Jump to content

Enterprise Grade WIFI solutions (AP's + Controller + Stats reporting) - Give me your suggestions!

dalekphalm
By dalekphalm
in Networking
 Share
Posted

At my work we are going to be doing a WIFI upgrade in 2023 and I'm asking for feedback and suggestions for solutions.

 

If you have not had experience in Enterprise networking/WIFI, please remember that this post is probably not for you - but please do follow along to learn more about the process if you'd like!

 

We currently have a Mikrotik solution, and honestly we hate it. The controller and it's os: RouterOS is kind of crap, it's got a terrible interface in my opinion. It's confusing and difficult to locate settings intuitively. We've also used Cisco AP's and a controller in the past before Mikrotik - the hardware was bulletproof, the controller was okay (in hindsight, it was miles better than RouterOS is).

 

We're open to all major brands, but it needs to have Enterprise Grade warranty and support, and needs to be legally available in Canada (So, nothing by Huawei for example, or anything banned here).

 

I've personally used Ubiquiti at home - I have a Universal Dream Machine, which is a combination Firewall/PoE Switch/AP with their controller software integrated into it. I like it - it's very visually pleasing, but I've heard that their products aren't necessarily amazing at scale.

 

We'll be deploying a multi-building setup with a single controller (doesn't have to be a hardware controller, but that's what we've typically used in the past - we have a ESXi cluster to run VMs). All buildings are connected via a private fibre network and are accessible via LAN.

 

We're a Public Library with a small IT team, so ease of use and flexibility is important. We'll be tendering an official RFP (Request For Proposal) out to various IT Resellers/Vendors, but we're willing to look at anything initially.

 

I've heard good things about HPE's solution, for example. Meraki, as well - but the licensing might be out of our budget.

 

Please don't suggest any DIY solutions. That's simply not possible for an organization like this. Uptime and support are extremely important, as are ensuring that management isn't overly complicated, etc.

 

If anyone has questions, feel free to post them. I cannot answer all questions due to confidentiality but I'll do my best.

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
7 minutes ago, dalekphalm said:

At my work we are going to be doing a WIFI upgrade in 2023 and I'm asking for feedback and suggestions for solutions.

 

If you have not had experience in Enterprise networking/WIFI, please remember that this post is probably not for you - but please do follow along to learn more about the process if you'd like!

 

We currently have a Mikrotik solution, and honestly we hate it. The controller and it's os: RouterOS is kind of crap, it's got a terrible interface in my opinion. It's confusing and difficult to locate settings intuitively. We've also used Cisco AP's and a controller in the past before Mikrotik - the hardware was bulletproof, the controller was okay (in hindsight, it was miles better than RouterOS is).

 

We're open to all major brands, but it needs to have Enterprise Grade warranty and support, and needs to be legally available in Canada (So, nothing by Huawei for example, or anything banned here).

 

I've personally used Ubiquiti at home - I have a Universal Dream Machine, which is a combination Firewall/PoE Switch/AP with their controller software integrated into it. I like it - it's very visually pleasing, but I've heard that their products aren't necessarily amazing at scale.

 

We'll be deploying a multi-building setup with a single controller (doesn't have to be a hardware controller, but that's what we've typically used in the past - we have a ESXi cluster to run VMs). All buildings are connected via a private fibre network and are accessible via LAN.

 

We're a Public Library with a small IT team, so ease of use and flexibility is important. We'll be tendering an official RFP (Request For Proposal) out to various IT Resellers/Vendors, but we're willing to look at anything initially.

 

I've heard good things about HPE's solution, for example. Meraki, as well - but the licensing might be out of our budget.

 

Please don't suggest any DIY solutions. That's simply not possible for an organization like this. Uptime and support are extremely important, as are ensuring that management isn't overly complicated, etc.

 

If anyone has questions, feel free to post them. I cannot answer all questions due to confidentiality but I'll do my best.

Have you considered ubiquiti unifi gear? Got some great pro-sumer gear and from what I've seen the system is robust, versatile and easy enough to manage with a small IT team and you can even get last gen stuff used/refurb if on a tight budget without sacrificing much.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I like ubiquiti for switches and access points, but prefer pfsense for routing. I run the pfsense controller on a VM. They are more prosumer then enterprise though. True enterprise gear usually requires licencing fees. You get good support but for a price.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
4 minutes ago, BiotechBen said:

Have you considered ubiquiti unifi gear? Got some great pro-sumer gear and from what I've seen the system is robust, versatile and easy enough to manage with a small IT team and you can even get last gen stuff used/refurb if on a tight budget without sacrificing much.

