# What we want in a Prosumer Network Device

Ubiquiti has become extremely popular over the past few years with IT professionals and regular consumers wanting to upgrade from poorly maintained/ secured home network routers. The massive benefit of the the Ubiquiti (UniFi specifically) lineup is that it provides the following features:

• All-in-one Wireless LAN management
• IDS/ IPS
• VPN support
• Multiple VLAN’s
• Multiple internet interfaces
• Polished UI (mostly)

The problem is while having all of these professional-grade features in a consumer device, the problem is that while they are all a reasonable step-up from the consumer devices, they fall short of being true professional-grade devices where if you want advanced functionality, you’re severely limited. Before people say, “it’s prosumer, not consumer”, I totally understand! The problem is, Ubiquiti’s EdgeMax line doesn’t really provide the same functionality (especially around WLAN management and UI).

Some of the larger pain-points that wishes I had an alternative are:

• Only 4 WLAN’s available per WLAN Group
• 1st class support OpenVPN is not great. You can’t use certificates.
• Internet-failover is supported, but largely requires manual configuration
• USG-3 doesn’t have enough memory to run a larger (non-default) IDS ruleset.

At the time I originaly drafted this, the Sunburst malware was just disclosed and is not covered in the IDS malware updates. When you try and (manually) add a new and larger rule-set, I have run out of memory on the device.

So what do I want in a prosumer networking device is as follows:

• Minimum of 8GB memory
• First-class support for failing-over (without having to hand-edit files)
• Fully-featured IDS/ IPS (something similar to Snort)
• Full VPN support. I realize there’s 1000 options in OpenVPN, but if you could upload a configuration file and not have to worry about manually managing one, that would be amazing!

To be honest, there is a reasonable gap here between Professional level gear and what Ubiquiti offers. PFSense is a great option, if you’re not running a wireless network. I do hope that the new UXG-PRO can help fill some of the gaps (although the specs leave me concerned), however for now, we struggle-on hand-editing config.gateway.json hoping we didn’t make a mistake.

## The future

So what’s the future? At this stage there is still a large untapped market with running eBPF on home networks. eBPF only requires a recent Linux kernel and runs exceptionally efficiently which makes it perfect for small NUC-like devices. I can definitely see a company utilizing eBPF to create a pro-sumer network software platform based of a NUC similiar to https://protectli.com/product-comparison/.

What I would love to see would be something like this:

• eBPF (XDP) based firewall
• eBPF (XDP) based DPI using open-source rules
• pi-hole software included
• Self Service VPN (that supports manually configured Open-VPN and Wireguard)
• A certificate authority
• WLAN Controller

The future is for the taking!