The Unifi Security Gateway (USG) from Ubiquiti has been faithfully serving my family’s home networking needs for over 4 years now. Back when I started building my DIY Home CCTV system and DIY Smart Home network, the USG was the best choice for enthusiasts who wanted to get a high performance router with a good built-in hardware firewall.
Ubiquiti has since launched the Unifi Dream Machine (UDM) range which integrate several different functions into a single device. The UDM is the baby of the range and is basically a straight replacement of a standard WiFi router like the one you get from your ISP, but with way more features that a fast and secure home network needs.
If you are considering upgrading from the USG to the UDM, this article will cover everything you need to know.
A quick note: As an Amazon Associate I earn from qualifying purchases. This post contains affiliate link(s). An affiliate link means I may earn advertising or referral fees if you make a purchase through my link, at no extra cost to you.
What is the Unifi Security Gateway
The USG was a router meant to be used together with the Unifi Controller Software and the rest of Unifi’s ecosystem to create a complete home or office network. It had features like dual WAN with failover, integrated firewall with advanced threat detection and a maximum 3 Gbps line rate.
What else would you have needed to complete your home network built around the USG? A PC or Unifi Cloud Key to run the Unifi network controller software, a Unifi managed switch, and a Wi-Fi access point. That’s how I built my home network for example.
I refer to the USG in the past tense because its no longer on sale and you could say its been superseded by the Unifi Dream Router (UDR) and the Unifi Dream Machine (UDM).
What is the Unifi Dream Machine
The Unifi Dream Machine is an all-in-one device that combines a Unifi Security Gateway (USG), a Cloud Key that hosts the Unifi Controller software, a 4-port managed Unifi switch and a Unifi Wi-Fi access point that supports Wi-Fi 5 speeds.
Differences between UDM and USG
The biggest difference between the UDM and the USG is that they are from entirely different generations and are based on entirely different philosophies to building a home network.
- The UDM is an all-in-one WiFi-router-firewall-combo but the USG is just one component of a functional network.
- The UDM is much newer and unofficially replaces the USG-based eco-system (which is efectively discontinued as they are rarely in stock even on the Unifi website).
- The UDM has much more powerful hardware than the USG: faster dual-core CPU, 4 times more RAM, and 8 times more storage on-board.
- The UDM has 10 times more data throughput with threat detection and prevention on vs. the USG (850 Mbps vs. just 85 Mbps for the USG).
- The UDM has a built-in managed 4-port switch, whereas the USG has 2 Ethernet ports that can be used as LAN.
- The UDM has a built-in WiFi Access Point (basically a NanoHD), whereas the USG doesn’t.
- The UDM has only 1 WAN port, but the USG has 2 and this theoretically enables WAN failover (but is broken in the Unifi GUI and probably will never be fixed as the USG is outdated and obsolete – see this Reddit thread for a workaround).
- The UDM supports newer VPN protocols (OpenVPN), whereas the USG does not.
Full Comparison Table – UDM vs. USG
| UDM | USG | |
|---|---|---|
| Hardware Firewall | Yes | |
| Managed Switch | Yes, non-PoE | No |
| Router | Yes | |
| Wi-Fi Access Point | Yes | No |
| Software | ||
| Built-in Controller | Embedded Unifi Network Controller | No, separate device needed |
| Intrusion Prevention System (IPS) | Yes | |
| Deep Packet Inspection (DPI) | Yes | |
| Intrusion Detection System (IDS) | Yes | |
| Honeypot | No | |
| DNS Filtering | Yes | No |
| GeoIP Filtering | Yes | |
| VLAN support | Yes | |
| Automatic QoS | Yes | |
| VPN | Teleport, VPN Server (L2TP over IPsec), Site-to-Site tunnel, VPN Client (L2TP over IPsec) | |
| NVR feature for CCTV | No | |
| Hardware | ||
| Processor | Quad-Core ARM Cortex-A57 at 1.7 GHz | Dual-Core 1 GHz, MIPS64 |
| Memory (RAM) | 2 GB DDR RAM | 512 MB DDR2 RAM |
| On-board Flash Storage / SSD | 16 GB eMMC | 2 GB |
| HDD bay | No | |
| Power Supply | AC/DC power adapter, internal, 24V | |
| Max Power Consumption | 26W | 7W |
| ESD/EMP protection | No | |
| LCM display | No | |
| LEDs | White/blue status | |
| Networking Interfaces | ||
| Dual WAN | No | Yes |
| WAN | 1x 1 Gbps RJ45 port | Of the total 3x 10/100/1000 Ethernet Ports, 2 can be configured as WAN |
| LAN | 4x 1 GbE RJ45 ports | Of the total 3x 10/100/1000 Ethernet Ports, 2 can be configured as LAN |
| PoE | No | |
| Wi-Fi built-in | 802.11 a/b/g/n/ac/ac‑wave2 | No |
| Desk-mountable | Yes | |
| Rack-mountable | No | |
| Management Interface | ||
| Ethernet | Yes | |
| Bluetooth | No | |
| External Device Support | ||
| Power Supply Redundancy and Failover | No | |
| LTE Failover Redundancy | No | |
| Performance | ||
| Throughput | Line Rate N/A DPI with IDS/IPS: 850 mbps maximum throughput | 3 Gbps (Line Rate) DPI with IDS/IPS: 85 mbps maximum throughput |
| Product Support | ||
| Warranty | 2 years when purchased from UBIQUITI’S Webstores 1 year when purchased from an authorized UBIQUITI distributor or reseller | |
Frequently Asked Questions (FAQ)
Do I need a Cloud Key to configure and manage the USG?
No, you do not need a Cloud Key. The Unifi Controller software is free and you can install it on any PC to setup the USG or any other Unifi gear. The Unifi Controller software does not need to run 24/7. It is required only for initial setup, for adjusting settings, and for maintenance updates. But you do need the software running 24/7 if you need statistics logging.
Will the USG be enough for a gigabit fibre internet connection?
As long as you don’t need the threat and intrusion detection features, the USG can easily handle a 1 gigabit internet connection. I personally have my USG handling 1 gigabit fibre Internet, a ton of VLANS and numerous firewall rules without breaking a sweat.
If you do need IDS/IPS, the USG will limit your internet connection to just 85 mbps which would be unacceptable. In that case, I recommend the UDM instead which can handle up to 850 mbps with all the security features turned on. If you have a 2 gigabit internet connection, you will need to step up to the UDM-SE or UDM-Pro.
Is the USG discontinued?
Officially it is not discontinued yet, but it is perpetually out of stock, and doesn’t seem to be getting any of the new features that the UDM series is getting. This is not suprising because the USG is outdated and obsolete. So I expect the USG to be officially discontinued in the near future.
Where to Buy
(* = affiliate link / image source: Amazon Associates Program)
Conclusion
If you are looking for an all-in-once device, the UDM is the clear choice.
However if the UDM is not powerful enough, or you need the ability to hand-pick the various components of your network, the UDM-SE or UDM-Pro is a better choice.
Let me know what you think and please feel free to ask any questions or doubts you have!