Refurb is an absolute no-go. Uptime and warranty are priority concerns. All hardware will be purchased brand new, from official vendors with warranty.

 

As I mentioned in the OP, I personally own the Ubiquiti Universal Dream Machine, which contains a somewhat simplified version of the Unifi controller software.

 

That'll likely be among the options we consider - thanks for the suggestion!

 

6 minutes ago, tkitch said:

UniFi is a solid choice, we're using it at the office and it works well.

Good to know - as a public library, we support a very high number of users (similar to what a school might have), so whatever we choose will need to be able to support that, along with roaming between AP's as seamlessly as possible.

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, Bdavis said:

I like ubiquiti for switches and access points, but prefer pfsense for routing. I run the pfsense controller on a VM. They are more prosumer then enterprise though. True enterprise gear usually requires licencing fees. You get good support but for a price.

Thanks for the suggestions - we won't be looking at any prosumer gear at all. Pfsense is not going to be considered unless it's part of a rolled-in solution with some kind of support - which I honestly doubt will be something any vendor proposes to us.

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
4 minutes ago, dalekphalm said:

Good to know - as a public library, we support a very high number of users (similar to what a school might have), so whatever we choose will need to be able to support that, along with roaming between AP's as seamlessly as possible.

https://store.ui.com/products/u6-lite-us?variant=32278092382297&currency=USD&utm_medium=product_sync&utm_source=google&utm_content=sag_organic&utm_campaign=sag_organic

 

 

 

A few of these with a POE dream machine would likely be able to cover the entire floorplan and would have plenty of capacity for clients. And they offer the features you want without breaking the bank.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Since you asked for people with experience in Enterprise networking, I thought I'd say that I work as a networking consultant at a fairly large MSP/VAR.

 

I think it is hard to give good recommendations without a visit and getting to know the company, since the recommendation will vary greatly depending on the local IT-team's experience, budget, the location, what other features are requested, and so on.

But I thought I'd throw in some contenders and my thoughts about them to hopefully give some guidance.

 

 

Ubiquiti - Personally, not a fan outside of pretty small deployments. I would not really classify them as "enterprise equipment" but rather as a brand for hobbyists and "prosumer". They got some stuff that is fantastic, like their point-to-point links are great, but for firewalls, switches, and Wi-Fi stuff it feels like they are fairly barebones in terms of features, can be a bit difficult to troubleshoot, and I haven't heard great things about their support. Two big benefits is that they are really cheap for what you get, and it seems like you already have some experience with them which helps a lot when it comes to managing it.

 

Cisco - I'd say Cisco is the crème de la crème when it comes to wireless. They are not perfect, and they are pretty pricey, but the C9115 has worked really well in the smaller deployments I've configured and managed. Convert one C9115 into EWC and use that as your controller. Fairly simple GUI to manage it as well compared to their old AireOS (which I hate). 

 

Fortinet - I've only recently started working with Fortinet's access points but so far I am liking it. They require some tweaking to get working well though. The controller can be installed on a server, but I would strongly advice you get a Fortigate (their firewall product) and use that as the controller if you are going the Fortinet route. The Fortigate is a fantastic firewall. Pretty cheap too and integrates really well with the Wi-Fi. Please note that the 40F FortiGate only supports 8 APs in tunnel mode. So I would recommend getting at least a 60F. The price difference is usually not that big.

 

Aruba Instant On - Haven't tried it myself but I have heard lots of good things about it from colleagues. It's basically Meraki, but without the license fee. Please note that there are some limitations such as I believe 25 devices (25 APs, switches, gateways etc) per "site", and I believe a maximum of 22 VLANs. I believe Aruba implemented this limit in order to avoid large companies just buying these devices and deploying hundreds of them in large organisations. They have a different series (that do require licensing) for that type of deployment.

 

Meraki - Great UI. Super easy to use. Very solid performance. Horrible licensing cost and terms.

 

 

These days whenever I get asked to upgrade someone's SMB network I generally start by recommending Meraki, because I know their local IT team will like it. It's easy to use and offers great visibility for troubleshooting. But usually the customers are put off when I explain the licensing. After that, these days I then go on to recommend Fortinet. Price wise they typically end up being about the same as Meraki, but requires no licensing and the firewall is typically like 10 times as powerful (for the same price).

If they still think the price is too high, I might recommend Ubiquiti, but only if they are a smaller establishment. If I had some experience with Aruba Instant On I would probably recommend that before Ubiquiti.

