mixture of enterprise need. Like they need all the features, the security features that we can give them. But they also are more price sensitive than a lot of companies because they're tied to that that budget and the funding that's available through the state.
And that means that they are always going to be more priceless, which is why unified is a really great option for them because we provide a enterprise quality solution with while eliminating that license fees and those costs that end up making it untenable for a school district to be able to manage. So we've got all these case studies here, you can check them out, but like examples of.
Other large-scale events we're doing with Unified. Now let's show you what kind of scale we can handle. We've got we just published this one recently. This is actually using two UXG Enterprises, which is similar to the Enterprise Fortress Gateway, just doesn't run the network software on it. But they managed to use this for their event Shopify that handled 27,000 plus total clients connected at the same time.
And that's including 17,500 Wi-Fi clients at once. So you talk about an enterprise scale. I don't think anyone here on this call, some of you are probably from an enterprise environment, but I don't think anybody here is running a single enterprise office building that has 27,000 concurrently connected clients. But in the event that you are, we can see this case.
Case study and know that even with full stack unified network equipment, we're able to handle that type of scale. So for the first time I can say within the last couple of years with Unifi, if your question is can Unifi handle my scale of my deployment, the answer is now yes. If you use our enterprise stack, I'm very confident we can handle virtually whatever skill you throw at us. There may be some very.
Extreme you know, media applications where you might need even more throughput than some of our than 25 gigs. But I don't think pretty much anyone here has access to that. And so you'll find that this is a solution that can really do anything that you throw at it and.
That's really a nice thing to be able to say now because it takes a lot of that concern and planning out of the equation because I can assure you that we have products now that can handle whatever skill you need to do. So check out those case studies, but I'm gonna go back to go over the Fortress Gateway specifically. That's why we're here.
And just in terms of features, this device is really well featured. As you can see here, what's unique about our cloud gateways is that they are acting as that next generation firewall device, a router, and they also act as the unified console for your environment. This means that this runs the actual software application that you use to.
All your access points, switches and everything and all while it's doing all these other tasks including things like SSL inspection, decryption, intrusion detection, prevention, VRRP failover, all these different.
Resources you can do all simultaneously and so this is much more powerful gateway than we offer on any of our other products. So this will really be suitable for a school, a large school, for a large office building. Basically I see customers all the time that either the scale means they're using the amount of scale that they need with.
Plus clients and this can handle upwards of 10,000 devices depending on the application. So we can definitely really scale up beyond that. But some people use Enterprise Force Gateway because they have a lot of clients. Some people use it because they need the most cutting edge security features and some people use it because they want.
The highest throughput, whatever reason that you need, there's definitely a lot of benefit from using this product. It comes with the MSRP of $2000. And what's cool about this product also though is it's part of our enterprise partner program, meaning if you're a.
A value-added reseller or a MSP integrator, you can actually register all your deals using our enterprise products and you can also access additional margin, which is part of what we're trying to do to address those concerns. People in the past used to say, Oh yeah, you know, Unifi's a great product, but I can't afford to sell it because we don't make as much margin as we do with other products.
Address.
With these new products as well. So we're trying to address all those concerns from our customers that still deliver that really good value to the end customer. What's cool about this device, it also includes, I mentioned SSL inspection and encryption. As far as I know, this is the only product out there that offers that license free. So that's a security feature that allows you to really get a lot of information about what's going on your network. What we do is we take.
We can inspect packets for content, look for things like search terms, stuff like that. So let's say you're a school and you wanna have really granular insight into what kinds of websites are being accessed, what types of searches are done, and be able to set up automatic.
Filters that say if someone goes to search for guns that we're gonna block that. Now we all have content filtering and we have that category for weapons and guns and everything. But SSL inspection, decryption takes it even further beyond that because it's gonna go into inspect those packets and looking for any sort of queries and things like that. They're looking for guns and that type of content. So it goes beyond what content filters.
And will do. So this is a really good all around product that whatever the reason whether it's security, bandwidth or scalability, this can do whatever you need it to do and we provide on our website, we provide some nice.
Metrics here that you can use compared to other products. So some products out there, if you're familiar with Fortinet, you've used them in the past or whatever product that we're comparing us to. We have positioned this product to be competitive with those solutions. Now what's great is this has a much lower upfront cost with no recurring fees, but some of these solutions also will go advertised based on these criteria we try to create.
A lot of specs here that you can use to go kind of better help you position it as it relates to another third party solution. So you can see here we support we can handle a lot of throughput in terms of VPN. So you can SC Wan with Unifi is totally free and that includes you can set up.
Site to site VPN mesh between your different sites up to 20 sites or you can do even a hub and spoke configuration and this can be your hub for your network and you can have 1000 sites that all connect back to that central hub including having complex arrangements like failover and things like that. But this is really a great solution across the board for value I mentioned.
The VRP with shadow mode, it can handle whatever scale, 25 gig performance. This is our highest throughput router device and it's got all those advanced security features with IDs and IPS enabled. You can still see over 12 gigabits per second of routing capacity, which is very impressive if you go look at what you're using right now.
Find that your current gateway has less capacity than this and that means that we are very competitive with a lot of other vendor products out there. So again, I wanna open up for a few questions about the product before we move on to actually demoing the product and showing how to use these different features. But I wanna give everyone a moment to ask me some questions.
Pedro, do we have any questions that we need to respond to about the Fortress gateway?

