×
all 68 comments

[–]itguy9013 21 points22 points  (5 children)

Let's take a step back for a minute.

Have you planned out how much coverage you need? Do you have an approved budget for this yet?

Until you have an idea what your trying to accomplish, don't get hung up on pricing. Yes, Cisco is expensive. But Fortinet is the other end of the spectrum and, like many Fortinet products, the product is half baked. Also worth mentioning if your buying a large amount of hardware, you'll probably get some form of a discount from list pricing.

Come up with a plan and see how much budget you have to play with, then start looking at Hardware.

[–]Skilldiboprfc9000 - Bitchslap over IP 7 points8 points  (4 children)

First rule of enterprise grade stuff. No one pays list price. No one pays close to list price.

[–]TentCityUSA 4 points5 points  (2 children)

List price is for budgeting.

[–]Skilldiboprfc9000 - Bitchslap over IP 1 point2 points  (0 children)

Not even for that. You can ask for a budgetary quote. List prices are usually so far off if you budget on those you risk not getting that budget item approved, your costs will be so out of whack. Remember someone has to do a business case which means demonstration value or ROI on that budget figure.

[–]Poulito 0 points1 point  (0 children)

List price should cover product, pro services to configure, and patch cables plus a little contingency.

[–]heathenyak 5 points6 points  (0 children)

If you’re not getting at least 42% off list price get another quote

[–]cr0ft 6 points7 points  (2 children)

Really good AP's like Ruckus will set you back several hundred. If you want the really good stuff that's multiple MIMO and massive throughput you pay even more. Then you need a controller, like a Virtual Smartzone and they do charge for licenses per 5 AP's or some such.

The difference is of course that now we're talking about high quality hardware with all kinds of integrated management etc that sets up a great wifi solution that covers the building.

So yeah, quality gear costs a little, but we're also talking about stuff that is easy to manage and performs and will have no problems talking to just about anything that can do wifi.

Of course there are cheapos. For instance, you could just go with cloud-managed AP's, something like https://openmesh.com for instance; $100-ish bucks per AP and then managing them through the cloud. But the quality just isn't the same as a true premium wifi solution like Ruckus.

You do get what you pay for. Same thing with anything IT related, sure you can buy some entry-level unmanaged shit switches and pay for that with issues and problems, or you can buy high-quality stuff that costs more up front but works.

[–]mavaf3f 4 points5 points  (0 children)

+1 to Ruckus.. once we discovered and tried this vendor we don't deploy anything else for business customers.. even for smaller one the 'Unleashed' version up to 25 APs is superb and still can compete with cheaper devices..

btw this was the first wifi when I felt like being on a cable..

[–]jwBTC 0 points1 point  (0 children)

Yeah if OP is considering Ubiquiti then he might as well look at OpenMesh, it's a bit better on the cloud controller part.

A hotel I know just put in a bunch of these and seems very happy:

https://store.openmesh.com/products/a42-universal-802-11ac-wave-2-cloud-managed-wifi-access-point.html

[–]NoPetPigsAllowed 31 points32 points  (27 children)

Unifi devices from Ubiquiti (ubnt.com); they are both amazing and inexpensive.

[–]thinkbrownOperations Engineer 26 points27 points  (26 children)

But distinctly not enterprise grade. Small business, prosumer, sure. They don't scale to hundreds or thousands of APs

EDIT: not sure any system scales to hundreds OF thousands of APs, but systems do scale to hundreds OR thousands :)

[–]g-a-c 11 points12 points  (3 children)

It's not 100% clear what OP's current situation is from their opening sentence - they seem to refer to a single Cisco AP covering multiple meeting rooms, and presumably no wifi anywhere else in the building. I don't think they're particularly interested in scaling to hundreds of thousands (probably not even hundreds or thousands) in this first rollout? I would absolutely be looking at Ubiquiti at least as a starting point, and only discounting it when it proved itself to be no good.

