Basically you have all these WiFi Access Points, Switches, Routers, etc (possible 100s or 1000s of devices depending on how big your needs are), and you need some central server+software to actually control, monitor and access everything (like setting the WiFi password on all the access points, doing port forwarding, seeing how many people are connected, etc etc). That's what the Cloud Key does!
It's UI's name for a hardware SDN controller. SDN is a relatively recent principle whereas instead of logging into devices and configuring them manually, you just drop in a central controller and have everything load it's config and report it's stats back to that. So, if you wanted to say, change the password for a WiFi network, instead of having to log into 50 access points and manually change the WiFi password, you would just change it once in the controller and it'd get applied from that.
Before CloudKey you would run the unifi controller (java app) on a PC somewhere on the network, usually a server. This is where you would log in and configure all things unifi. For example if you bought a standalone unifi wifi access point, you would need to fire up the controller software to configure it. Once configured you could turn off the controller and not worry about it but you would lose active monitoring and logging for example. As you added more unifi devices such as switches, gateway/router, cameras, access points, some of these need a controller running full time. In the past I would create a VM in HyperV or vCenter and have a dedicated Windows 7 install run the unifi controller software. CloudKey is basically a small linux distribution running on a tiny computer, just enough to run the unifi controller software. Depending on how big your unifi setup is, the bigger the CloudKey you would want. For most home and small business installs I would suggest the UDM or UDM Pro as these are very capable all-in-one units.
Yep I was waiting the whole video to know the answer to that question. Not really familiar with Unifi gear so feels like that’s a key bit of info to know.
@@virtualfilmerit's basically a controller that configures and monitors ubiquiti access points, switches, routers, etc. And provides a web GUI for admins.
what are you using as access control? do you only have static ports or are you using mac-based radius? we have a mac-based setup that authenticates over a pfsense and have trouble with random switch reboots on our enterprise poe switches.
What you're describing at the end is pretty much the UDM Pro, it's rackable and runs all 4 controllers including protect. It's not a bad machine for home use
I've got a UDM-Pro in my home lab and run everything through it. The only thing it's not controlling is my phones because we don't have phone support in Australia, so I use an iPecs unified communications system.
@@der_schuelerbecause ubiquity isn't enterprise grade, it's prosumer. Just watched further, using an internal SFP+ pass through? Ridiculous. Why not just put the IO in the rear? Ubiquity never ceases to amaze me with how overrated they are
Ubiquiti UniFi hasn't ever been Enterprise grade. Most of the UniFi offerings are the definition of half baked. The Cloud Key in particular has always been a solution for a problem that doesn't exist; just make a vm and install the controller on it instead of wasting a rack unit and $5k on a mediocre implementation.
A Ubiquity cloud key is a management software solution for controlling and overseeing your Ubiquity devices. The cloud key allows for external internet access to that controller, but some companies install the software controller on any device within their network. This is not the same as the cloud key which is a dedicated device or in some cases built into ubiquity routers that offer additional functions such as the aforementioned mentioned cloud access.
@@beepboop6179 yeah but, this should have been in the video, if they were wanting to make their videos more accessible (as they have been doing for awhile)
I really wish Ubiquiti would, for just maybe like six months, focus on implementing basic enterprise functionality in their software, though. Having to use an SSH console to view firewall logs is straight-up unacceptable. That's why my UDM Pro sits behind an OPNSense VM. And even _that_ is a pain in the ass to get working right, as there's no way to disable source-NAT from within the software. It literally requires SSHing in and fucking with iptables directly.
ABSOLUTELY! I can't explain how annoying it is for the console to log and show type/destination of traffic per device and even make a half-decent attempt at detailing what country traffic is going to/from, but then you can't see any backend data of how they got to this conclusion (no IP addresses, no URL's being visited). It's like SO CLOSE to having that functionality and I'm sure the data is there somewhere, but they were just like, nah...we'll just show them a map of the world.
Just finished pulling a UDM from an install, went standalone controller on a Linux vm and a bm opnsense router, and so far I’m really liking it. The switch config propagations only take like 3 seconds, with 22 switches/aps and 25 cameras. Just got the 6 properly tagged vlans working today too.
Unfortunately it feels like they are moving away from that. There are some really good guides on setting it up on an AWS instance and with as little performance as it uses, you could use the free tier or AWS if you don't have anything else being hosted.
@@reallunacy Where i used to work we only worked with the self hosted version with two HP ProLiant DL360p Gen8 with Heartbeat and pacemaker to sync the services between two servers. And voila you have "4x" the redundancy because in each server you have ( 2x SSD in raid 1 & 2 Power Supplies. ) and they automatically switch services in case of a Hardware or Software failure.
I think the buyer for this is setting up big networks for clients. So they don’t have access to the other servers and need to guarantee reliability. Anyone else would throw a Docker container on a bigger server.
For 5000 dollars though, get an actual server, self-host the unifi controller in a docker, and use the server for a million other cool things. Heck, you could do that and still spend way less (i know i did :) ).
This is clearly a product for the enterprise. It has enterprise in the name. Enterprises don't like even tinily janky solutions. It must work every day, all day, for years if not decades, with a contact from the mfg who can make sure that when it breaks, it's not broke for long.
@@unicodefoxI think it's more like 'the receipt must have a 'enterprise title' on it so accounting will be happy about it'. Random component will name that only engineers know? What are you going to do with it? Xxxx enterprise edition? Looks reasonable to me.
The cloud keys are used to control Unifi devices like switches, access points, sensors, doorbells, phones, etc. This one supports 2000 devices which is a step up from the largest Dream machine that can control 200+ devices with it's built in controller. I've only been able to control over 200 devices with controller software running on an Ubuntu server. The other controllers including ones running on Windows servers stall and struggle and don't behave well. Update: The Enterprise UCK works well, it’s very responsive controlling 300 devices. It does not run the protect software like a Dream Machine so it won’t control UniFi Sensors.
I don't usually comment but this video doesn't attempt to properly describe what this device does or what it's for. It talks to the rest of your endpoints and clients? Really missed the mark here, ultimately you're expecting your audience to know what they're looking at as if they work with these systems on a day to day basis. What is a Cloud Key? What does it do? Is it a Key Management Server? Central Management? Even those are over most people's heads without at least some form of exposition.