Pedro Ramirez   16:45
There there is one question from Russell. He's asking are ZTNA options coming?

Andrew Pieper   16:53
I can't. I don't.

Pedro Ramirez   16:54
ZTMA.

Andrew Pieper   16:57
Maybe if you'd ask For more information about that, I'm not really sure. I'm not in the know whether that's it being incorporated or not, but I can definitely follow up on that for you, OK.

Pedro Ramirez   17:08
OK, sounds good. That's the only question for now.

Andrew Pieper   17:08
But basically that's one thing I will say to everyone here on this call is if you have an enterprise feature you need in your environment and you feel like it's not supported on Unify on our platform, please ask me a question, let me know and I'll let you know if it is.
If it is supported currently or if it's in the road map, but basically if there's anything that you're missing to do your job at Enterprise that we need to be able to be suitable for you, just all you have to do is tell us and we can give you an idea of if that is in the road map or if that's coming. So please do feel free to add any questions like that. Happy to answer those and so usually what I tell people when.
Concerning.
Going to unify, especially for a lot of people are very comfortable moving to the switches and to the access points, but for some people it's a little more of a question. Am I ready to move to the unify for my enterprise routing and firewall device? What I recommend doing and I work with customers doing this all the time. What I recommend is they basically document what features do we need or are required for our environment.
And then let's check to see if it's all supported right now through the through the product. I would bet you, you know, I can tell you 99% of features that people need are in the product right now, which means we have parity for virtually everything. That other 1% are things that are either coming or already.
In early access being tested. So typically once that's verified, you can verify that we have all the features you need, then all this, then I think it's a great option to move over to that. And what's cool about it is that the product, even at state right now with our rapid development process, you'll find that we'll be coming out with new features and things that will even.
And add on benefits to you for using it as time goes on. So it's a product that if it works for you right now, it's great and then it's just gonna get better as time goes on. And that's the cool thing about Unifi and our approach. Despite being licensed free, we're really committed to making products work better for you over time. But I think that's what I would do to check with. If you need the Enterprise Workers Gateway, just check all the specs you need and.
This is how we probably have you covered, but if not, I'm sure it's on the road map. So that's where I would start. If you're considering migrating, let's go ahead and look over at my lab. I'm gonna switch over to my lab environment here and so we can take through an actual deployment that's using.
It's using shadow mode, 2 gateways and shadow mode. This is a lab that we have set up in our Salt Lake office. I'm connected. I live in Kentucky and I'm working from home in Kentucky and I'm tunneling into this network securely through our cloud service. This is a nice feature that's totally free and included automatically. You can see here we get a good summary of the performance.
The network and this is a software again that's running on the gateway itself. So while it's doing all the function of routing traffic, applying firewall policies and everything, it also is gonna be what I'm connecting to to get information about the performance of that network and with schools we have the resource to be able to facilitate that.
So when it comes to Fortress Gateway, I would say the things that that are unique. I mentioned a few of those settings in the in already, but I want to mention a few other things that are included with this. So we offer this product called Cybersecure and some of you may have heard this as you know we're committed to not having licenses, but what we found.
Certain customers in the enterprise space that need to pay for a higher level of, for instance, threat definitions. They want to get the highest end threat definitions that we can provide. And what we do is we partner with third party solutions. A lot of other vendors do the same thing when you're turning on a lot of.
Products out there will make you pay for an extra license and then you get access to the threat definitions and the IDs functionality. I know that multiple products have multiple tiers of licenses that if you wanna use that feature you have to pay for a license. With Unifi you can use IDs and IPS totally for free.
With the Fortress Gateway. But if you need something more than what we use is we use Proofpoint's community tier. This is actually Proofpoint's every trusted partner that a lot of other vendors use as well. But Proofpoint is always updating their threat definitions to be able to prepare organizations for whatever threats can be out there.
So we we offer that for free and we work with them to provide that for free for everyone. And then if you need something more than that, we offer cybersecurity to be kind of an option that is totally up to you, but we've priced it in a way that's very affordable and manageable. But if you're an enterprise environment, it makes a lot of sense, right? So like $500 for a year.
For Cybersecure Enterprise gives you access to our enhanced security set. This includes a few different features, so we have enhanced threat definitions or the signatures. Here you can see how many signatures are currently on this device 111,000 with.
Without this, I would say this is probably I'd have to look it up and see, but it's gonna be much less than this, but we're gonna get more frequent updates. It also includes a few other benefits too with cybersecure, including we have enhanced content filtering. So this again, we're talking about schools. This is a really good feature for schools.
So you can use this enhanced filtering option, which in this case we've partnered with Cloudflare, some of you know them and they provide this really in-depth set of filters that can be applied to the the products. And again, this is one of those things I heard over the years that Unified doesn't have the content filtering we need to be able to use an enterprise environment. We've heard your feedback, we're incorporating that into the product.
And this is one way that we've addressed those concerns so that now we work really well for schools. So you can see here, if you subscribe to Cybersecurity, it also includes this enhanced filtering. Otherwise you're going to have access to a custom filter. We also automatically block malicious and explicit adult domains, but if you want to be more granular with that, you can do an allow list and a block list, but within.
Enhance option. You have all these other categories that you use. So for instance, you can do things like I wanna block e-commerce sites. So if my wife's concerned I'm spending too much money on clothing, which I can assure you that's not the case, but if she wants to block me, she can go ahead and put this content filter on our home network. Then I can't get out to spend all of our money on fashion.
We can block fashion, we can block health and fitness, fine arts. I don't know why we want to block fine arts from our family, but whatever, do what you want to do. But we have all these options here for you to choose, including things like paranormal. So if you're worried about your wife watching scary movies, there you go. Are you seeing some scary movies?
Websites, there we go, we got you covered. But this is so much more expansive than the previous feature. But again, it's there if you need it. But we still have a basic version of this for you that's totally free. And that's where we're unique from a lot of different vendors out there. We don't want to upcharge you for things that you don't need, but if you need something more than what we can offer for free because we can't go and invent.

Pedro Ramirez   23:24
OK.

