Hi everyone,
As always a very interesting discussion.
I’ve been a loyal NethServer user for many years and I really liked the old integration in NS7 (and previous versions), VPN’s/Firewall/Mail/Web all in one server.
I’ve been using the NethSecurity software for almost a year, and overall it’s “okay”.
WAN fall-over recovery is still a bit hit and miss, especially with 4G modems. OpenVPN works well, CrowdSec causes me quite a bit of grief as many NZ sites get blacklisted, so I have to run it in a very dumb down way (and white list a lot of sites). I really miss my fail2ban.
Andy was nice enough to chat to me regarding his setup at 1am in the morning (his time) and show me his setup via AnyDesk .Overall I was very impressed at how unifi has become an enterprise ready product. One of the biggest issues I have is the NethSecurity AD paid integration. As this is in euros, it’s actually cheaper for me to move to a unifi gateway controller/cloud gateway configuration than pay a yearly subscription for the open source NethSecurity. I can purchase a new Ubiquiti UDM-Pro 1U Rackmount 10Gbps UniFi Multi-Application System for the same price as the hardware cost and one year license of NethSecurity, and then the cloud gateways are priced at around half the cost of the yearly subscription (and I don’t have to spend four hours setting up each box, with VPN tunnels/manually adding VPN users etc).
A big plus with unifi is that everything meshes (as Andy demonstrated with his setup) and central control of multiple locations is really simple. I know unifi are the big boys, but as they don’t charge for AD integration on a yearly subscription, it’s actually more reliable,easier for users, and cheaper for me to move away from NethSecurity (plus I get real time network traffic monitoring/device status). I’ll still keep an eye out to see where NethSecurity ends up, but right now it’s no longer a “good” solution for the businesses I look after.
Have a great day and thanks for reading 
Another over fifty IT geek.