The Ubiquti GUI is so pretty and doesn't look cluttered. My place of business uses Aruba wireless AP's and although the adoption/provisioning process isn't terrible, the troubleshooting within the Aruba web GUI kind of is.
I work as a Teamlead for Network and Security and when he said „most expensive“ I was thinking more like 90.000$, I think I am to used to Cisco pricing😂
I love this Unify stuff. I run it at home and at work we also use it a lot at remote projects. In our case the small Cloud Keys are good enough, but I would love to have this baby in our server room.
The MSP i used to work for we had setup prpbably a couple thousand switches across hundreds of sites and AP's reporting in to 2 separate unifi VMs running under Ubuntu Server on the same physical box. It still amazes me how well it worked with everything adopting and reporting over the WAN... Now i just have 10 sites on my self hosted VM, still works perfect! Bonus, we had IMPI because we were running on server hardware (and so am i) before it was mainstream haha
The cloud key is a standalone device to host their management software. The Dream Machine product line (routers) also run the software, or you can host the software on your own server. Unless you have an enormous deployment of UniFi hardware, this thing is overkill.
Almost skipped through that ad spot before I heard Dan's beautiful voice coming through. Was a nice switch up to have a calm low pitched ad read for a change!
Two separate power supplies, to two separate UPS units, to two separate power sources. It's Ubiquiti's answer to the internal database taking a shit when power fails.
I wanted to mention too, that the purpose of the Key is not really explained. As far as I know, it's to manage all your ubiquiti hardware. For home/small business use, you can get away running the unify controller in a docker container.
Briefly put: The Cloud Keys run Unifi applications on them. The Cloud Key Ent (as in the video) and standard CK Gen2 just run Network, which is to do with all the APs and switching and clients etc. the CK Gen2+ runs Network as well as Protect, Access and Talk, featuring a hard drive bay.
This really doesn’t make much sense to me. Even our largest enterprise clients just run the Unifi software in a VM with plenty of assigned resources. When I first saw this I thought it would definitely be coming with additional functional features.
If you ever need to reboot anything like a cloud key remotely and have access to the switch you can power cycle the poe on that specific port (As long as you arent powering it with USB). I've done this many times with success.
Have the Dream Machine Pro, Hated it for the first year, Loved it as they finally got it stable, started adding better features, etc. I only wish the UDMP could handle Bell's PPPOE better. I'm hoping get 3/3Gbps in Jan, but I know I will have to prob use something else as a media conversion first then the UDMP.
@StoneLegion Aren't you still limited by ppoe with media converter? I'm in the same situation and will be looking to rectify this as I'm limited to around 900 up/down with bell fibre feeding directly into udm. I can get full speed from bell router but double nat...
@@Zabatsue , If your Network Controller is down, it doesn't mean your network is down. All Ubiquiti devices will operate in the "last" configuration mode. I don't see any issues with self-hosting Network Controller. I had a dedicated Unifi Network Controller for a few years, and now I've moved to the self-hosted Network Controller for ~one year. Both options worked without any issues.
@@OrginalDravas Unless you also have some of their non-networking equipment, such as their cameras. It's unfortunately not possible to self-host any of the other UniFi apps, such as UniFi Protect. Which sucks because I've actually had great experiences with their cameras (personally have a G4 Doorbell Pro and 2 x G5 Bullet) but the physical controller requirement significantly increases the bar to entry for home use (I replaced my previous Nest Doorbell/Cams and will never look back).
This is not the first Ubiquiti "Server" that they have released! Back in the day I bought the Ubiquiti UAS-XG which i used as a Unifi controller as i wanted something a little more enterprise than the Cloud Key Gen2 Plus. It was a 1U custom chassis that actually just contained a Supermicro X10SDV-TLN4F mini ITX motherboard with a little Xeon D CPU, 32GB RAM, dual 10Gb RJ45 based ethernet, M.2 SSD, IPMI and ran Ubuntu server. It was a super cool device until they discontinued it and stopped supporting it after like a year. I actually still have the hardware at home and repurposed it into a generic linux server.
The UniFi Cloud key is capable of configuring and managing dozens of UniFi devices in your network such as UniFi Access Points, Switches and Security Gateway routers. Replacing a dedicated server or computer, the UniFi Cloud Key is an ultra-low energy solution with virtually no footprint.
This thing is outrageous. Can't they just provide the OS build on this server as a VM template that people can install on their existing server infrastructure? At home I have a linux container I install the unifi controller software on. I'm not sure how much different that experience is than what you get from a cloud key.
Should be the same experience (CK vs self-hosted). This thing is outrageous, but they know their customer. It’s not for me and you, it’s for organizations with 500+ users and 100+ UniFi devices, who require something that just works 24/7/365
I suppose if you are at a scale where you would need to give the VM hundreds of GB of RAM and dozens of cores having a dedicated box is probably worth it.
Never used a cloud key the self hosted version works just fine. Though weird that I cannot do a latency test on client devices. That seems a bit artificial. Maybe it just did not quite fully release. Would be useful to have at times.
Loved our self hosted until it had problems. Had a R610 with plenty of cores, 64 GB of ram, and a SSD based raid 6 array. Applied all of the customization for large scale and it worked for several years. As clients went greater than 2000 and our AP's / Switches doubled we started seeing some lag with the UI and strange issues with wifi. Had approximately 8k budgeted for a new server when this popped up at 5k. Took a chance and we have been happy so far. Need to get a second one next year as a cold spare though.
I just want to say something about the little end bit there, the equipment you buy that host the cloud key and if you self host, the experience is exactly the same nothing's different between the two except for the setup and updating the software. I have several clients both hosting different setups but the software is on the same version number and they're identical to each other.
Meanwhile using a DM se that can run all the other features like nvr, talk, access, etc etc. I never really understood the point of this product because the dm se already existed.
Yep. After a year I've encountered 30+ where the battery doesn't even work anymore. Wish the drives would spin down when the Protect service was uninstalled/stopped.