Andrew Pieper   23:42
And keep these these threat definitions up to date ourselves. We'll network you with a trusted partner and provide to you in a way that's not meant to make us profit, but just to make it available to you. So that's what cybersecure is all about with with the with the Enterprise Fortress Gateway, you get access to a higher tier than it's available on the you can actually get cybersecure on the UDM Pro, the UDM Pro Max.
And all the small form factor gateways, but with the Enterprise Fortress gateway, because it's got more CPU resources, we can actually do more with it. So we're able to do more, a higher tier of threat protection for you. So that's an option for you.
Totally up to you, but that's what's included in that. So you have that content filtering. We also have, you know, these other features are also included without.
Without the use of cybersecure, but we've got them all here. But these are all features. The site, the SSL inspection, decryption I mentioned where you can go set up, you know, custom filters and things for certain types of content. I can go ahead and create, you know, a.
Track and block and I can put in a query type of search. So if I want to search for guns.
We can add this, we can add all sorts of things and what it's gonna do is gonna block search search engine results that when when this is using the search. So it does extra on top of. You can also block file types including all these different extensions. So if you want to prevent certain types of files from being downloaded in your in your system, you can use this to do that.
So yeah, really versatile featuring is cool is it's totally free, so you can always get down to blocking URLs and everything. We also have the advanced option which allows you to create inspection profiles, multiple profiles and you can go and be more granular with this. Now the certificate's installed on each client.
So that gives you the ability to decrypt the traffic using the gateway device. So that is something you would need to distribute through your organization in order to ensure that you can leverage this feature. But yeah, you can get granular with this choosing which network specifically if you only want to apply to like this. If it's a school, you only want to apply to the network that's being used by the students.
You can do that. You can go ahead and assign this out to that and then create your own specific filter list and everything. But it's cool. You can get a logging of all the events too. So sometimes you just want information. You can even just set it up too. Instead of blocking, we're gonna go ahead instead of blocking, we're just gonna.
To track all these queries to see if it's coming up and then we can make decisions based on that after we get a little more information. But that's a cool feature. We also have another thing we've rolled out too is enhanced logging, so we've added on a lot of logging options.
And more granularity with reporting that's going to keep improving as time goes on, but you can see here it's it's evolved quite a bit. And then the other thing I just mentioned too is this is where you enable intrusion prevention. So this is returning threat definitions. You have them applied and with the you can see here with.
The cyber secure enterprise, we're at 111,000 of those, but pretty cool and but there's a lot of features here. But basically you should see similar parity with other vendor gateways, many of them which cost $10,000 or $20,000, you can get a high availability.
Prepare for $4000 with Unify and no recurring cost, which is going to save you.
Pedro Ramirez   29:14
Yes, first a question from a little while ago about switches is is MC leg coming to the XG line or will it only be on the enterprise level switches?

Andrew Pieper   29:27
You know, I don't know. I think right now, as of right now, it's only on the the campus aggregation switch. So that's the only one that we currently have it on and we do not have it on the access switching or any other switch even on the enterprise product. So I would expect that it's not, but I'm not entirely sure.
