Unifi G3 Pro

[glennd]

I'm looking for any advice/experience on deploying these guys. There are four of them to be deployed around a large shop. So far the only hardware we have is the cameras. 2 are replacing existing old cameras and 2 are new locations. I understand I'll need a PoE switch; 4 port required but maybe bigger to allow for future expansion. The 60W is enough to supply the four cameras. He wants everything recorded so I'm also looking at the Unifi NVR. Will that get us operational?

I'm not sure how the Application Server would be used. Is that an alternative to the NVR maybe? I see the NVR has the Unifi Video software pre-installed so I think that's all that we need.

 

[HCHTech]

Following - it's so damned hard to keep up with new product offerings and figure out if it's something I want to/have to get into.

 

[tek9]

For 4 cameras you only need the NVR. The application server is intended for larger deployments and hosts both the Unifi Video and Unifi Controller.

 

[marley1]

You need to use their NVR
Either the older video platform or the new protect on the cloud key

If not purchased would go with different product

 

[Your PCMD]

You need to know the difference between Unifi Video and Unifi Protect - which is on the Cloudkey Gen2.

Look at this first:

Also, @YeOldeStonecat may chime in here as well.

An alternative is ReoLink. This is the system I have in my own shop as well as my house and have different variations of it - additional separate cameras - in a few businesses, mainly convenient stores and a couple lawyers offices. It is rather impressive for the price.

 

[YeOldeStonecat]

What do you need to know about them? I've used them since the earlier Gen2 days.

I'm a huge lover and seller of Ubiquiti products. I like their camera software, it was one of the first out there to:
*Not need any clumsy browser extensions or programs to view from a computer...just a browser
*Not need any port forwarding or static IP address, just tie the NVR to your free UBNT account online and it tunnels via a secure proxy
*Easy/simple smart phone app

The old version of NVR software was Ubiquiti Unifi Video. You can install on that on any hardware you like...I ran our offices cameras on an old Dell ultra small form factor Optiplex with a Core 2 Duo for quite a few years. Free software.
The new version of NVR software is Protect..and it's not yet available to install on any hardware you like...only with UBNT's NVR or Cloud Key Gen 2 "Plus" model (which I got one back in the Beta days and have had our office on since then).

We use the cameras for light to medium indoor use, and light outdoor use. It's not a license plate camera...although the new G3 Pro model is decent. We also work with other brand cameras. To sum up my opinion on Ubiquiti's cameras..."OK" cameras for the price, you can get better cameras for the same price. But their NVR software is pretty darned good for basic needs, and I like not having to use 3rd party viewing software or browser plugins, and I have any old method of needing to do port forwarding on the firewall for remote NVR viewing..such a security risk! I have never explored the "scaleability" of their NVR system...meaning I'm not sure how easy it is to do huge camera installs with it.

Unifi POE switches..allow you to easily power cycle if needed...and may as well go with a Unifi gateway, and wireless if needed too. Keep it all in the same ecosystem for management. The Cloud Key Gen2 Plus combines the Protect video with the Unifi controller on the same unit.

 

[timeshifter]

One thing bugs me about this, and maybe it's because I'm not educated well on the subject: is there a hit on network performance?

Seems that having one or more cameras continuously transmitting data across the network to an NVR might be noticeable, especially with sensitive applications like online gaming.

Is that true? And if it is, how do you mitigate those issues?

 

[YeOldeStonecat]

For LAN, not so much unless you have old 100 meg switches.
Even at todays higher rez cameras, 6-8 Megs per second per cam if you have the settings cranked up for FPS 'n rez.

For larger deployments, it's a consideration for sure, have 10 gig backbones, VLAN off the traffic, etc. But for smaller networks, if you have a gigabit switch...no worries.

 

[glennd]

For 4 cameras you only need the NVR. The application server is intended for larger deployments and hosts both the Unifi Video and Unifi Controller.

As I understand it, a 'controller' is not strictly required. The NVR and it's Video software will discover and set up the cameras.

 

[tek9]

As I understand it, a 'controller' is not strictly required. The NVR and it's Video software will discover and set up the cameras.

Correct.
But the application server would handle the Unifi SDN stuff, APs, Switches, USG, as well.

 

[glennd]

You need to know the difference between Unifi Video and Unifi Protect - which is on the Cloudkey Gen2.

Look at this first:

Also, @YeOldeStonecat may chime in here as well.

An alternative is ReoLink. This is the system I have in my own shop as well as my house and have different variations of it - additional separate cameras - in a few businesses, mainly convenient stores and a couple lawyers offices. It is rather impressive for the price.

Thanks for the video. I now understand Protect vs Unifi Video. The video is from March but he seems to think Unifi Video is probably last generation and Protect is next generation. The Protect software looks good and the Cloud Key Gen 2 Plus is substantially cheaper than the NVR.