How many servers more powerful than the gen2 are you certainly able to get your hand on then install the software, which is a great option when starting to get to 100 or at least 200+. You might miss some nice features you get now, but can usually be achieved without proprietary ubiquiti software
I hope Unifi keeps building quality products for all-size networks. I waited for the UDM Pro SE for my home network to have POE switch ports and NVR storage for my UI 5 cameras, APs (U 6 UAP-FlexHD), Acess. Two USW Flex's that I feel were good for a Small Farm and Home. Hope to grow with a Bridge to Bridge and AP & Camera at my gate 700 ft away in the Future. Thanks for the review. I would hope to see future upgrades to all platforms in the power supplies and possible DC input direct for Solar inputs
ive been pretty happy with Ubiquiti, after 10 years my Unifi AC access point finally gave up the ghost, looks like it was overheating as there was discoloration on the plastic were two of the chips where located. replaced it with a U6-pro which now works on my PoE+ switch (the older AP required the injector or a Ubiquiti PoE device.) pretty much was plug in play, only took a few moments to adopt in my controller and it was back up and running.
The video would be improved if he spend 2-3 lines in the beginning on what the heck a cloudkey is?! In fact, any video should start with a 2-3 line intro on what it is about for anybody new.
I run a school district with about 400 unifi devices... and about 6500 clients. 3K of those clients alone are chromebooks. Have gotten pretty familiar with tuning a linux machine to run my controller and what happens when it breaks down. I'm hoping this box isn't a sign of Ubiquiti removing the ability for us to build our own controllers.
i've got good luck with deploying the software on windows actually. Never felt like i've missed too much. And for larger deployments the software can be tweaked to support a ton of clients.
Never really liked running the direct windows version of the controller. Have had to restart the services that runs the controller far to often to make it install and forget. Now as a bare minimum the controller gets installed on Debian and run as HyperV guest on a windows box instead.
Good short format video... But I don't understand what the stuff does in the video at all. Maybe you could show a bit more of an in depth view when you go to deploy it? Obviously I'm not the audience for this product, but it's still nice to learn some stuff every now and then.
It doesn't need that big. SuperMicro or a rock Rack Server motherboard around ITX size can be put in a minor 1U case. We still can get IPMI and server-level quality.
Dream Machine has a built in router, switch, PBX, door access control system, NVR & Unifi network controller. The UXG (the device Jake was using) is *just* the router.
As someone else said UDM-Pro is significantly different from a cloud key as it also has Security Gateway (aka router) + switch built in. Though I do see where you’re coming from.
Next question. What if you take the boot SSD out and put it in any old server? What if you toss in a video card in the PCIe slot and see if you can get into some kind of BIOS or something?
Briefly put: The Cloud Keys run Unifi applications on them. The Cloud Key Ent (as in the video) and standard CK Gen2 just run Network, which is to do with all the APs and switching and clients etc. the CK Gen2+ runs Network as well as Protect, Access and Talk, featuring a hard drive bay.
I would like to know what a cloud key is used for... You guys might have done videos on the smaller products that i missed but still a brief explanation could have helped me appreciate the video more. (Even though i wont be using it like several other products in your videos)
Briefly put: The Cloud Keys run Unifi applications on them. The Cloud Key Ent (as in the video) and standard CK Gen2 just run Network, which is to do with all the APs and switching and clients etc. the CK Gen2+ runs Network as well as Protect, Access and Talk, featuring a hard drive bay.
@@whitehat_9814 I’m not sure if I’d call it that - probably yes. It’s made by Unifi, and runs all the Unifi network gear, dealing with anything from settings, management, stats, etc. Although, you can self host it.
why not just install the unifi software on a regular server? I mean it's not too big of a hassle and with a tiny bit of work you can make a docker image. So what's the point of this thing?
coz UniFi decided to not support any another controllers (besides Network one) in such scenario. And if you need VOIP or Ip cams...you kinda forced to. And this beefy guy most likely created for Ip Cams controllers, when you have a lot of them and need to store a lot of data. But in obvious way, LTT would never tell that :)
I agree - this seems a solution in search of a problem. Install the unifi on a VM, and you can scale it as high as the enterprise demands. The VM is also protected with easy backup and snapshots. This product is unnecessary... unless Ubiquiti are about to roll out restrictions on how you can use their product in a VM or only make VMs available as a subscription service.
You would restore or move your unifi vm to your other hypervisor. Not to mention your hardware vendor for your hypervisor would also be overnighting you parts
Could y'all do a compare vs the UDM-SE or the UDM-Pro " what I run" vs this. I had the UCK-G2-PLUS before I switched to the UDM-Pro. unless its a big deployment idk if its worth the coin.
It almost seems like UDM Pro/Pro max is a better option? What is the benefit going with gateway pro rather than the gateway came with UDM Pro/Pro max? Both 10 Gb throughput, both 3.5 GbIDS/IPS Throughput and both 10G SFP+
I really rather like this, the design decisions are exactly what i would have hoped for, a top class ram choice, a top class 10gig nic, an intel CPU (i adore epyc and what it delivers at its price class but no one will say its a reliable and predictable CPU, fantastic for redundant data crunching and NASs but not something like this that needs as close to 100% uptime as it can get) common and easily replicable redundant power supplies, great however i would have loved to see redundant SSDs, i understand that it probably runs on ram when on and the IPMI would make reflashing easy but no one wants to be driving out at 2am to replace an SSD so the server is up and ready at 5am
If you are upgrading to the enterprise key for the offices, would you be willing to sell either of the old cloud keys? They are like unobtanium currently
Unifi has Site Magic which supports multiple sites, so I believe it will. As for running 2 at once for redundancy, I don’t believe this is possible as of yet but could be soon - there’s something similar expected soon with the UDMs and it wouldn’t be a surprise if it was also implemented to Cloud Keys some point after
@@jack3534 Hi Jack. Thanks for the response. Also. Great videos and work. You really have my dream job! I also work with IT, but the amount of new stuff you guys get to mess around with makes me really excited. Keep doing what you’re doing.
I just wish Ubiquiti would make EdgeMax devices again...we've been running a few EdgeMax PoE Switches and some 10G Switches as core switches between our servers and it's ben absolutely rock solid. I'm in the process of switching to Mikrotik now and they need a lot more fiddling...