You know, it could always potentially be subject to change, but we also have along those lines, we also have stacking. Our first stacking model coming out this this quarter will be shipping stacking switches. They're basically the ECS 48 S and the ECS 24 S will be the same basically as our campus 24 and 48 POE.
Switches, but with the with the difference that they will have dedicated 100 gig ports in the back that you can use to to stack multiple switches. So you can have you know three switches, you know one one in the middle that's connected to both the other switches and then the other stacking cable connecting those two switches to each other to wherever any of those switches fail, you know you've got.
Full redundancy there, but that's all possible without the stacking, of course, and the singles for MC lag. There's benefits of having MC lag beyond, you know that that makes it convenient and nice feature to have, but you can still achieve full redundancy throughout your environment without the use of MC lag. It's just sometimes it's going to be something that people prefer to use and I and I understand that.
Right now that's currently only available on devices connected to a ECS aggregation. OK, other questions.

Pedro Ramirez   30:50
OK. Could you check, could you check the chat there yourself, Andrew? It's a little bit, there's a discussion there, some questions.

Andrew Pieper   30:54
Yeah, let me let me pull it up here.
Yeah, one second.
All right, region blocking. Can you demo it? Sure. Let me show you the region blocking. So you can go ahead and just check this box here. And this allows you to block traffic, either outgoing, incoming, and you can allow it or you can block it and you can choose which country that you want. So let's say you're worried about, you know, some people may be worried about.
Might want to block countries that they don't have any business relationship with, or there's no possibility of having any business range. Let's say it's North Korea or something. It may not even be on this list, but let's just say we can choose a country here if there happens to be a lot of.
You know, spam or potential, you know, security risks associated. We can go ahead and create a.
A we can block both directions, we can block outgoing, incoming and so on and we can really get very grand with this and what might be helpful way of of deciding this is you can use. Let's go ahead and go to.
Uh, let's see.
We can go into regions and actually look at the inside view, which we just changed this view. So leave me a second to find it.
Yes, you can. You can go ahead and.
Add on, you can scrape filters that search for different. We can go all flows here. That's what we're looking for. We're looking at threats and you can filter these based on region. You can also see a map. We have a map view that you can see and everything, but you can maybe use that if you see a lot of traffic going to.
Going to China and you're concerned about the type of traffic you see the devices that it's going to or from. You can make decisions based off of that and use that to inform your, you know, your blocking.
Um.
Yeah. So it's pretty, it's pretty easy to set up. And you know, again, I just would be really sensitive about how you apply it because you don't want to necessarily block a region that there's a legitimate reason to have traffic going to because this is going to create problems. They're going to come back to you. So it's something that maybe you use if you're in a very high security, let's say it's a, it's a.
Deployment where it's mainly industrial stuff and you don't need to really connect to much on the outside, but you want to block all traffic going to any country, you know, outside the US or whatever. You can do that. But again, don't necessarily recommend it, but just be careful with how you apply that. But that is an option that you have available.
Next question.
So you can block a. Can you block a country but set an exception? So a company has a remote plant in Mexico or China, but they would like to block everything but the IPS associated with that remote location. So yeah, I have to play with it and see how I would incorporate that. I haven't tried to test that out myself, but let's go look and see if we can figure it out.