 

[glennd]

What do you need to know about them? I've used them since the earlier Gen2 days.

I'm a huge lover and seller of Ubiquiti products. I like their camera software, it was one of the first out there to:
*Not need any clumsy browser extensions or programs to view from a computer...just a browser
*Not need any port forwarding or static IP address, just tie the NVR to your free UBNT account online and it tunnels via a secure proxy
*Easy/simple smart phone app

The old version of NVR software was Ubiquiti Unifi Video. You can install on that on any hardware you like...I ran our offices cameras on an old Dell ultra small form factor Optiplex with a Core 2 Duo for quite a few years. Free software.
The new version of NVR software is Protect..and it's not yet available to install on any hardware you like...only with UBNT's NVR or Cloud Key Gen 2 "Plus" model (which I got one back in the Beta days and have had our office on since then).

We use the cameras for light to medium indoor use, and light outdoor use. It's not a license plate camera...although the new G3 Pro model is decent. We also work with other brand cameras. To sum up my opinion on Ubiquiti's cameras..."OK" cameras for the price, you can get better cameras for the same price. But their NVR software is pretty darned good for basic needs, and I like not having to use 3rd party viewing software or browser plugins, and I have any old method of needing to do port forwarding on the firewall for remote NVR viewing..such a security risk! I have never explored the "scaleability" of their NVR system...meaning I'm not sure how easy it is to do huge camera installs with it.

Unifi POE switches..allow you to easily power cycle if needed...and may as well go with a Unifi gateway, and wireless if needed too. Keep it all in the same ecosystem for management. The Cloud Key Gen2 Plus combines the Protect video with the Unifi controller on the same unit.

I think there's no point going for something that's essentially out of development plus the Gen2 Plus unit is substantially cheaper. Either the US-8-60W or US-8-150W switch.

I think that's all I'm looking at? cameras, switch, Gen2 Plus.

Have to find me a gopher to run around ceilings and things....

 

[glennd]

For LAN, not so much unless you have old 100 meg switches.
Even at todays higher rez cameras, 6-8 Megs per second per cam if you have the settings cranked up for FPS 'n rez.

For larger deployments, it's a consideration for sure, have 10 gig backbones, VLAN off the traffic, etc. But for smaller networks, if you have a gigabit switch...no worries.

My plans to mitigate this, because I think the client is running a 100mb switch, is to run the cameras directly back to the Unifi gigabit PoE switch and into the the Cloud Key and from that switch to the other existing switch so the camera traffic is kept off the main lan, except for the one monitoring station.

 

[glennd]

Correct.
But the application server would handle the Unifi SDN stuff, APs, Switches, USG, as well.

Ah, ok. I haven't come across that yet so I'm still learning about it. As for this particular customer, there's no plans to enhance the network any further.

 

[YeOldeStonecat]

My plans to mitigate this, because I think the client is running a 100mb switch, is to run the cameras directly back to the Unifi gigabit PoE switch and into the the Cloud Key and from that switch to the other existing switch so the camera traffic is kept off the main lan, except for the one monitoring station.

I have to ask "Why allow them to keep a 100 meg switch?"
Replace that sucker! Heck it's a bottleneck for most internet connections these days....not to mention if this client does any LAN stuff.

Also I urge caution on selection of the 8 port Unifi switches...a couple of different models, some with only pass through POE...thus limited, and the 60 watt model has some limitations. For a "core" switch (which I wager you'd want)...replacing the clients 100 meg switch...not sure how many ports you need but probably safe to start with at least the 16 port model.

Another quick tip....to help performance throughout the switches, on ports where you have an AP, and on ports where you have the cameras, enable the "port isolation". Don't need LAN broadcasts and visa versa chattering up those ports and adding traffic overhead.

For Unifi switches, for smaller setups you can control ports individually...but as the network grows, there is a feature called Profiles that you apply to the ports, and this becomes very beneficial for configuring the switches. The Profiles are a...profile...you create, where you define the VLANs, POE settings, port isolation, Voice VLAN/LLDP if applicable, and other settings. And you can quickly apply profiles to ports.

So...for example, you have your default VLAN for the primary data network.
And I'll typically create a VLAN for the guest wireless...VLAN3
And I'll typically create a voice VLAN for VoIP, VLAN2...and LLCP that.

Next...I'll create profiles. A default profile for most ports....if no phones, just primary VLAN...no POE.
And I'll create a profile for the ports that the AP will link to...default VLAN, plus guest VLAN, plus POE...plus port isolation.
For the switch port facing the router/gateway...default VLAN and no POE.
For the switch port facing the second ETH port on the firewall for the guest network to exit...I'll make VLAN3 the default VLAN, no POE.
For any switch ports going to office data ports where the client has VoIP..default VLAN, voice VLAN, POE.