So it's a standard 1U server that runs the Unifi Controller software? Something that you could do on a VM on any of your servers in an enterprise without having to install a full device for it?
CloudKey generally runs Debian. That maens you can easily create an identical system. Run a backup and perform a bare metal restore to your own hardware. This is for disaster recovery purposes, of course.
I overall really enjoy ubiquiti products, I've had a few issues with their UDM pro and its traffic reporting which massively under-reports network traffic, However, I honestly don't see a Use case for this device... It's a cloud key... it does the exact same thing as the cloud key gen2+. and does significantly less than the UDM pro or UDM SE. Those both have onboard NVR with HDD bay, 11 ports with dual WAN. Like they threw a beast of a CPU in this machine, what is it doing? You physically don't have more than 10Gb sfp throughput, which is the same as the UDM, whilst being significantly larger. The only thing this has is the hot-swap power supplies. the UDM still has redundant power (all be it you need to use their proprietary DC power UPS) but for the price you could comfortably run 2-3 UDM SE's redundantly. I just dont see a market for this product? its drastically more expensive and has less capability than their existing products, If the issue is just a support contract then they could easily just provide an enterprise up charge for a UDM SE and have a more capable product...
I really wish I had a friend like Jake irl. I just got my first 2nd hand enterprise server and I'm struggling to get started. I imagine he'd be such a helping hand to have around with servers stuff.
Dream Machine does routing and firewall stuff, ie threat detection. Cloud Keys do not. This is why Jake paired the CK ENT with a USG (Security Gateway) - this is what you’d do in the real world You typically do: Internet > Dream Machine > … or Cloud Hosting Internet > USG > … or Internet > CK > USG > …
3:17 I was going to day you can just power cycle the poe port the cloud key is connected to. But then I remembered that to do that the cloud key needs to be working.
Would've been nice to have Jake explain what the cloud key is for and what it does :P
There's google for that 😂
Basically you have all these WiFi Access Points, Switches, Routers, etc (possible 100s or 1000s of devices depending on how big your needs are), and you need some central server+software to actually control, monitor and access everything (like setting the WiFi password on all the access points, doing port forwarding, seeing how many people are connected, etc etc). That's what the Cloud Key does!
its basically physical DRM, they suck hard but UBNT fanboys are insane
@@dcxh4488 you don't have to run a cloud key to use a unifi switch or AP. You can self host the controller. Stop spreading misinformation.
@@seshpenguinSo it’s a fancy $5000 wireless controller? 🤔 Seems a bit overkill.
Awesome stuff. But I have one question that would really benefit me appreciating this video: what does a Cloud Key actually do?
It's UI's name for a hardware SDN controller. SDN is a relatively recent principle whereas instead of logging into devices and configuring them manually, you just drop in a central controller and have everything load it's config and report it's stats back to that.
So, if you wanted to say, change the password for a WiFi network, instead of having to log into 50 access points and manually change the WiFi password, you would just change it once in the controller and it'd get applied from that.
Before CloudKey you would run the unifi controller (java app) on a PC somewhere on the network, usually a server. This is where you would log in and configure all things unifi. For example if you bought a standalone unifi wifi access point, you would need to fire up the controller software to configure it. Once configured you could turn off the controller and not worry about it but you would lose active monitoring and logging for example. As you added more unifi devices such as switches, gateway/router, cameras, access points, some of these need a controller running full time. In the past I would create a VM in HyperV or vCenter and have a dedicated Windows 7 install run the unifi controller software. CloudKey is basically a small linux distribution running on a tiny computer, just enough to run the unifi controller software. Depending on how big your unifi setup is, the bigger the CloudKey you would want. For most home and small business installs I would suggest the UDM or UDM Pro as these are very capable all-in-one units.
Yeah, literally asking myself this and was hoping they would go into it in the video. What does the thing actually do?!
Crap ied never waste money on even if I was a billion air
Yep I was waiting the whole video to know the answer to that question. Not really familiar with Unifi gear so feels like that’s a key bit of info to know.
We've been running this since it was released - 3000+ users, 100+ AP's, 75 switches. Never bogs down unlike our self hosted solution.
Very lucky. Quite unstable at times here with 16 ap's and less than 200 users
So is this like a big wifi router? What does “cloud key” mean?
@@virtualfilmer Not really. It's more like a server that runs Ubiquiti services that feed Ubiquiti products.
@@virtualfilmerit's basically a controller that configures and monitors ubiquiti access points, switches, routers, etc. And provides a web GUI for admins.
what are you using as access control? do you only have static ports or are you using mac-based radius? we have a mac-based setup that authenticates over a pfsense and have trouble with random switch reboots on our enterprise poe switches.
What you're describing at the end is pretty much the UDM Pro, it's rackable and runs all 4 controllers including protect. It's not a bad machine for home use
Exactly. Have 5 customers on UDM Pro and it's epic.
I've got a UDM-Pro in my home lab and run everything through it. The only thing it's not controlling is my phones because we don't have phone support in Australia, so I use an iPecs unified communications system.
OMG! That was a Dan sponsor read - I'd listen to him tell me the advantages of a SeaSonic power supply any time. ❤
"It's a 'good' choice" lol
clearly not a dan read, needs more bread
Was just about to comment that lol. Dan has such a calm demeanor and smooth voice ❤
Well, someone has a crush on him 😘
meh..i buy Seasonic even without the sponsor read 🙂
I'm disappointed that it does not have dual SFP for real redundancy if the switch its connected to dies. Feels like the solution is only half baked
It even comes with a Dual-Port NIC. So why not expose both ports outside?
@@der_schuelerbecause ubiquity isn't enterprise grade, it's prosumer.
Just watched further, using an internal SFP+ pass through? Ridiculous. Why not just put the IO in the rear? Ubiquity never ceases to amaze me with how overrated they are
Out of curiosity why would you want the cloud key to be redundant?
Ubiquiti UniFi hasn't ever been Enterprise grade. Most of the UniFi offerings are the definition of half baked. The Cloud Key in particular has always been a solution for a problem that doesn't exist; just make a vm and install the controller on it instead of wasting a rack unit and $5k on a mediocre implementation.
@@charlesturner897 I’ll tell you what else it isn’t… spelt like that! UBIQUITI, not UBIQUITY!