Those are my go-to three tiers of recommendations.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Professional Enterprise experience:

  • Three years at an MSP that focused on apartment buildings with hotel-style wifi coverage, mostly Ruckus
  • Three years at an MSP that served the hospitality market, directly supported Ruckus, Aruba (HPE), Meraki, and Extreme Wireless for all of the hotel brands you know in North America. Went onsite in Canada multiple times to oversee installs for Delta Hotels. Implemented Marriott Hotels back-of-house network per standards (their back-of-house network security is top notch - unlike their website and database security which is where their data breach came from)
  • Two years at a Fortune 500 company using Meraki and legacy (pre-802.11ac) Cisco Aironet APs
  • Throughout all of this, I've used Mikrotik and Ubiquiti wireless for home and nonprofits, although my home is now using Ruckus Unleashed since 2020.

I understand the limitations of Mikrotik for wide area wireless. It just doesn't expose to you things that it could - for example, the IP address of wireless clients in the clients list. Other wireless systems snoop on DHCP to show this, but I'd be happy if it only worked with local leases (meaning the CAPsMan controller is also the DHCP server). They also lack a lot of creature comforts, like being able to apply guest restrictions on an SSID at the AP-level but without setting up each AP with custom rules to do so.

 

I think Ubiquiti can be a workable solution for you, but any "enterprise support" is going to come from a VAR, and if you find a bug or need an RFO/RCA there is zero chance they're going to have Ubiquiti involved with supporting that. There are organizations that have thousands of APs in a single controller, they use large VMs or physical hardware - like 64GB RAM, pretty decent CPU, good SSD storage. The Java controller requires more resources to scale than other competitors.

 

My favorite enterprise controller to use is Ruckus SmartZone. It is the most straightforward for all the settings I've used for hotel-style networking (which includes the office and security settings used by something like Marriott's back-of-house). Ruckus support has been as good as Meraki and Aruba has been when running into oddball situations. Client analytics/metrics are on par with most things I've seen, certainly enough for troubleshooting all issues I've come across.

 

Aruba wireless is somewhat of an oddball. They have really good feature coverage, but their controller is a mess to use because it is designed as an all-in-one router, UTM/NGFW, wireless controller, authentication gateway (RADIUS proxy or server), and more types of network gear - its a kitchen-sink system. What this means is that some of the settings you might want to put onto the APs are buried in odd submenus that you wouldn't find on your own unless you opened up every option. Aruba also defaults to all traffic being tunneled to the controller, and that is one of the settings that is somewhat complicated to change. Similar to the settings being weird, I also felt like the client analytics/metrics are weaker or more buried, because they are expecting to be a full-play provider. I was able to troubleshoot wireless issues, but not as seamlessly as with Ruckus. The focus on more than just wireless also means that the controller hardware is way over-spec and expensive compared to Ruckus, because when they list the number of APs and clients they can support they list it with the controller acting as a full router. Most of the Aruba controllers are actually standard HPE servers with a custom bezel and the Aruba OS preinstalled.

(Note that I am talking about the full-scale Aruba offering, which is akin to Ruckus SmartZone, not Aruba Instant-On which I have no experience with)

 

If you can afford Meraki, I wholeheartedly recommend it. The client information exposed is top-notch, and being privy to their upcoming features (just had a call yesterday with our sales engineer) they are just furthering their gap between them and everything else. I don't have a lot to say about it beyond that.

 

Comparing the AP hardware of all the companies I've dealt with, its all more-or-less the same, except with Ubiquiti being a small bit lower. The main like-for-like difference I've seen is that Aruba APs run a lot hotter / output a lot more heat than everyone else.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
16 hours ago, dalekphalm said:

As I mentioned in the OP, I personally own the Ubiquiti Universal Dream Machine, which contains a somewhat simplified version of the Unifi controller software.

The only "simplification" to the controller that runs on the Dream Machine lineup is that it is single-site, whereas a normal controller can have many sites defined. The actual limitation on sites is that each site can only have a single gateway (the original USG/USG-Pro, or the new UXG-Pro). Since the Dream Machines are each a gateway, it doesn't make sense for it to be able to support other gateways as a controller. The only other thing that multiple sites makes better is having different names for the same VLAN ID, which is more important for an MSP than a single organization. Beyond the single site limitation, and being stuck to that one gateway device, there is nothing else limited or removed on the DM Network Controller. They actually run/use the same .deb installer package and Java VM as self-run controllers.