 

[YeOldeStonecat]

As I understand it, a 'controller' is not strictly required. The NVR and it's Video software will discover and set up the cameras.

The "Unifi Controller" is used to provision/manage the APs, switches, and Unifi gateway. It can be used to just manage the APs alone...although you can provision them with the cell phone app and just cut them free to be stand alone from then on. But you have no easy way to "manage them" down the road remotely...update firmware, change wireless SSIDs/passwords, etc....you'd have to go onsite. The Unifi controller seems overkill for just managing APs..but...it really starts to shine as you have Unifi switches and the Unifi gateway on the network....you start to realize its incredible capabilities and ease of management, remote troubleshooting, etc.

The Unifi controller ties to a FREE cloud account at unifi.ubnt.com where you can easily, securely remote into all of your clients Unifi networks and manage them, update firmware, identify network issues, have incredible deep insight into the network, easily change settings, etc.

So try to replace pre-existing old switches a client may have with Unifi switches. Takes you less time to set things up, easier for you to "manage" the network, tune it for performance, troubleshoot things down the road, less costs for the client down the road to change things (since you can easily do it remotely), spot problems, etc. Network is cleaner since you don't need cumbersome POE injectors..and with the APs and cameras you can get the pack boxes that don't have POE injectors and have a much less "per unit cost"..thus washing out some of the cost of the Unifi switch. You (thus the client too) pay for more individual boxes that include the POE injectors (at like 45 bucks a pop).

 

[marley1]

Unifi controller has nothing to do with the cams.

Cams run off older system or new Protect.

Most cameras are passive POE. Need us-8-150 or 16 or higher to control or just injector

Cams are limited for many jobs if you need to handle long distances or different scenarios.

 

[glennd]

I have to ask "Why allow them to keep a 100 meg switch?"
Replace that sucker! Heck it's a bottleneck for most internet connections these days....not to mention if this client does any LAN stuff.

Having said that, I'm not entirely sure that's true. It's a decrepit old installation so it's probably true but I'll confirm that next visit.

Also I urge caution on selection of the 8 port Unifi switches...a couple of different models, some with only pass through POE...thus limited, and the 60 watt model has some limitations. For a "core" switch (which I wager you'd want)...replacing the clients 100 meg switch...not sure how many ports you need but probably safe to start with at least the 16 port model.

If I do just the cameras, I'm looking at the US-8-150 model. That seems to have 8 PoE ports which is the minimum I'd need to power 4 cameras plus the Cloud Key.

The location of the current switch is the worst possible location (the sales area) but it would be a major undertaking to relocate to a more preferable location. My plan is to do it by stealth: set up the Cloud Key in the new location and over time move things from the old location to the new location. The old location has a 16 port switch so if I go down this road I'd want to start the new location with a 24 port gigabit PoE switch.

Another quick tip....to help performance throughout the switches, on ports where you have an AP, and on ports where you have the cameras, enable the "port isolation". Don't need LAN broadcasts and visa versa chattering up those ports and adding traffic overhead.

Port isolation, got it, thanks.

There is a emg80 in the mix, not exactly sure how that's wired in, I suspect that's what's consuming most of the 16 port switch. Also there's the question of the looming nbn changeover.

For Unifi switches, for smaller setups you can control ports individually...but as the network grows, there is a feature called Profiles that you apply to the ports, and this becomes very beneficial for configuring the switches. The Profiles are a...profile...you create, where you define the VLANs, POE settings, port isolation, Voice VLAN/LLDP if applicable, and other settings. And you can quickly apply profiles to ports.

Nice, that's something I'll have to study more...

The job could go from just getting the cameras online to rebuilding the whole network and anywhere in between. It's a conversation I'll be having with them this week...

 

[glennd]

Turns out it's a Netgear Prosafe 16 Port gigabit GS116.

We've decided to go with the UniFi US-16-150W switch and the Cloud Key Gen2 Plus in the new switch location.
Short term goal is to get the cameras running so we can monitor from a browser anywhere on the network.
Medium term goal is to start migrating from the old switch location to the new location and eventually, if necessary, move the Netgear to the new location.

 

[glennd]

Well I've installed 2 cameras with the Unifi switch and CKG2. I've connected it to my unifi.ui.com account. it all basically works except the video feeds are really flaky. always dropping out, reloading, reconnecting. I've dropped the bit rate back to 1200 but that hasn't helped at all. I'm guessing the fundamental issue is getting video out of the customers premises through a lame internet feed, around the world and back again and in to my laptop care of the same lame internet feed.

Any suggestions?