Maby you could give a quick explanation on what a cloud key does
it just runs their controller software, literally the same software you can just download and run on whatever other hardware you want
A Ubiquity cloud key is a management software solution for controlling and overseeing your Ubiquity devices. The cloud key allows for external internet access to that controller, but some companies install the software controller on any device within their network. This is not the same as the cloud key which is a dedicated device or in some cases built into ubiquity routers that offer additional functions such as the aforementioned mentioned cloud access.
@@beepboop6179 yeah but, this should have been in the video, if they were wanting to make their videos more accessible (as they have been doing for awhile)
@@ados8064sorry to correct you but….. Ubiquiti*
I really wish Ubiquiti would, for just maybe like six months, focus on implementing basic enterprise functionality in their software, though. Having to use an SSH console to view firewall logs is straight-up unacceptable. That's why my UDM Pro sits behind an OPNSense VM. And even _that_ is a pain in the ass to get working right, as there's no way to disable source-NAT from within the software. It literally requires SSHing in and fucking with iptables directly.
We send them to our graylog server specifically for that reason as well.
ABSOLUTELY! I can't explain how annoying it is for the console to log and show type/destination of traffic per device and even make a half-decent attempt at detailing what country traffic is going to/from, but then you can't see any backend data of how they got to this conclusion (no IP addresses, no URL's being visited). It's like SO CLOSE to having that functionality and I'm sure the data is there somewhere, but they were just like, nah...we'll just show them a map of the world.
SSHing into a syslog server and knowing how to use command line tools like grep and awk are the most efficient ways to review firewall logs.
Just finished pulling a UDM from an install, went standalone controller on a Linux vm and a bm opnsense router, and so far I’m really liking it. The switch config propagations only take like 3 seconds, with 22 switches/aps and 25 cameras. Just got the 6 properly tagged vlans working today too.
@@largebeppo Its a good skill to have but if you seriously believe that, you havent fully used a tool like Graylog or ElasticSearch + Kibana yet.
I would have loved to see LTT do a video on the self hosted unifi controller
Unfortunately it feels like they are moving away from that. There are some really good guides on setting it up on an AWS instance and with as little performance as it uses, you could use the free tier or AWS if you don't have anything else being hosted.
@@reallunacy Where i used to work we only worked with the self hosted version with two HP ProLiant DL360p Gen8 with Heartbeat and pacemaker to sync the services between two servers.
And voila you have "4x" the redundancy because in each server you have ( 2x SSD in raid 1 & 2 Power Supplies. ) and they automatically switch services in case of a Hardware or Software failure.
I think the buyer for this is setting up big networks for clients. So they don’t have access to the other servers and need to guarantee reliability. Anyone else would throw a Docker container on a bigger server.
For 5000 dollars though, get an actual server, self-host the unifi controller in a docker, and use the server for a million other cool things.
Heck, you could do that and still spend way less (i know i did :) ).
This is clearly a product for the enterprise. It has enterprise in the name. Enterprises don't like even tinily janky solutions. It must work every day, all day, for years if not decades, with a contact from the mfg who can make sure that when it breaks, it's not broke for long.
@@unicodefoxGotta say, in my experience Unifi and enterprise stability just doesn't go in one sentence
@@unicodefoxI think it's more like 'the receipt must have a 'enterprise title' on it so accounting will be happy about it'. Random component will name that only engineers know? What are you going to do with it? Xxxx enterprise edition? Looks reasonable to me.
Unfortunately, not applicable if you require any of the other UniFi apps, such as UniFi Protect.
The cloud keys are used to control Unifi devices like switches, access points, sensors, doorbells, phones, etc. This one supports 2000 devices which is a step up from the largest Dream machine that can control 200+ devices with it's built in controller. I've only been able to control over 200 devices with controller software running on an Ubuntu server. The other controllers including ones running on Windows servers stall and struggle and don't behave well. Update: The Enterprise UCK works well, it’s very responsive controlling 300 devices. It does not run the protect software like a Dream Machine so it won’t control UniFi Sensors.
I don't usually comment but this video doesn't attempt to properly describe what this device does or what it's for. It talks to the rest of your endpoints and clients? Really missed the mark here, ultimately you're expecting your audience to know what they're looking at as if they work with these systems on a day to day basis. What is a Cloud Key? What does it do? Is it a Key Management Server? Central Management? Even those are over most people's heads without at least some form of exposition.
Cloud Key in ubiquity terms… a Control Server that Hosts the control software for all things unify
The Ubiquti GUI is so pretty and doesn't look cluttered. My place of business uses Aruba wireless AP's and although the adoption/provisioning process isn't terrible, the troubleshooting within the Aruba web GUI kind of is.
I did one Aruba install and figured that wasn't for me. How someone can make a UI so cluttered and layered with submenues is wild.
I work as a Teamlead for Network and Security and when he said „most expensive“ I was thinking more like 90.000$, I think I am to used to Cisco pricing😂
I love this Unify stuff. I run it at home and at work we also use it a lot at remote projects. In our case the small Cloud Keys are good enough, but I would love to have this baby in our server room.
PLEASE….. it’s Unifi, not Unify…….
Yeah. It's not perfect. But it's the only WiFi I've ever had which doesn't need regularly rebooting and occasionally factory-resetting.
A missed chance to call it THICKey
6:21 look at what they named it in the shell.
The MSP i used to work for we had setup prpbably a couple thousand switches across hundreds of sites and AP's reporting in to 2 separate unifi VMs running under Ubuntu Server on the same physical box. It still amazes me how well it worked with everything adopting and reporting over the WAN... Now i just have 10 sites on my self hosted VM, still works perfect!
Bonus, we had IMPI because we were running on server hardware (and so am i) before it was mainstream haha
Did they ever explain what a cloud key is in this video`? Or did I miss it
It's basically what manages all the unifi devices and gives them their settings
Nope...
was wondering the same thing..
The cloud key is a standalone device to host their management software. The Dream Machine product line (routers) also run the software, or you can host the software on your own server. Unless you have an enormous deployment of UniFi hardware, this thing is overkill.