 

Edit: Another thing to consider, since you mention warranties and support:

Ruckus, Aruba, Meraki, Fortinet, etc (everything mroe or less at this same price point) have limited lifetime warranties (Check before relying on this information - specific product lines may require an active Support Contract which may or may not be the same as having a License).

Ubiquiti warranty is 2 years if bought from them directly, or 1 year if bought via anyone else. They recently started offering a UI Care support contract, but its only available for the UDMP, UDM-SE, and Gen2 switches - not any APs.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
15 hours ago, LAwLz said:

Since you asked for people with experience in Enterprise networking, I thought I'd say that I work as a networking consultant at a fairly large MSP/VAR.

Thanks - this is the kind of information I was looking for.

15 hours ago, LAwLz said:

I think it is hard to give good recommendations without a visit and getting to know the company, since the recommendation will vary greatly depending on the local IT-team's experience, budget, the location, what other features are requested, and so on.

But I thought I'd throw in some contenders and my thoughts about them to hopefully give some guidance.

Totally - we're not going to get a good recommendation until we release an RFP and have vendors do site-visits and examine our infrastructure. I just wanted to get some idea of what other Enterprise deployments people had experience with and were liking.

15 hours ago, LAwLz said:

Ubiquiti - Personally, not a fan outside of pretty small deployments. I would not really classify them as "enterprise equipment" but rather as a brand for hobbyists and "prosumer". They got some stuff that is fantastic, like their point-to-point links are great, but for firewalls, switches, and Wi-Fi stuff it feels like they are fairly barebones in terms of features, can be a bit difficult to troubleshoot, and I haven't heard great things about their support. Two big benefits is that they are really cheap for what you get, and it seems like you already have some experience with them which helps a lot when it comes to managing it.

This is kind of the vibe that I've heard from MSP's/IT Vendors I've spoken to about Networking Gear. A lot of them don't really seem to consider Ubiquiti on the same playing field as Cisco, etc.

15 hours ago, LAwLz said:

Cisco - I'd say Cisco is the crème de la crème when it comes to wireless. They are not perfect, and they are pretty pricey, but the C9115 has worked really well in the smaller deployments I've configured and managed. Convert one C9115 into EWC and use that as your controller. Fairly simple GUI to manage it as well compared to their old AireOS (which I hate). 

I just checked out the price on that C9115 and damn, it certainly isn't cheap! Cisco will definitely be among the Proposals we get back - one of our primary Vendors is Softchoice, a major IT solutions provider in Canada, and they push Cisco pretty heavily.

 

Whether we can afford it will come down to the RFP itself.

15 hours ago, LAwLz said:

Fortinet - I've only recently started working with Fortinet's access points but so far I am liking it. They require some tweaking to get working well though. The controller can be installed on a server, but I would strongly advice you get a Fortigate (their firewall product) and use that as the controller if you are going the Fortinet route. The Fortigate is a fantastic firewall. Pretty cheap too and integrates really well with the Wi-Fi. Please note that the 40F FortiGate only supports 8 APs in tunnel mode. So I would recommend getting at least a 60F. The price difference is usually not that big.

Interesting - I've heard great things about Fortinet Firewalls. We have a Cisco Firepower Firewall that isn't going to be replaced anytime soon, so whether this is an option with a Fortigate would come down to cost, and whether a Fortigate Firewall is competitive with other OEM's WIFI controllers. We would need a lot more than 8 AP's - though whether we'd need them in tunnel mode is a different question. We probably would - as we currently use Tunnel mode with our Mikrotik AP's for a Captive Portal for Public-side traffic.

15 hours ago, LAwLz said:

Aruba Instant On - Haven't tried it myself but I have heard lots of good things about it from colleagues. It's basically Meraki, but without the license fee. Please note that there are some limitations such as I believe 25 devices (25 APs, switches, gateways etc) per "site", and I believe a maximum of 22 VLANs. I believe Aruba implemented this limit in order to avoid large companies just buying these devices and deploying hundreds of them in large organisations. They have a different series (that do require licensing) for that type of deployment.

Hmm that looks like an excellent solution in general, but we would probably run into issues with the device limit.  We currently have 43 AP's already deployed across all branches, and we're in the process of potentially opening another branch up within under 5 years.

 

We'd have to check out the other series that requires licensing.

15 hours ago, LAwLz said:

Meraki - Great UI. Super easy to use. Very solid performance. Horrible licensing cost and terms.

Yeah we have Meraki L3 and L2 switches at one of our branches, and we almost never have problems with it. This was a new branch that had a high budget for construction, so we could afford to get Meraki Switches.