[–]Duerogue[S] 0 points1 point  (2 children)

This is absolutely a good point.

We're before the budgeting, where I'm estimating the ballpark rather than the general pricing. We're not speaking of hundreds or thousands, but we're surely in the tens. Took a look at Unifi and it sure looks fancy and cheap(er), I'm still not exactly sold out on their management protocol.

We're definitely in the SMB cathegory, still the "less than 10 AP" from /u/tdk_12 is not exactly reassuring

[–]1karmik1CCNA Security 0 points1 point  (0 children)

Some Cisco APs get up to 600. Controllers are in the multiple thousands. Some large scale controllers can be 10-15k.

The short answer is: yes, this is the market. I worked at a Cisco partner in Italy and selling this kind of gear to small and medium businesses was a non starter. You are not missing anything.

You might find ways to skimp and get not-quite-enterprisey gear (UBNT is a good middle of the road for tiny offices).

I currently need to support floors with 400-500 people on them, multiple floors to an office. The amount of money we'd lose due to bad wifi vastly _vastly_ outweight the literal chump-change those 20k-30k are for regular western middle enterprises.

Southern Europe / Old soviet block countries especially in the euro zone get the short end of the stick because cost of living and general IT expense are a fraction of what they are in US/UK.

You are mostly not the target market. I was you 3 years ago. It sucks.

[–]vladbypass 0 points1 point  (0 children)

Looked at Meraki? Still Cisco, still really good tech but cheaper and a lot easier to manage.

[–]LeanBreeze 3 points4 points  (4 children)

On the same token, there is a large gap in the business market between SMB and true enterprise. Ubiquiti scales well up to about 30 APs on a site but past that it's recommended to get a WLC-box.

[–]evilgentooCISSP 0 points1 point  (3 children)

So what happens after the 30 APs that makes it unworkable? We have 30 deployed now so I'm wondering what kind of trouble I'm in for.

[–]jimboniCCNP 1 point2 points  (1 child)

No seamless roaming, lots of co-channel interference, no dynamic channel or power level management, no single-pane of glass, hard to manage, no clean client hand-offs, no rogue detection and mitigation, etc.

[–]c0reM 1 point2 points  (0 children)

Everything you mentioned is available within the UniFi AP lineup, most of it on every model such as 802.11r, band steering, rogue detection, dynamic channel and power selection. Not to mention UniFi is famous for their ease of management through a single pane of glass.

I agree that the most popular UniFi models are not "true" enterprise APs but their model lineup has likely expanded significantly since you last looked with the AC-HD and AC-SHD which are designed specifically for enterprise at a higher price point.

[–]LeanBreeze 0 points1 point  (0 children)

There isn't a hard limit to Unifi but a general rule of thumb, I've deployed close to 150 APs (Across multiple sites) on a single Unifi instance.

It more depends on what is considered absolutely essential. Do you need 802.11r handoff between devices or is this a vanilla office environment where people mainly sit at desks?

[–]technolojeeesus 15 points16 points  (15 children)

You can tell when someone has 0 experience in environments with serious user density that requires functioning 802.11r because they recommend Unifi.

[–]tdk_12 9 points10 points  (8 children)

This. People recommending Ubiquiti are truly SMB (less than 10 APs). I've yet to see a Ubiquiti deployment with more than 10 APs that actually performs well. Great product for residential and very small businesses.

[–]m16gunslinger77 3 points4 points  (4 children)

I have over 60 APs across 30 sites, one Unifi controller, no issues...

[–]jwBTC 2 points3 points  (3 children)

Average of 2 WAPs per site, sounds like it would work! Ubnt just doesn't have auto channel planning or very good roaming... So if you get a bunch in one building it can be a PITA.

[–]m16gunslinger77 1 point2 points  (2 children)

we have some sites with 6 APs, no issues roaming building to building or interference

[–]tdk_12 0 points1 point  (1 child)

Here's an example. My local YMCA has Ubiquiti. Around 20 APs. All works fine during the day when not many people are using it. However, when it gets crowded connections start to drop and it becomes unusable.