@@darkforcesjedi Thanks, I've used UDM Pro a couple of times but never heard of the cloud key
Almost skipped through that ad spot before I heard Dan's beautiful voice coming through. Was a nice switch up to have a calm low pitched ad read for a change!
Two separate power supplies, to two separate UPS units, to two separate power sources. It's Ubiquiti's answer to the internal database taking a shit when power fails.
No Backup, No sorrow.
@@skorpion1298 Isn't it "No backup, Know Sorrow" ?
they'll do literally ANYTHING other than switch away from mongo
UDM Pro makes for a nice rack mountable cloud key.
What is it? Like seriously. What does it do? I watched the whole video.
I wanted to mention too, that the purpose of the Key is not really explained. As far as I know, it's to manage all your ubiquiti hardware. For home/small business use, you can get away running the unify controller in a docker container.
So glad you guys felt the same way! I have zero idea what this thing is. Is this maybe an April fool’s day, a bit late? ;)
Briefly put:
The Cloud Keys run Unifi applications on them. The Cloud Key Ent (as in the video) and standard CK Gen2 just run Network, which is to do with all the APs and switching and clients etc. the CK Gen2+ runs Network as well as Protect, Access and Talk, featuring a hard drive bay.
This really doesn’t make much sense to me. Even our largest enterprise clients just run the Unifi software in a VM with plenty of assigned resources.
When I first saw this I thought it would definitely be coming with additional functional features.
Ubiquiti really needs an active/active HA solution for the UDM. That will be a game changer.
Love Ubiquiti! Been running it in my house for 3 years and it’s amazing!
If you ever need to reboot anything like a cloud key remotely and have access to the switch you can power cycle the poe on that specific port (As long as you arent powering it with USB). I've done this many times with success.
Have the Dream Machine Pro, Hated it for the first year, Loved it as they finally got it stable, started adding better features, etc. I only wish the UDMP could handle Bell's PPPOE better. I'm hoping get 3/3Gbps in Jan, but I know I will have to prob use something else as a media conversion first then the UDMP.
@StoneLegion
Aren't you still limited by ppoe with media converter? I'm in the same situation and will be looking to rectify this as I'm limited to around 900 up/down with bell fibre feeding directly into udm. I can get full speed from bell router but double nat...
Great video, Jake. People at home with 2 or 3 APs (like myself) checking their credit limits to see if we can swing for this.
They create a docker for cloud key so i dont see why a home gamer would need it.
@@Zabatsue , If your Network Controller is down, it doesn't mean your network is down. All Ubiquiti devices will operate in the "last" configuration mode. I don't see any issues with self-hosting Network Controller. I had a dedicated Unifi Network Controller for a few years, and now I've moved to the self-hosted Network Controller for ~one year. Both options worked without any issues.
@@OrginalDravas Unless you also have some of their non-networking equipment, such as their cameras. It's unfortunately not possible to self-host any of the other UniFi apps, such as UniFi Protect. Which sucks because I've actually had great experiences with their cameras (personally have a G4 Doorbell Pro and 2 x G5 Bullet) but the physical controller requirement significantly increases the bar to entry for home use (I replaced my previous Nest Doorbell/Cams and will never look back).
Dream Machine SE is all you would need for home. I have 4 AP's, 4 switches, 10 Cams, 6 users, and around 30 devices without any issues.
Targeted for larger/Enterprise installations and yet no HA for the hardware or software......one day UI will listen to the community, one day
This is not the first Ubiquiti "Server" that they have released! Back in the day I bought the Ubiquiti UAS-XG which i used as a Unifi controller as i wanted something a little more enterprise than the Cloud Key Gen2 Plus. It was a 1U custom chassis that actually just contained a Supermicro X10SDV-TLN4F mini ITX motherboard with a little Xeon D CPU, 32GB RAM, dual 10Gb RJ45 based ethernet, M.2 SSD, IPMI and ran Ubuntu server. It was a super cool device until they discontinued it and stopped supporting it after like a year. I actually still have the hardware at home and repurposed it into a generic linux server.
The UniFi Cloud key is capable of configuring and managing dozens of UniFi devices in your network such as UniFi Access Points, Switches and Security Gateway routers. Replacing a dedicated server or computer, the UniFi Cloud Key is an ultra-low energy solution with virtually no footprint.
This thing is outrageous. Can't they just provide the OS build on this server as a VM template that people can install on their existing server infrastructure?
At home I have a linux container I install the unifi controller software on. I'm not sure how much different that experience is than what you get from a cloud key.
Should be the same experience (CK vs self-hosted). This thing is outrageous, but they know their customer. It’s not for me and you, it’s for organizations with 500+ users and 100+ UniFi devices, who require something that just works 24/7/365
Actually, it’s for organisations with 1000+ Unifi Devices and 10,000+ clients! Crazy isn’t it
I suppose if you are at a scale where you would need to give the VM hundreds of GB of RAM and dozens of cores having a dedicated box is probably worth it.
Be nice if they could show love to the self hosted versions
Your first mistake was thinking Ubiquity loves its users....
Never used a cloud key the self hosted version works just fine. Though weird that I cannot do a latency test on client devices. That seems a bit artificial. Maybe it just did not quite fully release. Would be useful to have at times.
@@AgencyNighthawk The second mistake was you spelling Ubiquiti wrong 😅
Loved our self hosted until it had problems. Had a R610 with plenty of cores, 64 GB of ram, and a SSD based raid 6 array. Applied all of the customization for large scale and it worked for several years. As clients went greater than 2000 and our AP's / Switches doubled we started seeing some lag with the UI and strange issues with wifi. Had approximately 8k budgeted for a new server when this popped up at 5k. Took a chance and we have been happy so far. Need to get a second one next year as a cold spare though.
I just want to say something about the little end bit there, the equipment you buy that host the cloud key and if you self host, the experience is exactly the same nothing's different between the two except for the setup and updating the software. I have several clients both hosting different setups but the software is on the same version number and they're identical to each other.
Meanwhile using a DM se that can run all the other features like nvr, talk, access, etc etc. I never really understood the point of this product because the dm se already existed.
Try running 1000 APs and 10000 clients on a UDM and you’ll soon find out
So what's a cloud key?
Negative thing about ckg2 is the battery overheats due to 2.5" HDD heat, and affect graceful shutdown. Pain in the ass to take apart, too.