 

We also use Meraki as our MDM for iPads, and we have a couple of Cameras (most of our Cameras are AXIS).

 

Absolutely no complaints. We'd love Meraki WIFI. If the RFP comes back within our budget, this will likely be the top contender.

15 hours ago, LAwLz said:

These days whenever I get asked to upgrade someone's SMB network I generally start by recommending Meraki, because I know their local IT team will like it. It's easy to use and offers great visibility for troubleshooting. But usually the customers are put off when I explain the licensing. After that, these days I then go on to recommend Fortinet. Price wise they typically end up being about the same as Meraki, but requires no licensing and the firewall is typically like 10 times as powerful (for the same price).

If they still think the price is too high, I might recommend Ubiquiti, but only if they are a smaller establishment. If I had some experience with Aruba Instant On I would probably recommend that before Ubiquiti.

Those are my go-to three tiers of recommendations.

Great suggestions, thanks.

13 hours ago, brwainer said:

Professional Enterprise experience:

  • Three years at an MSP that focused on apartment buildings with hotel-style wifi coverage, mostly Ruckus
  • Three years at an MSP that served the hospitality market, directly supported Ruckus, Aruba (HPE), Meraki, and Extreme Wireless for all of the hotel brands you know in North America. Went onsite in Canada multiple times to oversee installs for Delta Hotels. Implemented Marriott Hotels back-of-house network per standards (their back-of-house network security is top notch - unlike their website and database security which is where their data breach came from)
  • Two years at a Fortune 500 company using Meraki and legacy (pre-802.11ac) Cisco Aironet APs
  • Throughout all of this, I've used Mikrotik and Ubiquiti wireless for home and nonprofits, although my home is now using Ruckus Unleashed since 2020.

I understand the limitations of Mikrotik for wide area wireless. It just doesn't expose to you things that it could - for example, the IP address of wireless clients in the clients list. Other wireless systems snoop on DHCP to show this, but I'd be happy if it only worked with local leases (meaning the CAPsMan controller is also the DHCP server). They also lack a lot of creature comforts, like being able to apply guest restrictions on an SSID at the AP-level but without setting up each AP with custom rules to do so.

Interesting, thanks for the information.

13 hours ago, brwainer said:

I think Ubiquiti can be a workable solution for you, but any "enterprise support" is going to come from a VAR, and if you find a bug or need an RFO/RCA there is zero chance they're going to have Ubiquiti involved with supporting that. There are organizations that have thousands of APs in a single controller, they use large VMs or physical hardware - like 64GB RAM, pretty decent CPU, good SSD storage. The Java controller requires more resources to scale than other competitors.

We *could* do a VM with that level of horsepower - earlier this year we upgraded our VM cluster to a triple host setup, each host as 10C/20T w/ 192GB of RAM, all running ESXi 7. We don't have any SSD storage though - our VM cluster Datastore runs off of a 2.5" HDD based SAN over 10GigE - currently 14 drives in RAID6. The performance is pretty good, but it's nowhere near SSD performance.

13 hours ago, brwainer said:

My favorite enterprise controller to use is Ruckus SmartZone. It is the most straightforward for all the settings I've used for hotel-style networking (which includes the office and security settings used by something like Marriott's back-of-house). Ruckus support has been as good as Meraki and Aruba has been when running into oddball situations. Client analytics/metrics are on par with most things I've seen, certainly enough for troubleshooting all issues I've come across.

How does Ruckus compare to Mikrotik? I know they're owned by the same company and are different brands aiming at different customer segments.

13 hours ago, brwainer said:

Aruba wireless is somewhat of an oddball. They have really good feature coverage, but their controller is a mess to use because it is designed as an all-in-one router, UTM/NGFW, wireless controller, authentication gateway (RADIUS proxy or server), and more types of network gear - its a kitchen-sink system. What this means is that some of the settings you might want to put onto the APs are buried in odd submenus that you wouldn't find on your own unless you opened up every option. Aruba also defaults to all traffic being tunneled to the controller, and that is one of the settings that is somewhat complicated to change. Similar to the settings being weird, I also felt like the client analytics/metrics are weaker or more buried, because they are expecting to be a full-play provider. I was able to troubleshoot wireless issues, but not as seamlessly as with Ruckus. The focus on more than just wireless also means that the controller hardware is way over-spec and expensive compared to Ruckus, because when they list the number of APs and clients they can support they list it with the controller acting as a full router. Most of the Aruba controllers are actually standard HPE servers with a custom bezel and the Aruba OS preinstalled.

