For an office or small production-site network, picking a vendor should not be romantic. Yet it often is: some swear by Cisco, some by Mikrotik, some by Aruba, some by whatever the ISP threw in for free. For SMEs with under 200 devices, our answer is almost always the same: Ubiquiti UniFi. Here is why — without marketing fluff.
What UniFi is
UniFi is Ubiquiti's business line: managed switches, Wi-Fi 6/7 access points, gateways, cameras and intercoms, all managed by a central controller (self-hosted software or hardware appliance like Dream Machine, Cloud Gateway, UDM-Pro). The structural advantage is that ten different devices speak the same language, share the same updates, the same logs, the same troubleshooting surface.
What a standard UniFi setup gives us
- Network segmentation via VLAN: office, guests, IoT, cameras, servers. No mixed broadcast.
- Clean Wi-Fi roaming (802.11k/r/v): an employee walking between rooms does not drop a call.
- Captive portal for guests, with disclaimers and access logs compliant with Italian retention rules.
- Deep Packet Inspection to see what really flows — useful for anomalies and troubleshooting.
- Configuration backup and snapshots: a faulty device can be swapped in 5 minutes by importing the config.
When UniFi is not the right pick
We do not propose it:
- Above 300-400 active devices: the controller scales further, but above a threshold enterprise stacks (Cisco Meraki, Aruba CX) make sense for predictable support contracts.
- For complex dynamic routing (BGP, OSPF in multi-site setups): UniFi has improved, but this is not its natural ground yet.
- For environments with very strict compliance (banking, healthcare with specific obligations): better tools certified for those contexts.
Three mistakes we see in DIY UniFi setups
1. Everything on one VLAN
Printers, cameras, PCs, servers, phones: same subnet. It works, but it makes the network insecure and unreadable. The first thing we usually fix is segmentation.
2. Wi-Fi at "max power"
More power does not mean more coverage: it means more interference. With three or more APs in the same room you must lower levels and balance channels — not crank everything to max.
3. Auto-updates disabled
"To avoid having the cameras go down" is the recurring excuse. The result is firmware from 2021 with known CVEs open. Updates are scheduled, not skipped.
What it costs
For a 30-person office with 4 APs, 2 managed switches, a gateway and a controller:
- Hardware: ~€3,200-3,800
- Setup, VLAN/SSID config, documentation: ~€2,500
- Annual remote maintenance: ~€1,000-1,500
No recurring controller licences, no hidden support fees. One of the practical reasons we keep choosing it.