Yep. After a year I've encountered 30+ where the battery doesn't even work anymore. Wish the drives would spin down when the Protect service was uninstalled/stopped.
How many servers more powerful than the gen2 are you certainly able to get your hand on then install the software, which is a great option when starting to get to 100 or at least 200+.
You might miss some nice features you get now, but can usually be achieved without proprietary ubiquiti software
0:26 I swear I can hear Linus screaming in the distance "I PAID HOW MUCH?"
so....what does it do?
I see there were plenty of open memory slots. Can you add more memory on your own after purchase?
I hope Unifi keeps building quality products for all-size networks. I waited for the UDM Pro SE for my home network to have POE switch ports and NVR storage for my UI 5 cameras, APs (U 6 UAP-FlexHD), Acess. Two USW Flex's that I feel were good for a Small Farm and Home. Hope to grow with a Bridge to Bridge and AP & Camera at my gate 700 ft away in the Future. Thanks for the review. I would hope to see future upgrades to all platforms in the power supplies and possible DC input direct for Solar inputs
At that price point is not bad, but I've would really have enjoyed if it had NVR utilities built in!
But what’s the benefit compared to running it In a self hosted vm?
What we really need is the ability to install Unifi software on other hardware. That would be SICK!!!
ive been pretty happy with Ubiquiti, after 10 years my Unifi AC access point finally gave up the ghost, looks like it was overheating as there was discoloration on the plastic were two of the chips where located. replaced it with a U6-pro which now works on my PoE+ switch (the older AP required the injector or a Ubiquiti PoE device.) pretty much was plug in play, only took a few moments to adopt in my controller and it was back up and running.
The video would be improved if he spend 2-3 lines in the beginning on what the heck a cloudkey is?!
In fact, any video should start with a 2-3 line intro on what it is about for anybody new.
I run a school district with about 400 unifi devices... and about 6500 clients. 3K of those clients alone are chromebooks. Have gotten pretty familiar with tuning a linux machine to run my controller and what happens when it breaks down. I'm hoping this box isn't a sign of Ubiquiti removing the ability for us to build our own controllers.
Weird they went with an ssd when the VDRs use cheap no name usb drives that fail quite often.
i've got good luck with deploying the software on windows actually. Never felt like i've missed too much. And for larger deployments the software can be tweaked to support a ton of clients.
Never really liked running the direct windows version of the controller. Have had to restart the services that runs the controller far to often to make it install and forget. Now as a bare minimum the controller gets installed on Debian and run as HyperV guest on a windows box instead.
There was no explanation of what that thing is.
Christ that is cool. Rad somebody on the Internet will just straight up buy one and play with it on a video for me. Thanks
Good short format video... But I don't understand what the stuff does in the video at all.
Maybe you could show a bit more of an in depth view when you go to deploy it? Obviously I'm not the audience for this product, but it's still nice to learn some stuff every now and then.
It doesn't need that big.
SuperMicro or a rock Rack Server motherboard around ITX size can be put in a minor 1U case.
We still can get IPMI and server-level quality.
They used to make the Application Server XG - it was a smaller rackmount unit that ran the controller and was about £1200. Until they killed it off.
I’m almost halfway in the video and I still don’t know what exactly this thing is supposed to do. Some sort of server is all I know.
I’m a bit confused with Jakes statement at the end. Is the UDM Pro not the device between a cloud key and this which he’s describing?
Exactly what I thought too...
My thought exactly. Maybe he doesn't want the built-in switch though...?
Dream Machine has a built in router, switch, PBX, door access control system, NVR & Unifi network controller.
The UXG (the device Jake was using) is *just* the router.
As someone else said UDM-Pro is significantly different from a cloud key as it also has Security Gateway (aka router) + switch built in. Though I do see where you’re coming from.
@@unicodefox the device in the video isn't the uxg if that is what you are thinking of it is just the ck-enterprise
Next question. What if you take the boot SSD out and put it in any old server? What if you toss in a video card in the PCIe slot and see if you can get into some kind of BIOS or something?
No need for BIOS, you get root console from the IPMI, you could list all processes running, make changes, etc.
at 1:33 The comment about " That's a management port, that's something we have not seen on a UniFi-class product...." Look at the US-48-500W (500W).
*unboxes cloud key, proceeds to show every unifi dashboard feature unrelated to the cloud key and not explain what cloud key actually does* lolll
Really happy you covered this Jake! I saw it on their site a few months back and thought WTF! Lol
Would be cool to explain what a Cloud Key is.
Briefly put:
The Cloud Keys run Unifi applications on them. The Cloud Key Ent (as in the video) and standard CK Gen2 just run Network, which is to do with all the APs and switching and clients etc. the CK Gen2+ runs Network as well as Protect, Access and Talk, featuring a hard drive bay.
I would like to know what a cloud key is used for... You guys might have done videos on the smaller products that i missed but still a brief explanation could have helped me appreciate the video more. (Even though i wont be using it like several other products in your videos)
Briefly put:
The Cloud Keys run Unifi applications on them. The Cloud Key Ent (as in the video) and standard CK Gen2 just run Network, which is to do with all the APs and switching and clients etc. the CK Gen2+ runs Network as well as Protect, Access and Talk, featuring a hard drive bay.
@@jack3534 so its a proprietary thing?
@@whitehat_9814 I’m not sure if I’d call it that - probably yes. It’s made by Unifi, and runs all the Unifi network gear, dealing with anything from settings, management, stats, etc. Although, you can self host it.
@@whitehat_9814yes, propietary although there is a self hosted controller (not open source).
I mean they have a cloud key docker you can use with a server and its provided free of cost
He's like a kid in a sweet shop. I love to see it.
why not just install the unifi software on a regular server? I mean it's not too big of a hassle and with a tiny bit of work you can make a docker image. So what's the point of this thing?
coz UniFi decided to not support any another controllers (besides Network one) in such scenario. And if you need VOIP or Ip cams...you kinda forced to. And this beefy guy most likely created for Ip Cams controllers, when you have a lot of them and need to store a lot of data. But in obvious way, LTT would never tell that :)
I agree - this seems a solution in search of a problem. Install the unifi on a VM, and you can scale it as high as the enterprise demands. The VM is also protected with easy backup and snapshots. This product is unnecessary... unless Ubiquiti are about to roll out restrictions on how you can use their product in a VM or only make VMs available as a subscription service.