(Note that I am talking about the full-scale Aruba offering, which is akin to Ruckus SmartZone, not Aruba Instant-On which I have no experience with)

Interesting - we kind of hate those "all in one" offerings, because as a Library, we're dealing with Capital budgets that are often projected out 10+ years, so we're never replacing all our networking gear in one go. Usually Firewall, Switches, and AP's are all done separately. Sometimes they line up together, but rarely. So we want to avoid unnecessary cost that duplicates hardware we already have (such as Firewall/Gateway), unless the cost advantage makes it worth doing.

13 hours ago, brwainer said:

If you can afford Meraki, I wholeheartedly recommend it. The client information exposed is top-notch, and being privy to their upcoming features (just had a call yesterday with our sales engineer) they are just furthering their gap between them and everything else. I don't have a lot to say about it beyond that.

Yeah I've been really impressed with the Meraki hardware that we do have.

13 hours ago, brwainer said:

Comparing the AP hardware of all the companies I've dealt with, its all more-or-less the same, except with Ubiquiti being a small bit lower. The main like-for-like difference I've seen is that Aruba APs run a lot hotter / output a lot more heat than everyone else.

Interesting - this more or less lines up with my own experience. Our Mikrotik AP's are great, hardware wise. We've never really had an issue that wasn't software based or config based.

 

Thanks again for the suggestions!

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, dalekphalm said:

How does Ruckus compare to Mikrotik? I know they're owned by the same company and are different brands aiming at different customer segments.

I think you are very confused on this - they are definitely not related! Mikrotik is a Latvian company that is not related to any other brands. Ruckus is an American company that was bought by CommScope and then resold to Broadcom where they currently reside. Ruckus switches are from partial acquisition of Brocade, but their APs have been their own technology forever. Ruckus mostly uses custom ASICs/SOCs in their APs, whereas Mikrotik uses chips from standard vendors like MediaTek and Broadcom. Actually a lot of Mikrotik and Ubiquiti products are very similar inside because they use the same chips often.

 

You might be thinking about Cisco and Meraki, which have operated separately on both hardware and software until now - the new CW9162, CW9164, and CW9166 can be selected between Cisco and Meraki firmware options, and I believe they’re going to do similar with switches that can be used with Cisco DNA or Meraki (or the old standalone config).

 

Or you could be thinking about HPE and Aruba. HP had a wireless line before they bought Aruba, and Aruba didn’t have a switch line. When HP bought Aruba they killed off the MSM AP line and renamed the switches to Aruba.

 

The other recent notable acquisitions, although you probably didn’t hear about them, are Extreme Networks buying Zebra Wireless (which previously was Motorola wireless), Extreme Networks buying AeroHive, and Arista buying Mojo Networks. Speaking of - if you get proposals that use Arista, or the AeroHive-derived Extreme APs, they are good contenders too, but avoid the Zebra-derived Extreme APs. I can confirm which is which if you get into that situation.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
7 minutes ago, brwainer said:

I think you are very confused on this - they are definitely not related! Mikrotik is a Latvian company that is not related to any other brands. Ruckus is an American company that was bought by CommScope and then resold to Broadcom where they currently reside. Ruckus switches are from partial acquisition of Brocade, but their APs have been their own technology forever. Ruckus mostly uses custom ASICs/SOCs in their APs, whereas Mikrotik uses chips from standard vendors like MediaTek and Broadcom. Actually a lot of Mikrotik and Ubiquiti products are very similar inside because they use the same chips often.

Hmmm. Well, clearly my information isn't correct here. I was under the impression that Ruckus and Mikrotik were owned by the same company. I'm fairly sure I heard that from an LTT video where Linus installed an AP for his wife's parents, if I recall correctly. I remember him saying something about how the brand he was using was made by the same company of another brand, and I swear he said Ruckus and Mikrotik. I'm likely just misremembering what he said, but it's also possible Linus was just wrong.

7 minutes ago, brwainer said:

You might be thinking about Cisco and Meraki, which have operated separately on both hardware and software until now - the new CW9162, CW9164, and CW9166 can be selected between Cisco and Meraki firmware options, and I believe they’re going to do similar with switches that can be used with Cisco DNA or Meraki (or the old standalone config).

Definitely not thinking of Cisco and Meraki. I'm somewhat familiar with their history. Meraki was bought by Cisco some time ago.

7 minutes ago, brwainer said:

Or you could be thinking about HPE and Aruba. HP had a wireless line before they bought Aruba, and Aruba didn’t have a switch line. When HP bought Aruba they killed off the MSM AP line and renamed the switches to Aruba.