Pedro Ramirez   33:43
Uh, about this, it's.

Andrew Pieper   34:01
One second, let's go on here to region blocking and so let's go ahead and.
Yeah, I think what we'd have to do is we would have to set up a. So if you know which IPS that you that you want to allow, I think you would you could potentially allow it through the traffic flows and then you would allow that that IP address and have that be a higher precedent than the.
Than the regional block, but I haven't tested that out. I'm not sure if that's going to work properly because it seems like right here here it's pretty basically this is just going to require the region. But if we can get the, you know, whitelist those, it might be better to do it based on IP address than it is to do it based on region to be honest.

Pedro Ramirez   34:51
There's another question about the EFG here from from Joe. Say I have an EFG, however I I'm getting poor EPPOE performance in the future. Is this something that can be offloaded like the UCG fiber can?

Andrew Pieper   34:51
Oh.
Uh.
Yeah, I'm not sure if that is is an option. I'm sure if there's what I would recommend doing is if you haven't posted a feature request in the community, do so. I'm sure it's probably there, but would upload that. I don't know what the current status of that is or if that's something that's planned for the future. I don't most people aren't using PPPOE, but certain applications.
It's an important thing and I can totally get where you're coming from. And yeah, so I would bring, I would submit a feature request on that or I can even submit that to our team myself.
Let's see. OK, so you're 0 trust networking.
So yeah, so if you want to, if you want to know more about what we have in terms of 0 trust, it's going to continue to evolve. We have a we have a whole platform on unified organizations that's coming that's going to incorporate a lot of a lot of security features for a global enterprise organization especially multi-site.
We're gonna have lots of options in the future. We're planning for that. I would see that evolving as a ZTNA solution, but we're not there yet right now, but it's definitely something that we are working on.

Pedro Ramirez   36:20
And the the latest question here, can we diagnose and test how the firewall is categorizing a site by entering and click test or something?

Andrew Pieper   36:20
Uh, let's see.
I mean you can definitely, you can definitely test it once you you can apply it to a test network and then you can go and do the test from the client device on that network. So what you would do is you would just set up you know content filter and you'd apply that to.
To a specific network and or you can use the and you can use the allow list and block list too on this by the way as well. You can apply, you can do through the other method I showed you as well with app blocking. You can do this on specific networks and then you can test it on that before you roll it out.
So depending on which method you're using, you do have options. We also you know with with certain things, we've got a number of other different options of things that you can do. So we also have.
Threat detection like you can specifically opt into certain lists. These things we have them set to notify. That's something you can also test and then you can decide if you want to notify and block. But depending on which feature you're specifically referring to, I think you'll have to test it on the client devices.

Pedro Ramirez   37:39
And here is something that Russell categorizes that as a big question. Will we be able to do organization and link cloud gateways with unified server OS for MSPs?

