ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    UniFi Home Lab vs Campus

    IT Discussion
    11
    50
    3.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DustinB3403D
      DustinB3403 @coliver
      last edited by

      @coliver said in UniFi Home Lab vs Campus:

      @dustinb3403 said in UniFi Home Lab vs Campus:

      @dafyre said in UniFi Home Lab vs Campus:

      I do think that on a college campus, at minimum, Layer 7 (Application) filtering is necessary to keep students from using all the bandwidth for torrents instead of legitimate educational things... Like Netflix, Youtube, and Online Gaming.

      In SUNY schools in NY they legally weren't (may still be in effect) allowed to limit what the students use the internet for. Being paid for by tax dollars and all. . .

      That is... for the most part correct. We don't really do any filtering outside of known malicious sites.

      Legal use simply put, wasn't blocked. Malicious content (virus etc) was of course.

      scottalanmillerS 1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @DustinB3403
        last edited by

        @dustinb3403 said in UniFi Home Lab vs Campus:

        @coliver said in UniFi Home Lab vs Campus:

        @dustinb3403 said in UniFi Home Lab vs Campus:

        @dafyre said in UniFi Home Lab vs Campus:

        I do think that on a college campus, at minimum, Layer 7 (Application) filtering is necessary to keep students from using all the bandwidth for torrents instead of legitimate educational things... Like Netflix, Youtube, and Online Gaming.

        In SUNY schools in NY they legally weren't (may still be in effect) allowed to limit what the students use the internet for. Being paid for by tax dollars and all. . .

        That is... for the most part correct. We don't really do any filtering outside of known malicious sites.

        Legal use simply put, wasn't blocked. Malicious content (virus etc) was of course.

        Right, there is a simply line there.

        1 Reply Last reply Reply Quote 1
        • DustinB3403D
          DustinB3403
          last edited by

          The big reason I remember this as "being the way things were" was a buddy who lived at the on-campus SUNY dorms got a letter asking his flat to stop downloading so much and some laws about it. Simply asked that "they" reduce their usage, but that they couldn't actually do anything legally to stop him.

          That is until his dorm-mate started torrenting movies. . .

          Then they stepped in.

          dafyreD 1 Reply Last reply Reply Quote 0
          • dafyreD
            dafyre @DustinB3403
            last edited by

            @dustinb3403 said in UniFi Home Lab vs Campus:

            The big reason I remember this as "being the way things were" was a buddy who lived at the on-campus SUNY dorms got a letter asking his flat to stop downloading so much and some laws about it. Simply asked that "they" reduce their usage, but that they couldn't actually do anything legally to stop him.

            That is until his dorm-mate started torrenting movies. . .

            Then they stepped in.

            Yepp. We get 3 or 4 notices a week with DCMAs and threats of legal actions if we don't stop the devices from downloading illegal movies.... Networking guys step in and educate user before allowing their devices back online.

            1 Reply Last reply Reply Quote 1
            • S
              StorageNinja Vendor @Markferron
              last edited by

              @markferron said in UniFi Home Lab vs Campus:

              @dustinb3403 Awesome, thank you very much. Our current security gateway, Meraki MX400, was going to be changed out but the costs of license renewal is far cheaper than purchasing the Palo Alto I was looking at , bummer.

              You looked at running PA in a VM? It's a lot cheaper.

              scottalanmillerS M 2 Replies Last reply Reply Quote 1
              • scottalanmillerS
                scottalanmiller @StorageNinja
                last edited by

                @storageninja said in UniFi Home Lab vs Campus:

                @markferron said in UniFi Home Lab vs Campus:

                @dustinb3403 Awesome, thank you very much. Our current security gateway, Meraki MX400, was going to be changed out but the costs of license renewal is far cheaper than purchasing the Palo Alto I was looking at , bummer.

                You looked at running PA in a VM? It's a lot cheaper.

                Also a much better design! Enterprise security, rather than UTM.

                1 Reply Last reply Reply Quote 0
                • M
                  Markferron @StorageNinja
                  last edited by

                  You looked at running PA in a VM? It's a lot cheaper.

                  No I haven't! But I will now. Thanks.

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @Markferron
                    last edited by

                    @markferron said in UniFi Home Lab vs Campus:

                    You looked at running PA in a VM? It's a lot cheaper.

                    No I haven't! But I will now. Thanks.

                    This is essentially what @JaredBusch and I are always recommending. Sure, we might be a little more cautious about whether you need all this layer 7 stuff or not, is it really necessary. But neither of us is saying that it's a bad idea, the thing that we keep harping on as a ridiculous near-"scam" level problem is the UTM model of shoving all these services into the firewall where they do not belong because it is a risk and expensive and violates very basic best practices that have been around for forever. It's the Windows SBS model taken to networking.

                    dafyreD 1 Reply Last reply Reply Quote 1
                    • dafyreD
                      dafyre @scottalanmiller
                      last edited by

                      @scottalanmiller said in UniFi Home Lab vs Campus:

                      @markferron said in UniFi Home Lab vs Campus:

                      You looked at running PA in a VM? It's a lot cheaper.

                      No I haven't! But I will now. Thanks.

                      This is essentially what @JaredBusch and I are always recommending. Sure, we might be a little more cautious about whether you need all this layer 7 stuff or not, is it really necessary. But neither of us is saying that it's a bad idea, the thing that we keep harping on as a ridiculous near-"scam" level problem is the UTM model of shoving all these services into the firewall where they do not belong because it is a risk and expensive and violates very basic best practices that have been around for forever. It's the Windows SBS model taken to networking.

                      Would it be worth taking a look at running a UBNT Router and a separate device for Application Filtering?

                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller @dafyre
                        last edited by

                        @dafyre said in UniFi Home Lab vs Campus:

                        @scottalanmiller said in UniFi Home Lab vs Campus:

                        @markferron said in UniFi Home Lab vs Campus:

                        You looked at running PA in a VM? It's a lot cheaper.

                        No I haven't! But I will now. Thanks.

                        This is essentially what @JaredBusch and I are always recommending. Sure, we might be a little more cautious about whether you need all this layer 7 stuff or not, is it really necessary. But neither of us is saying that it's a bad idea, the thing that we keep harping on as a ridiculous near-"scam" level problem is the UTM model of shoving all these services into the firewall where they do not belong because it is a risk and expensive and violates very basic best practices that have been around for forever. It's the Windows SBS model taken to networking.

                        Would it be worth taking a look at running a UBNT Router and a separate device for Application Filtering?

                        There are two scenarios that cover 99% of cases. One is "it's not worth doing anything at layer 7", the other is "layer 7 is needed so we need a separate device for application filtering." The thing that essentially never makes sense is the UTM where you do "security badly". Bad security isn't security.

                        1 Reply Last reply Reply Quote 2
                        • 1
                        • 2
                        • 3
                        • 3 / 3
                        • First post
                          Last post