@@fhgnius The enterprise need is that you can have UI ship out a replacement overnight. You can't do that if your hypervisor breaks.
You would restore or move your unifi vm to your other hypervisor. Not to mention your hardware vendor for your hypervisor would also be overnighting you parts
just out of curiosity, how's the software/firmware/OS recovery on that thing, in case an update fails.
Could y'all do a compare vs the UDM-SE or the UDM-Pro " what I run" vs this. I had the UCK-G2-PLUS before I switched to the UDM-Pro. unless its a big deployment idk if its worth the coin.
I'm still going to run my self hosted in AWS for my shows and clients, they better not get rid it!
It almost seems like UDM Pro/Pro max is a better option? What is the benefit going with gateway pro rather than the gateway came with UDM Pro/Pro max? Both 10 Gb throughput, both 3.5 GbIDS/IPS Throughput and both 10G SFP+
U and TP-Link will own the world if they come together 😉
Can you guys make a video addressing OpenWRT? With what bufferbloat does and optimizing your networking for gaming. That would be insane.
I really rather like this, the design decisions are exactly what i would have hoped for, a top class ram choice, a top class 10gig nic, an intel CPU (i adore epyc and what it delivers at its price class but no one will say its a reliable and predictable CPU, fantastic for redundant data crunching and NASs but not something like this that needs as close to 100% uptime as it can get) common and easily replicable redundant power supplies, great
however i would have loved to see redundant SSDs, i understand that it probably runs on ram when on and the IPMI would make reflashing easy but no one wants to be driving out at 2am to replace an SSD so the server is up and ready at 5am
I can't wait for ubnt to change their minds and completely EOL this product
If you are upgrading to the enterprise key for the offices, would you be willing to sell either of the old cloud keys? They are like unobtanium currently
But does it support multiple sites? And can you run two of them as a redundant system?
Unifi has Site Magic which supports multiple sites, so I believe it will.
As for running 2 at once for redundancy, I don’t believe this is possible as of yet but could be soon - there’s something similar expected soon with the UDMs and it wouldn’t be a surprise if it was also implemented to Cloud Keys some point after
@@jack3534 Hi Jack. Thanks for the response.
Also. Great videos and work. You really have my dream job! I also work with IT, but the amount of new stuff you guys get to mess around with makes me really excited.
Keep doing what you’re doing.
Isn't the "enterprise ish" cloud key a dream machine pro?
Ubiquiti needs to make a Cloud Key Pro but something different than their UXG-PRO.
Dan read (past tense) the sponsor spot! Hi Dan! You have a pleasant, soft spoken voice
We've been using a G2 for awhile now. And with 1400 endpoints on network. This might be a want. I would love to see data flows...OMG please.
The question is, what happens if you max the RAM out and put the other CPU in?
Doesn't the UDM Pro fit the area Jake was asking about at the end?
Dropped the ball on this one sadly, no explanation on what this device does. Kinda confused
I love these types of videos I can't understand sh*t, but leave learning at least something, even sometimes being just a new word lol
I would love to be able to put the Unifi OS on a dedicated machine. I would overkill the hell out of it.
I just wish Ubiquiti would make EdgeMax devices again...we've been running a few EdgeMax PoE Switches and some 10G Switches as core switches between our servers and it's ben absolutely rock solid. I'm in the process of switching to Mikrotik now and they need a lot more fiddling...
what about the udm pro?
This runs network only, but can handle 1000s more devices and 10,000s more clients
@@jack3534 Ya but he went from cloud key to saying that there is nothing in between witch imo i think the udm is
So it's a standard 1U server that runs the Unifi Controller software? Something that you could do on a VM on any of your servers in an enterprise without having to install a full device for it?
CloudKey generally runs Debian. That maens you can easily create an identical system. Run a backup and perform a bare metal restore to your own hardware. This is for disaster recovery purposes, of course.
5:00 Ha! I see what you did there.
I mean, you literally called it out, but still. I appreciate the pun.
I have no idea what this video is about lol but Jake is excited so it’s a fun video 😂
I overall really enjoy ubiquiti products, I've had a few issues with their UDM pro and its traffic reporting which massively under-reports network traffic,
However, I honestly don't see a Use case for this device...
It's a cloud key... it does the exact same thing as the cloud key gen2+. and does significantly less than the UDM pro or UDM SE.
Those both have onboard NVR with HDD bay, 11 ports with dual WAN.
Like they threw a beast of a CPU in this machine, what is it doing? You physically don't have more than 10Gb sfp throughput, which is the same as the UDM, whilst being significantly larger.
The only thing this has is the hot-swap power supplies. the UDM still has redundant power (all be it you need to use their proprietary DC power UPS) but for the price you could comfortably run 2-3 UDM SE's redundantly.
I just dont see a market for this product? its drastically more expensive and has less capability than their existing products, If the issue is just a support contract then they could easily just provide an enterprise up charge for a UDM SE and have a more capable product...
“The president’s key. Unlocks all locks in the kingdom.” 😂
Would love to see LTT make their own Cloud Key Server, sure this looks good, but what could you build for the best price / for the same budget? :)
I really wish I had a friend like Jake irl. I just got my first 2nd hand enterprise server and I'm struggling to get started. I imagine he'd be such a helping hand to have around with servers stuff.
So what's the difference in the cloud keys and the dream machine?
Dream Machine does routing and firewall stuff, ie threat detection. Cloud Keys do not.
This is why Jake paired the CK ENT with a USG (Security Gateway) - this is what you’d do in the real world
You typically do:
Internet > Dream Machine > …
or
Cloud Hosting Internet > USG > …
or
Internet > CK > USG > …
I will never understand the simping for Ubiquiti. Not just LTT but the entire fanbase.
3:17 I was going to day you can just power cycle the poe port the cloud key is connected to. But then I remembered that to do that the cloud key needs to be working.
Jake you’re a lucky person to test that out 😂
I almost wish they'd just sell the barebones servers to get a full pretty unifi rack
that'd be neat