Also definitely not thinking of HPE and Aruba.

7 minutes ago, brwainer said:

The other recent notable acquisitions, although you probably didn’t hear about them, are Extreme Networks buying Zebra Wireless (which previously was Motorola wireless), Extreme Networks buying AeroHive, and Arista buying Mojo Networks. Speaking of - if you get proposals that use Arista, or the AeroHive-derived Extreme APs, they are good contenders too, but avoid the Zebra-derived Extreme APs. I can confirm which is which if you get into that situation.

This wasn't a recent acquisition. The video I'm remembering is probably 5 years old now - it was pre-pandemic for certain.

 

Anyway, it doesn't really matter. Let's just chalk it up to my bad memory.

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
23 minutes ago, dalekphalm said:

Hmmm. Well, clearly my information isn't correct here. I was under the impression that Ruckus and Mikrotik were owned by the same company. I'm fairly sure I heard that from an LTT video where Linus installed an AP for his wife's parents, if I recall correctly. I remember him saying something about how the brand he was using was made by the same company of another brand, and I swear he said Ruckus and Mikrotik. I'm likely just misremembering what he said, but it's also possible Linus was just wrong.

Definitely not thinking of Cisco and Meraki. I'm somewhat familiar with their history. Meraki was bought by Cisco some time ago.

Also definitely not thinking of HPE and Aruba.

This wasn't a recent acquisition. The video I'm remembering is probably 5 years old now - it was pre-pandemic for certain.

 

Anyway, it doesn't really matter. Let's just chalk it up to my bad memory.

I have spent the last 20 minutes trying to find the damn name of what you’re referring to. Basically, Ruckus wanted to have a cheaper option to compete with Ubiquiti, and so they spun up a separate brand for controller-less networking. The hardware was based on the R500 and such but had something specific removed - I think it was BeamFlex, Ruckus’ patented method for doing beamforming based on dynamic antenna patterns as opposed to phase shifting. They ended up retiring that brand and instead offering Ruckus Unleashed - same hardware as the rest of Ruckus, just with an internally hosted controller (a cut down version of ZoneFlex). You can firmware swap APs between standalone, ZoneFlex, SmartZone/Cloud, and Unleashed.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Ughhh finally… Xclaim. I believe it was also used in one or two other videos that year.

 

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
7 hours ago, dalekphalm said:

I just checked out the price on that C9115 and damn, it certainly isn't cheap! Cisco will definitely be among the Proposals we get back - one of our primary Vendors is Softchoice, a major IT solutions provider in Canada, and they push Cisco pretty heavily.

 

Whether we can afford it will come down to the RFP itself.

I am not sure where you looked at the prices, but please keep in mind that the list prices are way higher than you will probably be able to buy stuff for.

I think the list price for a C9115 is something ridiculous like 1600 dollars or something. Last time I looked at our pricing for that access point it was ~600 dollars per AP, and that was to the customer (including our profit margin). So yeah, it's probably best to wait for the RFP because whichever price you might find online might be completely wrong.

 

My guess is that they will be like 500-700 dollars each, depending on how many you will buy, how much margin your vendor will take, and stuff like that.

 

Might be worth keeping in mind that for larger installations you might need a dedicated wireless controller. The embedded one is limited to 100 access points and I am not sure I'd feel comfortable running it near that limit to begin with.

 

 

 

7 hours ago, dalekphalm said:

Interesting - I've heard great things about Fortinet Firewalls. We have a Cisco Firepower Firewall that isn't going to be replaced anytime soon, so whether this is an option with a Fortigate would come down to cost, and whether a Fortigate Firewall is competitive with other OEM's WIFI controllers. We would need a lot more than 8 AP's - though whether we'd need them in tunnel mode is a different question. We probably would - as we currently use Tunnel mode with our Mikrotik AP's for a Captive Portal for Public-side traffic.

If you aren't going to get a FortiGate, and if you already have a FirePower firewall then I don't see much reason to get a FortiGate, then I don't think FortiAP is a good solution for you. Like I said earlier, it is possible to run the controller in a VM (called FWM-VM) but I don't know anyone who actually does that. I am pretty sure Fortinet themselves highly recommend getting a FortiGate if you are going to run FortiAP. But having a separate firewall just for the WLC is kind of wasteful.

 

 

 

7 hours ago, dalekphalm said:

Hmm that looks like an excellent solution in general, but we would probably run into issues with the device limit.  We currently have 43 AP's already deployed across all branches, and we're in the process of potentially opening another branch up within under 5 years.

