McCann Tech

View Original

UniFi Express Preview: Flexible and Mesh-able

Originally Posted: December 5th, 2023


TL;DR:

  • The UniFi Express (UX) is another new gateway from Ubiquiti, and the cheapest and easiest way to start a UniFi Network.

  • The UX is a Cloud Gateway — it acts as a UniFi Network controller, gateway, and Wi-Fi 6 access point. You can add up to 4 more for a mesh-style network, or repurpose them as access points in any UniFi network.

  • The Express is for sale for $149 in the US, and availability in other regions is coming soon.


UniFi Express Preview: Flexible and Mesh-able

UniFi Express Tech Specs

From the Ubiquiti store page for the UniFi Express:

Powerfully compact UniFi Cloud Gateway and WiFi 6 access point that runs UniFi Network. Powers an entire network or simply meshes as an access point.

  • Built-in WiFi 6 (2x2 MIMO)

  • 140 m² (1,500 ft²) single-unit coverage

  • 60+ connected WiFi devices

  • (1) 1 Gbps RJ45 WAN port

  • (1) 1 Gbps RJ45 LAN port to extend network

  • 0.96" LCM status display

UniFi Express Preview: Flexible and Mesh-able

Mechanical and Physical

  • Dimensions: 98 x 98 x 30 mm (3.9 x 3.9 x 1.2")

  • Weight: 302 g (10.7 oz)

  • Enclosure materials: Polycarbonate

  • Operating temperature: -10 to 45° C (14 to 113° F)

  • Operating humidity: 5 to 95% noncondensing

  • Certifications: CE, FCC, IC

Hardware and Power

  • Networking interfaces

    • (1) 1 Gbps RJ45 WAN port

    • (1) 1 Gbps RJ45 LAN port

  • Management interface: Ethernet, Bluetooth

  • Power method: USB type C (5V DC/3A)

  • Max. power consumption: 10W

  • LCM display: 0.96" status display

  • Processor: Qualcomm IPQ5018 — Dual core ARM A53 @ 1 GHz

  • Memory information: 1 GB DDR3L

Wi-Fi Specifications

  • 2.4 GHz Radio

    • Max TX power: 22 dBm

    • Antenna gain: 4 dBi

    • MIMO: 2x2 (DL/UL MU-MIMO)

    • Max channel width: 40 MHz

    • Maximum PHY (Throughput rate): 574 Mbps

  • 5 GHz Radio

    • Max TX power: 25 dBm

    • Antenna gain: 5.15 dBi

    • MIMO: 2x2 (DL/UL MU-MIMO)

    • Max channel width: 160 MHz

    • Max PHY (throughput) rate: 2400 Mbps

  • Wireless security: WPA-PSK, WPA-Enterprise (WPA/WPA2/WPA3)

  • Max BSSID: 8 per radio

  • VLAN: 802.1Q

  • Advanced QoS: Per-user rate limiting

  • Guest traffic isolation: Supported

  • Concurrent clients: 60+

  • Zero wait DFS: Yes

UniFi Express Comparison Charts

Comaprison of the UniFi Express (UX) and other UniFi Cloud Gateways

Comparison of all current UniFi Gateways, including the new UXG Lite

For more comparisons, see the rest of my UniFi Network Comparison Charts.

A New Kind of Flexibility

The UniFi Express is as small, cheap, and simple as a UniFi Network can be. There are a lot of details to discuss, but I can’t get over one thing in particular. The Express can do what no other UniFi Cloud Gateway can do: turn into a normal Wi-Fi access point.

The Express can either manage your UniFi network or be managed by another UniFi controller. It can be managed by a Cloud Key, Dream Machine, or self-hosted controller if that fits your needs. The other low-end options such as the Dream Router and Dream Machine can’t do that. In fact, no other UniFi device can do that. It makes the UX more flexible and more useful, and worth considering for both new and advanced users.

The UX can be everything you need for a small network, like the Apple AirPort Express used to be, and like most consumer all-in-one routers are now. You don’t need a Cloud Key or any other parts, but you can add up to 4 UniFi switches or APs if you want. You can also repurpose the Express as an AP if you outgrow it, making it arguably the best entry-level option to get started with.

Goodbye AmpliFi?

This all makes me wonder about the future of Ubiquiti’s other easy-to-use products, AmpliFi. Reading the tea leaves, it seems to point to AmpliFi going away and the UniFi ecosystem extending down to uses that are usually covered by mesh Wi-Fi and basic all-in-one Wi-Fi routers.