[–]m16gunslinger77 1 point2 points  (0 children)

That sounds like poor implementation rather than system capabilities. I've had over 300 devices spread across 3 APs in our main building and had 0 issues. Both guest and corporate services during big meetings and conferences. If they have 20 APs and have that kind of issue it sounds like they have either configuration/backplane issues or they haven't tuned the signal strength of the APs properly to prevent massive overlap. In any wireless environment when you start getting AP density you have to consider the coverage maps and coverage overlaps of APs, you can't just slap a bunch of APs in the building and hope it works with any deployment.

[–]meandyourmom 5 points6 points  (1 child)

I've yet to see a Ubiquiti deployment with more than 10 APs

I have

that actually performs well.

Oh. Yah not so much.

[–]nstalker91 1 point2 points  (0 children)

I have one that's a little more then 10 aps. But they don't need anything super fancy beyond a guest and internal voan setup. Works just as expected. But I couldn't imagine handle super heavy loads with them.

[–]myeyestheyburn 1 point2 points  (0 children)

I've got two sites with 20 and 32 APs that both perform very well. Peak users are 200 and 300+. I also have another smaller location that has 8 APs that sees peak users of about 500 during auctions. Controller definitely needs more intelligence (i.e. data plane), but with proper planning Unifi can scale. My residence has 11 APs - 3 outside and 8 inside (UAP-AC-IW-Pro in every room), with average of 65 connected devices... most are low usage, but my wife does sit on video conference on the wi-fi all day and never sees issues.

[–]thinkbrownOperations Engineer 3 points4 points  (5 children)

Yeah. I've done both Ubiquiti and Aruba deploys (and once looked very intensely at a Juniper WLC in a rack). Ubiquiti is absolutely fantastic stuff for the money and I've used it in tons of residential installs. But I would never recommend it over something controller based if a client needed more than a handful of APs

[–]mattsl 1 point2 points  (4 children)

What's wrong with the Ubiquiti controller?

[–]thinkbrownOperations Engineer 4 points5 points  (3 children)

It's a controller in name only. The Unifi controller basically provides logging and configuration management only. When I talk about a wireless controller, I mean something that functions on the data plane.

An Aruba access point (what I'm most familiar with) in most scenarios might as well be thought of as an antenna on a very long cable. The actual access point does virtually nothing other than physically put datagrams on the air. All authentication, switching, configuration, and management is done on the controller. It does this by building a tunnel back to the controller and then piping all client data through that. No client data actually ends up switched on the switch the AP is connected to. This is not how a Unifi AP works.

This architecture allows for far more effective radio management (channel selection, autopower, etc), as well as enabling features like 802.11r and 802.11k (which are essential in client dense environments)

A good brief on wireless architectures: http://securityuncorked.com/2011/11/the-4-wireless-controller-architectures-you-need-to-know/

[–]mattsl 1 point2 points  (0 children)

Great info. Thanks.

[–]millijuna 0 points1 point  (1 child)

This is precisely why I retired my UBNT setup and switched to a (used) Cisco WLC system. I run a small campus network (20 buildings, 24APs) and when I was running UBNT, I was forced to run campus-wide WLANs to support roaming. After moving to the Cisco gear, I could run L3 between buildings, and the only campus-wide VLAN I have left is the one I use for RSPAN.

The other win was that it let me upgrade to dual-band 802.11n APs with 802.11af PoE (which is all I need given our satellite connection), for $25 each. Much cheaper than new UBNT.

[–]thinkbrownOperations Engineer 0 points1 point  (0 children)

Yeah, that's one part I didn't even get to. Having the APs running on L3 instead of having to trunk around a single VLAN is a lifesaver in bigger deployments. Then there's all the multicast to unicast voodoo that modern wireless systems can do, which makes it possible to put thousands of users in the same subnet (again, to make roaming work) without strangling everyone with multicast traffic.