Andrew Pieper   37:52
Yes, yes. So unified server OS. So for those who aren't familiar, we've rolled out support. We started supporting the ability to run applications, run the actual server OS and run applications in containerized instances through your own server. With that includes that we can actually support a lot of things that we could in other.
So including things like SD Wan and stuff like that when it's on a self hosted instance. So it's an exciting feature that we're just in the current process of developing. Currently it's only a unified network that runs in that, but we've mentioned that we're going to bring that to other applications.
Um.
But yeah, that's the plan. We're supposed to support that. So it's, you know, we're early days. So that's if you look at the blog post, we do mention that specifically. So if if it's not working, it's probably something that we're working on addressing. But that's the plan. But yeah, we just released that maybe a month ago, so I don't.
It's very new, but I know that's the we're supposed to support other applications. I think as time goes on, but it's still exciting news that we have the option and it's going to support organizations and things. So I'm excited to see what comes of that. I know a lot of you are as well.

Pedro Ramirez   39:04
Those are all the questions for now, Andrew.

Andrew Pieper   39:04

To look at all the different potential for this, but it's gonna be a good one that you can go ahead and do those static routes, the QoS at the same time and between different networks and everything. So a nice option as well. So this will be a little more, you just choose those options and it'll create the rules necessary to facilitate that.
Yeah, pretty, pretty cool feature. And yeah, with that too, we also have, you know, you can create policies through our policy engine and then this you get as well as another way for you to do this. So if you want to basically I want to route policy based routing, I want to route anything that's going out on. I don't have any.
UPM will see, but anything is went on route route interface to we'll say from this network.
Uh, so this network.
And we can specify what destination and everything, but you can. It's really cool what we can do with this. Just another way for you to set up these policies quickly and to modify and edit these through here. But there again, there's easy a chance to configure all these in one place instead of having to click through seven different places within the interface to find each one of these.
Forwarding rule and then have to go to port forwarding. Now you can just do it here. It's like specify the Wan. We can say from which IP addresses, which port we want to send it on to, what Wan port is coming in on and turn on syslog and all that. So just cool that you can do all this now through one place and streamline the management experience for large networks and.
Make it more more useful to administrators. But yeah, I agree that there's still more stuff to come to this. I see Russell says allow a block is to base for like to be able to configure match state on traffic and say block new and invalid only in some directions.
And as you said, you can do that in zones, but you can do that, but not in the zones. But I think I would expect this capability to evolve as time goes on. This is still so new, but I'm excited about just the opportunities presented by this and how it's going to streamline things. We also have, you know, another thing that people.
Don't know as we added OSPF and BGP to the product. Those are another two features that we need to have to support certain enterprise applications. So of course dynamic routing protocols allow you in a large environment to facilitate dynamic routing in ways that make sense for an organization. Here you can go ahead and configure those.
Whether it be OSPF and BGP, but you also have the route option to if you're doing a site to site VPN to use our SDWAN site magic platform, which is just super easy. It does this automatically and so it can be dynamic. So up to you what you want to do, but we have lots of options here in the product and really if there's a feature.
If you need, check it out and we have some options there for you. I do want to mention also QoS is another thing that we specifically rolled out this last year. So now you can choose based on the interface. We can choose QoS behavior if we want to limit traffic, download, upload limit or 10 megabits per second for any of the social media apps.
We can go ahead and create a rule there that does that, and there's a lot of options there too. We can prioritize and limit certain types of traffic, and we can also set a schedule for these things to apply. So during business hours you can set it up to where.
Applications, specific applications. Don't overuse your resources and also prioritize those productivity apps so that you do get the best performance in those with the network has to be pretty congested. So that was another thing we've rolled out recently. If I did a list of all the features we've rolled out on the.
The routing stack, it would be a pretty long presentation, especially I went into them in any depth, but there we have it. I just want to show you some of the different, you know, policy engine and what this is doing to change the management experience and what potential there is there. And I'm excited to see how this evolves to moving forward.