 

We'd have to check out the other series that requires licensing.

Please note that it's 25 devices per site.

As long as each "branch" doesn't have more than 25 devices you should be fine. It is a pretty big limitation though so worth keeping in mind.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
21 hours ago, dalekphalm said:

This is kind of the vibe that I've heard from MSP's/IT Vendors I've spoken to about Networking Gear. A lot of them don't really seem to consider Ubiquiti on the same playing field as Cisco, etc.

I just checked out the price on that C9115 and damn, it certainly isn't cheap! Cisco will definitely be among the Proposals we get back - one of our primary Vendors is Softchoice, a major IT solutions provider in Canada, and they push Cisco pretty heavily.

 

Whether we can afford it will come down to the RFP itself.

Just remember, any list price you see for cisco equipment is not the price anyone pays. If I remember right it's a 30% discount at minimum from list price. It's a stupid thing but that's how it works, lol.

Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 hours ago, Lurick said:

Just remember, any list price you see for cisco equipment is not the price anyone pays. If I remember right it's a 30% discount at minimum from list price. It's a stupid thing but that's how it works, lol.

Everyone wants to act like they’re a big spender that deserves volume discounts, so a basic 30% is built in - also helps the VAR look like they added value (sometimes they do, sometimes they don’t). What is a substantial purchase to an organization is a small and numerous order to Cisco, the volume discounts really kick in on six-figure orders, or if you sign an Enterprise Agreement (which generally means 6/7 figure annual spend)

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
17 hours ago, LAwLz said:

I am not sure where you looked at the prices, but please keep in mind that the list prices are way higher than you will probably be able to buy stuff for.

Not a concern - I'm sure I looked at the MSRP, as it was on CDW and I wasn't logged in, but we get pretty significant discounts with vendors due to non-profit/registered charity status.

17 hours ago, LAwLz said:

I think the list price for a C9115 is something ridiculous like 1600 dollars or something. Last time I looked at our pricing for that access point it was ~600 dollars per AP, and that was to the customer (including our profit margin). So yeah, it's probably best to wait for the RFP because whichever price you might find online might be completely wrong.

I'm assuming that's $600 USD? Which seems inline with Canadian Pricing I've seen for AP's.

17 hours ago, LAwLz said:

My guess is that they will be like 500-700 dollars each, depending on how many you will buy, how much margin your vendor will take, and stuff like that.

 

Might be worth keeping in mind that for larger installations you might need a dedicated wireless controller. The embedded one is limited to 100 access points and I am not sure I'd feel comfortable running it near that limit to begin with.

We would definitely be under 100 AP's, and not likely to exceed that number even with the potential new branch opening up, but whether we look at a dedicated controller will likely come down to whether the vendor recommends and justifies one or not.

17 hours ago, LAwLz said:

If you aren't going to get a FortiGate, and if you already have a FirePower firewall then I don't see much reason to get a FortiGate, then I don't think FortiAP is a good solution for you. Like I said earlier, it is possible to run the controller in a VM (called FWM-VM) but I don't know anyone who actually does that. I am pretty sure Fortinet themselves highly recommend getting a FortiGate if you are going to run FortiAP. But having a separate firewall just for the WLC is kind of wasteful.

Yeah that definitely makes sense.

17 hours ago, LAwLz said:

Please note that it's 25 devices per site.

As long as each "branch" doesn't have more than 25 devices you should be fine. It is a pretty big limitation though so worth keeping in mind.

I'd have to count, I'm not sure if any of our locations has more than 25 AP's. One of them comes somewhat close.

4 hours ago, Lurick said:

Just remember, any list price you see for cisco equipment is not the price anyone pays. If I remember right it's a 30% discount at minimum from list price. It's a stupid thing but that's how it works, lol.

Oh yeah no worries about that.

1 hour ago, brwainer said:

Everyone wants to act like they’re a big spender that deserves volume discounts, so a basic 30% is built in - also helps the VAR look like they added value (sometimes they do, sometimes they don’t). What is a substantial purchase to an organization is a small and numerous order to Cisco, the volume discounts really kick in on six-figure orders, or if you sign an Enterprise Agreement (which generally means 6/7 figure annual spend)

 

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Fortinet or Ubiquiti are my go to for business installs. Reliable, easy to use, easily expandable and can cover massive install areas like schools. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
3 hours ago, Hakarune said:

Fortinet or Ubiquiti are my go to for business installs. Reliable, easy to use, easily expandable and can cover massive install areas like schools. 

Thanks for the suggestions!

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×