Traditionally, Ubiquiti’s option in that area has been AmpliFi. It’s a separate brand with different software and more limited features. AmpliFi software updates have been slow and steady over the past few years, but there hasn’t been any new AmpliFi hardware since the Alien in 2019. We’ll have to wait and see about the future of AmpliFi, but UniFi is clearly their priority.

UniFi Express FAQ and Asterisks

With the UXG-Lite and UX, we now have a lot of options for an entry level UniFi router. The UXG-Lite and UXG-Pro are for people with a Cloud Key or self-hosted network controller. The Cloud Gateways like the UDM-Pro and UDM-SE can only be managed by themselves.

The Express is different, and choosing between all of these options can get confusing. I’ve seen a lot of people ask the same questions. Thankfully, Ubiquiti has a FAQ on their website that clears up most of them:

What is UniFi Express?

UniFi Express is a complete UniFi Networking stack in an ultra-compact, plug-and-play form factor. It runs UniFi Network and features a powerful gateway engine and built-in WiFi 6 with seamless meshing.

Which UniFi Applications run natively on UniFi Express?

UniFi Express runs UniFi Network. For expanded application support, add an additional UniFi Console. For example, a Cloud Key or Network Video Recorder can be added to a UniFi Express network to run UniFi Protect for camera security.

How can UniFi Express be deployed?

UniFi Express can power an entire network as an all-in-one gateway, firewall, and WiFi 6 access point. Need more WiFi coverage? No problem - simply power on another UniFi Express and seamlessly mesh it to the gateway UniFi Express for effortless coverage expansion.

UniFi Express can also be deployed as a WiFi access point in existing UniFi Networks with a wired or wireless uplink.

How many UniFi Network devices does UniFi Express support?

When operated as a gateway, UniFi Express manages up to four additional UniFi Network devices such as other UniFi Express units, switches, and WiFi access points.

How many connected client devices does UniFi Express support?

Each UniFi Express can support 60+ connected client devices.

What is the routing performance of UniFi Express?

UniFi Express can route traffic at speeds up to 1 Gbps. Security features such as Device Identification, Traffic Identification, Country Restrictions, and Ad Blocking can all be enabled without impacting routing performance.

Are there any gateway feature limitations for UniFi Express, compared to other UniFi Gateways?

UniFi Express largely offers the same experience as all other UniFi Gateways, with powerful network segmentation, application-aware firewall, VPN, and license-free Site Magic SD-WAN capabilities.

The only exceptions are Suspicious Activity features (also known as IDS/IPS), which are not available on UniFi Express.

How can UniFi Express be mounted?

UniFi Express is designed to be flexibly placed on any flat surface, such as a desk.

A magnetic wall mount accessory will be available soon for expanded mounting versatility.

Those questions and answers clear up most of the confusion, but there are a few things worth calling out. The spec sheet doesn’t specify the CPU, RAM, or storage. Now that it’s released, we can confirm those for ourselves.

The Express has a Qualcomm IPQ5018 chipset, with a dual-core ARM A53 CPU running at 1 GHz. It has 1 GB DDR3L RAM and 4 GB of storage. It’s very similar to the UXG Lite externally and internally.

The ARM A53 core design was launched in 2012, so it’s not exactly cutting-edge tech. With such a low cost and low power budget, it makes sense, even if it is a little disappointing. That puts the Express firmly in the low-end of the gateway lineup. For many reasons, it won’t be competing with the UDM-Pro, UXG-Pro, or even the UDM.

Missing Features: IDS/IPS

Another thing worth examining are the limitations of the UX compared to other UniFi Gateways. Those mostly come down to hardware, software, and device management limits. Like the UXG Lite, the UX only has a single gigabit WAN and single gigabit LAN. That will be a restrictive for many larger or faster networks, but the more impactful limitations may be internal.

As a result of the limited hardware power, Ubiquiti chose to not enable Suspicious Activity (read: Suricata IDS/IPS) on the Express. In my opinion, that is probably the right decision. The USG and USG-Pro were similarly under-powered, and we’ve never heard the end of people complaining about throughput limitations. Search for “USG slow” or “USG IPS/IDS” and see for yourself. Enabling those features would lead to low throughput and frustrated users.

In the places where the UX will be used, and for most people most of the time, I don’t see that as a deal-breaker. The modern Internet is mostly encrypted by default. HTTPS, modern browsers and operating systems, and good browsing habits makes Suricata a nice-to-have rather than a strict need. Inspecting encrypted traffic and TLS is possible, but it’s complicated and expensive. It’s also of limited utility in a typical home network with no publicly exposed ports or services outside of maybe a VPN server.