But pretty, pretty cool what we can do now. It didn't used to be nearly as easy in the past, and it's exciting to see that it's getting better.
So that is some of the features I wanted to go over. Any questions for me about these features we went over so far today?
A lot of times people when they're getting started, I mean it's the big thing about moving from unified to another, moving to unified from another vendor is a lot of times people just it takes some time to get familiarized with the different ways of managing your your network. And so like things like even V lans can be difficult initially if you don't know how to do it, but.
Once you get the hang of it, it's really straightforward and very easy and unified to do that. It just takes some familiarity. So I do recommend if you're new to it, check our documentation. We have a lot of really good documents. We also have a GPT unified GPT that will give you like you know step by step instructions if you want to turn on certain things that network you with actual documentation that you can use as reference.
That's one of the things I have heard is that we don't have people. I've heard people say we don't have a lot of documentation. We do have a lot of documentation. I've personally written a lot of it. We don't always put it out there for people to see. But if you use our GPT tool, you can get access to a lot of that and there is a lot of useful resources there for you. So please do check that out. All those features I went over today, virtually all of them will have an article.
On our help center here you can see here this is an example of one of those. I can go ahead and show you the. So if we go to support as things the help center, I can ask GBT a question. I can say OK, how do I?
How do I turn on QoS on a switch port?
And then it'll give you, it'll give you an answer and then it'll network you with articles. You can see here it does a pretty good job giving you answers. And then sometimes I would recommend that you just check that against the article references it provides because you know A I unfortunately if you want to be expansive, it sometimes will.
Hallucinate at times. This all looks good to me so far. Here you could fall through the settings and you can actually go down all the way on the granular level and do you know manual QoS QoS settings. So if I fall through this again, you just go into.
You can go into the port manager, go to the switch port that you want to configure and let's say it's this switch port here. I can go in here now and go to manual, turn on QoS, create new QoS profile and here here I have all those.
Granular options for QoS and this again is really important to certain environments that are doing things like pro AV stuff like that. We make it kind of easy to where we have pre pre set up pro AV port profiles for things like Dante or Q sys NDI.
A S67 Crestron but you have these options. These are basically built in QoS protocols that basically you can you can select. But anyways just to go back to the original point that you can just go through like this will give you useful useful steps. You can fall through this to find that setting and to configure it and then you also have.
Links to articles that will walk you through this. So sometimes, again, like I said, our problem isn't that we don't have the articles, it's that sometimes it's difficult to find what you're looking for and using this GPT tool to network that content is really helpful. I even use that myself. You know, we've gone over several of the features we've discussed today. So zone based firewall and we've got.
See based routing. You can get information to about how to do different policy routing through VPN and.
And so on. So pretty cool what you can do and just check out these articles. So you can see here, I guess that's a question you had someone mentioned about ZTNA. We do support integration with Sassy platforms, ZTNA platforms like Zscaler or Cloudflare, but you can do it using with a.
Policy based routing rule to send off traffic Internet traffic through a tunnel that you've created with the zero trust exchange on that. So I guess going back to that question, that's how you would answer that. But GPT tool is really helpful when you can network with all those resources that you need.
All right. Other questions. I think we've gone through enough content. I probably overwhelmed you with a lot of it, a lot of this. But I do want to make sure to give time for everyone to ask me more questions because a lot of times I find that's what people are here for. And you know, I'm, I'm a wireless expert is my main area of expertise. I'm not as.
I'm not as much of A routing expert. We do have a new member of our team that's going to be, you know, you probably see me work with it. That is, but I definitely know I can answer a fair amount of questions if you do have them. So please, any other questions people have, I'm happy to answer.
In terms of, I see a question from Russell. Do you recommend creating a VLAN with slash 30s and addressing that to addressing slash 30 addressing for PTP to remote sites to join them and do static routing? Personally, I don't. I don't have a recommendation about that myself.
Again, I would, I I wouldn't feel comfortable giving me a recommendation on that specifically. Other questions for me.