[–]demonfurbie 0 points1 point  (0 children)

they do have some higher end access points that are good if your on a really tight budget like the op.

I would not use anything smaller than the UAP‑AC‑SHD

[–]anothermsp 4 points5 points  (2 children)

Ruckus r510 strategically placed tend to do a pretty good job. They're about $500 USD a piece but annual licensing is very low cost.

[–]Duerogue[S] 0 points1 point  (1 child)

Just googled, I'm starting to think the EU prices are off the scale.. The R510 goes for 670€...that's 800 bucks after taxes.

Just to clarify..I'm absolutely not against paying for quality. I'm confused by the price ratio between small-medium-business and enterprise. Didn't expect the price to quadruple

[–]anothermsp 2 points3 points  (0 children)

Don't buy them at MSRP, buy them from a reseller and get them for a better price. For example our cost is in the $380 USD range when we buy enough at once and we sell them for $450-500 (despite MSRP of $675) to our clients and that is for the US version.

The worldwide version is even cheaper than the US version from what I'm told.

[–]StopHoneyDickingMe 10 points11 points  (5 children)

Aruba IAPs are affordable, easily scalable, and amazingly reliable. I've never had a better roaming experience.

[–]bretfred 2 points3 points  (0 children)

This no need for a controller. Work really well and have the features 90% of installs are going to need. We had these at buildings with more than 30 APs were rock solid never had to touch them besides for an occasional firmware update.

[–]Skilldiboprfc9000 - Bitchslap over IP 1 point2 points  (3 children)

Their support is god awful though. Aruba is the only system where they sent us a broken POC. We had them send us 6 APs to set up a POC for a much larger order of hundreds. 3 out of the 6 APs were broken. As in wouldn't boot/post broken. It took several weeks to get them to agree to ship working ones and in the end we sent it back and told them not to bother. If thats how they treat potential customers, how few shits will they give after they have the money?

Possibly the worst presales experience I have ever experienced.

[–]Lets_Be_Badguys 1 point2 points  (0 children)

In my experience I've found that Aruba is one company where working with a high caliber VAR really makes all the difference in the world. I've held this opinion before HPE, and it still stands.

[–]ktechnician 0 points1 point  (1 child)

That sucks. We're testing out Airwave with about 10 APs and our VAR and the Aruba rep they hooked us up with have been fantastic.

HPE support is God awful though. We had a core switch blow on a Friday night and HPE literally told us that customer service / TS was closed that weekend as they upgraded their systems. This was for one of their rebranded 3COM shits.

I've had better support with the Aruba and Nimble branded stuff, but I'm guessing they haven't integrated their support structures yet. That will be a sad day.

[–]Skilldiboprfc9000 - Bitchslap over IP 0 points1 point  (0 children)

This was back before Dell sold them on to HP.

[–]Poulito 2 points3 points  (3 children)

I think you need a consultant to come in, do a predictive heat map, do some testing, and go from there. Spitballing is not a good technique for AP placement.

It can be expensive, but it can be a problem when the CEO decides to switch his cell over to WiFi calling and then attempts to roam about the building and is not getting a good seamless handoff.

Cisco and Ruckus also have a ‘controller-less’ option: mobility express, and unleashed. Also? Meraki may fit the bill too - easy to manage, but fewer features and eternal maintenance costs. Without knowing your current setup, however, it is hard to recommend any solution. How big is the building, and how is the network topology laid out? Am I crossing L3 boundaries with AP placement? Is there in fact a requirement for VoIP over WiFi? So it comes back to getting a consultant (or 3) in to recommend a solution.

