Over the past few years I have accumulated a good number of Smart Home / Home Automation devices to add to the the usual PCs, tablets and phones. The list not includes streaming players, smart TVs and a host of lights, power switches & sockets, fans, camera and all kinds of sensors (the list goes on). Each of these is a potential entry point into a home network. This poses two challenges, one, security and two, management.

I objective was to separate / isolate devices, allow only what need to connect to connect. The approach I wanted to go with is to separate the devices into their own networks (a.k.a. vlans) computers, tablets, phones and storage in one, streaming devices like TVs, Roku, Alexas, that are always connected in another, Smart Home / IoT devices in yet another and finally one for the guests. The IoT devices can actually be split into those that need connect to the internet that those that don’t (more on this later).

Most home use WiFi routers I’ve come across support at most two networks — Home and Guest. Moreover in the quest to make it easy to use, many dumb things down to a level that makes it virtually impossible to do anything. Case in point — Google WiFi, there is no way to configure the network using a computer, one has to fiddle with an app (try setting static IP addresses for 150 devices on a phone app Google!)

I looked around and settled on the UDM (Unifi Dream Machine). One because it’s built on Linux and two because it is a ‘prosumer’ class device, in that it has allows one to build a custom home network with relative ease out of the box. It comes in two versions the UDM and the UDM pro. The UDM is an all-in-one solution that has the gateway, router, 4 port switch and a WiFi access point rolled into one. The UDM pro doesn’t have a WiFi Access point and is a 1U rack mountable device with an 8 port switch.

The price on Unifi’s web store (when I bought it over a year ago) for the UDM is $299 and the UDM pro is going for $379.

The non-pro UDM is a good option for a less complex setup that is mostly WiFi based. The pro version is more suitable for installations that have servers hosting virtual machines, NASes, wired WiFi access points etc (probably a future blog topic). Both support meshing. With the Unifi ecosystem one can have both a wired and wireless uplink (i.e. connection from the access point back to the internet router).

I went with the non-pro version because it was an all-in-on. I have it in a mesh with a couple of UniFi BeaconHD to extend coverage across the basement, 1st & 2nd floors I have a managed 8 port PoE switch for my wired devices like the NUC that hosts VMs and the Qnap NAS. One of the PoE ports connects to and powers the AC Lite AP.

This setup is a work in progress. I probably could have gone with the UDM pro in the 1st place given that I ended up getting an 8 port switch any way, the combined cost of the UDM and the switch is more than the cost of the UDM pro. I didn’t choose the UDM pro in the first place was to avoid the hassle of running an ethernet cable to the 1st & 2nd floor (I ran some, but gave-up after trying debug network speed issues thanks to my less than pro wiring and crimping skills!).