Pedro Ramirez   52:54
Here's a question from Jerry Andrew. Is the deep inspection option on cybersecurity module available on the Dream Machine Pro Max?

Andrew Pieper   52:57
M.
Yeah, deep deep packet DPI is not available on all of those. So let me show you the the setting for that. Let me go back to my lab here.
So the cool thing is too, I just want to just note here you can you can do this or you just type in the feature that you want to use and here is the device and traffic traffic inspection identification here. Let me see the deep. Oh sorry, the SSL inspection here. The deep inspection here is available. This is only available on.
Sorry, I I I we changed the term a couple times. This is actually only available. SSL inspection is only available on the Enterprise Fortress Gateway.
It does take a lot of resources. So the other thing is you want to consider the more security features you have enabled, the more consuming that is going to be of your resources. But in this case with the Fortress gateway, you're going to be pretty solid. Unless you know doing 10,000 client devices, then you may not want to have all those security features enabled. It just balances out. So I think a lot of times in those settings like an arena.
You're just gonna more protect your internal resources and then they're gonna have public access and that's it. And then security features. You can be selective about what you enable just to conserve resources. But yeah, this is sorry to answer your question, the SSL inspection.
Is only available on on the Fortress Gateway.

Pedro Ramirez   54:30
Uh, here's a question from Joe. Uh, will we get a CLI manual at all?

Andrew Pieper   54:38
A CLI manual at all, I think probably not likely at this point. We do have from the standpoint. I'll tell you what we do have that I never I I hope we'd have one day. But for those of you that do want to use the API, we have API documentation built in now. We used to not support this.
As.
So typically we recommend Unify. That's the thing about Unify. You don't have to do CLI to manage things. We do have plenty of resources online for the community and stuff that you can follow through, but we don't provide any sort of documentation. We want you to be able to do everything in a more automated way than having to use the CLI. I know in certain cases people are gonna need that anyways, and so we do have resources there, but.
The documentation specifically, I think the API is some area that we're gonna be expanding resources. So what's great about this is that using our API you can automate and integrate, unify with any sort of third party solution. There's a lot of customers out there that for instance, like a Google that manages a large organization is going to have instead of having one, they're not gonna work at.
Unified dashboard for all their networks because they're going to use multi vendor products, put them all into one dashboard using the APIs to be able to make it to where no matter what vendor they're using, they can configure and do all the same things, monitor the performance in the same way you can get from unified performance statistics that you can pull into your own dashboard to display alongside your other third party product performance statistics.
But.
Basically whatever you need to do with the application, anything you can do in the unified application you can do with the API and we're in the process of documenting more and more of those features so that you can be able to leverage this. So if you wanna basically automate generating hotspot vouchers to where basically you could have it set up in a hotel cafe that or sorry.
In a restaurant or cafe, you can have it set up to where if someone I had a friend that runs a cafe and uses Unifi and he was asking me if there's a way for them to put Wi-Fi password on a receipt, create a temporary Wi-Fi password. I was like, well yeah, there's a few ways that you could do it.
You could generate lots of PPSKS in advance and then have those dynamic PPSKS, all that stuff. But you can use the API as well to generate some of this stuff and have it integrated. There's some ways to do it, different apps that you can incorporate. But for instance, if you want to be able to generate a voucher dynamically through another application, you could use the application.
Have it run initiate a script that's going to go and create a voucher based on the criteria and then you could potentially put that on a receipt or whatever. So yeah, there's cool stuff that you can do and we're documenting this. So this is gonna be the way that we're kind of empowering administrators to do stuff that's beyond the application, but I don't see us really growing in the direction of.
Being more CLI oriented to be honest with you.
OK.

Pedro Ramirez   57:19
OK, Andrew. Well, thank you very much. I'm just going to say a couple, mention a couple of case studies that Flytec is working on right now. Interesting. And I want to emphasize on the no licensing fees part of unified enterprise.
We're working with a university, a four campus university from the northeast in the United States. They're starting to get away from $90,000 a month on fees, switching from Cisco and Aruba to Unify.
It's a big project. They're gonna finish this probably until next year, but that that that's a lot of money to be paid on fees. And another interesting case study that we're working at, this is a a a new warehouse.
It's a a dairy wholesaler in the state of New York. And what's interesting about this case study for us here at Flytec, it's gonna be truly a full stack project because they're gonna be using like 250 AI cameras.
Of course, EFG switches, door axis, they're even gonna be installing some EV chargers, unified EV charger. That's that's a very interesting ongoing project right now. That's what I wanted to mention and.
And give you thanks again, Andrew, and hopefully I'll see you on November 4th on the Unified World Conference and hopefully I'll see a lot of the attendees there. Thank you very much.

Andrew Pieper   58:47
Yeah.
Yeah, I I will be at that event as well. So if anybody here attends these webinars wants to come up and chat, I will be at EWC. I would love to meet you in person. Again, I always appreciate you guys joining and I appreciate your thoughtful questions and and feedback you give us. Thanks so much.

Pedro Ramirez   59:08
Thank you very much, everybody. OK, bye.

Andrew Pieper   59:09
Take care everyone. Bye.

Read full transcript