[–]Duerogue[S] 0 points1 point  (2 children)

I'm not spitballing (wut?), it was a "Fermi estimation" on my side..I wanted to be sure if we're speaking tens or hundreds. Luckily we're definitely on the former, still didn't expect the pricing in comparison to similar products (I'm talking Cisco to Cisco, not Cisco to D-Link)

[–]Poulito 0 points1 point  (0 children)

If it is Cisco to Cisco, all that changed was the controller and AP licenses for the controller. If you’re on 10’s, then probably a 3504 and licensing. Use the same Cisco APs that you already have and convert from autonomous to capwap. Any of their Aironet (unless they’re years and years old) should link up to the 3504. Unless you’re talking small business Cisco - the stuff that said ‘ljnksys by Cisco’ a while back.

[–]Poulito 0 points1 point  (0 children)

Btw, spitballing is a reasonable estimate, but not highly accurate. Chew up a small piece of paper, and use it as a projectile in a straw ‘blow gun’. Fun and will land in he ball-park, but not precise.

[–]zWeaponsMasterBCP-38, all the cool kids do it. 2 points3 points  (2 children)

Ok, so what are your requirements? How much space do you need to cover? How many devices do you need to support? Before you go looking at products you need to answer these questions. Also, what are your scalability concerns? While not the most fun, if your WiFi deployment is mostly static then running 20-50 standalone APs is doable. More than that, or if you are doing dynamic things then I would definitely go the controller route.

But for a modern enterprise WiFi deployments of ~20 APs and a controller, 30K is not abnormal and probably on the low side. While I haven't used FortiAPs I'm not sure I would recommend them simply because Fortinet is a security company, not a wireless company, and from experience I've seen enough vendors try to step into WiFi for the sole purpose of widening their potential market space to just take a pass.

[–]Duerogue[S] -1 points0 points  (1 child)

I took a look at FortiAP because coming from Juniper I was blown away from the performance of the Fortigate, so we already have it as core router. My point was, we could just upgrade that... 650€/AP from a complete newcomer on the field sounds kind of banana to me. I'm just doing a sanity check

[–]zWeaponsMasterBCP-38, all the cool kids do it. 2 points3 points  (0 children)

For a full featured AP, that is not an unheard of price. I prefer Ruckus and their APs were ~$800 MSRP at the time.

[–]SynapticStaticIt's never the network. 1 point2 points  (0 children)

You know. It's all a matter of perspective. If you've got a SMB, and you only want ~10 APs, does it make sense to go with a more expensive enterprise solution? No, not really. The licensing alone is pretty brutal.

But for a larger one (like my org), when you're going to disperse 2000+ APs across 10+ sites, and you've got a budget in the millions? Well, you want some PROVEN tech. Not some hand-crafted stuff that's 1/10th the price but only you and the other dude who practically invented the solution on-the-fly can manage.

What's your budget? How many devices do you need to support over what area? What kind of traffic are they generating? What's their tolerance to low signal? Have you done any wifi surveys to find out what density you might need?

I kinda feel like you're going about this backwards. Don't start with price and make capacity plans there. Figure out what you need, and what gear fits your need best. Yes, Cisco is going to be an arm and a leg. But, to be brutally honest, it Just Workstm.

You really need to forget about the pricing. It's not necessarily our job in IT to decide how to spend money in an org. Not our job to cut corners. You need to come up with a good, solid plan with reliable tech and hand it to the C*Os so they can decide that $xxk for a license is too expensive. Let them do their job, let us do ours.

[–]kyle0541 1 point2 points  (2 children)

I would recommend looking at Meraki, which is owned by Cisco. They are much cheaper than regular Cisco APs, super easy to setup, and don't require a wireless controller. They connect to the Meraki cloud for their controller. You can use a web GUI, or an API to configure the APs.

I think they scale well too, because you can create templates with all the settings you want. When you need more APs, you can just buy the AP(s) and apply the template. The APs will automatically configure themselves based on the settings in the template.

Here's a link to Meraki's website: https://meraki.cisco.com/products/wireless/

[–]bp3959 -1 points0 points  (1 child)

[–]jwBTC 1 point2 points  (0 children)

2011 is looooong time ago in wifi! Those are all 802.11N, things have changed a lot by now with AC.