If you’re concerned about the lack of Suricata, consider a more expensive UniFi gateway that has enough hardware power to support it. You can also consider wrapping your traffic in another layer of encryption by using a VPN. You could set up a Pi-hole DNS server or enable UniFi Ad Blocking or DNS Shield to control and protect your DNS traffic. You could also utilize the other security features that UniFi and your devices offer.

Limitations and Alternatives

Another result of the hardware limits is the low number of UniFi devices you can manage. You can manage up to 5 total UniFi devices, and the main gateway UX counts as one of them. That means you can add up to 4 UX, UniFi switches, or APs. There is an error message when you try to add a 6th. The client device limit — the phones, laptops, tablets, TVs, etc that you connect to the network — is around 60. That’s not a hard cap though, just a general guideline.

The 5 UniFi device limit is low, but it also helps put guardrails on who should consider this. If you need a big network, multi-gig throughput, a lot of devices and clients, or IDS/IPS, the UX can’t be your gateway, but it can be an AP in that kind of setup. You might be better served by a purpose-built AP, like the U6-Mesh or U6-Pro.

Another limitation worth calling out: When the UX is acting as a mesh AP, both the WAN and LAN ports are available as normal LAN ports. That’s good news. The bad news is with the current firmware, there is no way to assign a VLAN to those LAN ports. It only extends the default, untagged network. In my home network, I have one SSID using my VLAN-tagged LAN network. I am able to tag the management IP of the UX into that with the “network override” setting, but I can’t change what network is provided on the LAN ports.

If you want to build your network around the Express as your gateway and controller, keep the limits in mind. If you want more details about the other gateway and access point options, see my other posts about them in my Ubiquiti Guide:

UniFi’s Strengths and Weaknesses

With the UX seemingly competing with AmpliFi and the mesh Wi-Fi market, it’s worth comparing them. Why would you chose it over the many other options out there? The differences mostly come down to software.

Most of the mesh systems I’ve tested have a nice mobile app that makes setup easy, but only offer the bare minimum of settings and features. Some of them are better in that area, like ASUS ZenWiFi. Some of them want you to pay a subscription for extra features, like eero Plus or Netgear Armor. UniFi doesn’t do that, offering free software that is regularly updated with new features.

Rather than basic phone-app-only management with a few settings, the Express has the full UniFi desktop web interface. The UniFi mobile app has most of the common settings, and it is one of the better network management phone apps out there.

With that software the Express can do things other consumer equipment can’t, like be a Wireguard or OpenVPN server, or control managed switches. You can create additional VLANs and SSIDs. It can act as a Wireguard or OpenVPN client, and you can control and direct specific traffic with UniFi Traffic Routes, Traffic Rules, and firewall rules.

Another strength of UniFi are the expansion options you have. Rather than settling for another router in bridge mode or a Wi-Fi extender, the UX can be the center of a small, but full-fledged UniFi network. Mesh Wi-Fi systems make this kind of multiple AP setup simple, but UniFi is more controllable and customizable. UniFi can also become your solution for video security cameras, access control, VoIP phones, and identity management if you want to go all in.

UniFi isn’t perfect though, and it isn’t always the best option for a non-technical user. Sometimes it feels like the design and look of the software are more important than how it works. It aspires to be enterprise-grade, but fails to deliver that in some areas. Finding good documentation or support can be tough. Ubiquiti’s support has been hit or miss over the years, even though that’s starting to change.

Despite those and many other asterisks, in a lot of areas UniFi delivers more than other consumer equipment does.

Full Circle: Round Rects Are Everywhere!

I was tempted to put the Apple AirPort Express in the title image for this post. I too, am amazed at my restraint.

If you didn’t know, Ubiquiti’s founder and CEO Robert Pera worked in Apple’s AirPort division before he left in 2005 to start Ubiquiti. The 1st generation AirPort Express resembles a modern MacBook power brick and was released in 2004, and it’s reasonable to think he worked on that product. The 2nd generation took on the familiar rounded rectangle shape that we’ve seen in other products like the Apple TV. The UniFi Express not only has the same product name, it also has a suspiciously similar design.

Despite a few patents, Apple doesn’t own the shape of a rounded rectangle. Apple also chose to stop making Wi-Fi and networking equipment in 2018, leaving a hole that Ubiquiti and other mesh Wi-Fi companies have filled. Ubiquiti has always had a bit of Apple’s DNA in their design, from the products themselves to their packaging and marketing. This is just taking that to the next level, where you might not be able to tell which is which if you placed them side-by-side. We’ve come full circle.

Lastly, I just want to point you to this delightful story from Andy Hertzfeld’s folklore.org. The whole website is a fun read, as it has a lot of anecdotes from the early days of the Mac at Apple. This one in particular seems relevant: Round Rects Are Everywhere!