[–]GoBenB 1 point2 points  (0 children)

As others have said, check out Aruba. Either controller or controller-less. Good quality and the licensing isn’t too crazy. Also, no need for consultants - buy a couple and add as necessary.

I went with a controller and cover about 60k sq feet with 5 APs. All in was about $7k.

[–]GinntonnixCWNE ACDX 2 points3 points  (0 children)

Look at the Aruba Instant product if you need wireless coverage. You'll have most of the features of a controller based system without the additional costs of the controller and controller licensing. The 303 or 305 is a good cost effective starting point for 802.11ac and you can expect significant discounts off of list price.

[–]holysirsaladcommit confirmed 0 points1 point  (0 children)

Like everything in networking there is a HUGE difference depending on the scope of what you are doing. A Juniper MX960 is a great box but not if you just need an SRX. If you need scalability and density that's where enterprise-grade WiFi really pays off. If you don't, you can get away with lower-end solutions that are less sophisticated and much less expensive.

We're big into Ruckus and have a bunch of customers with only one or two APs. Our own offices generally get one or two APs per building. Most of the internal models are R500, R710, and we have some old T300s that still work great. Control plane is their Virtual SmartZone product which just runs as a VM. I think it was about $1000 and included 5 AP licenses, additional licenses on the scale of $100 or something like that (and are perpetual, support is always extra). I would never want to return to a controller that lives on actual hardware, and certainly not integrated with anything.

Other customers we'll put in Calix gear or Cambium WiFi stuff (on par with Ubiquiti).

So it really depends on what you need.

[–]extremenetworks 0 points1 point  (0 children)

Get Ekahau! Do a sight survey. Do NOT try to willy-nilly pick access point locations without appropriate data!

[–]tepir 0 points1 point  (5 children)

I have been implementing large cisco wi-fi deployments for the last year. They are crazy expensive. You're ultimately paying for the brand name and the support that goes with it. If you don't have deep pockets I would recommend researching the alternatives others are posting.

[–]Duerogue[S] -1 points0 points  (4 children)

Funny part is, each time somebody suggests something, somebody else has an explicit warning against the brand.

As of now, Ubiquiti seems the only SMB competitor with an aggressive pricing, and there's a whole thread going up here on how I should really let them go..

My impression? Beside Cisco there's still no real "name" in the industry, they've been doing this for so long everybody else is a newcomer

[–]PostIronicTransHuman 5 points6 points  (0 children)

No other name besides Cisco in... Wireless?

Lol... Never heard of Ruckus or Aruba?

[–]bp3959 0 points1 point  (0 children)

Ruckus is a well known name for wifi, they're not cheap but one can handle what it'd take several Ubiquiti APs to do.

Comparison+benchmarks w/interference https://www.tomshardware.com/reviews/wi-fi-performance,2985-8.html

Benchmarks with over 60 clients per AP https://www.tomshardware.com/reviews/wi-fi-performance,2985-13.html

[–]jwBTC 0 points1 point  (0 children)

As of now, Ubiquiti seems the only SMB competitor with an aggressive pricing, and there's a whole thread going up here on how I should really let them go..

See OpenMesh for a Ubiquiti price but a slightly better product for management...

[–]IDDQD-IDKFAhigher ed cisco aruba nac -1 points0 points  (0 children)

Cisco was left behind a while ago by Meraki and Aruba and Ruckus. That's why they bought Meraki in the first place.

[–]aamurad -4 points-3 points  (0 children)

Draytek is worth taking a look at, pretty much same set up as Fortigate in terms of built in controller, and captive portal, but cheaper APs.

But at the end of day, enterprise level kit costs money, and the CAPEX is high, but works out cost effective in the long run, and does the job, if your not willing to spend, don’t insist on have ‘enterprise’.