We are looking at upgrading our network equipment from old HP switches and Aruba access points, we have a Fortinet firewall that we are happy with, so we’ll probably keep using them there, but for the rest we are looking for new stuff.
And we are looking closely at Ubiquiti for switches and APs, but two things have appeared on our radar.
Ubiquiti does have a cloud admin UI, this means that Ubiquiti needs to have access to our network controller to access this feature.
But what if we don’t use that, will Ubiquiti still be able to access the network controller?
I guess that what I am asking is how does the access control work?
Also, updates, I see that they seem to be very frequent and also see some scattered reports that they have required admins to reset their configs and loosing camera footage, can you set updates to be delayed for X days?
I am curious how far you take that. Do you compile your own compiler? Do you have an open BIOS that you can truly audit. Do you know about every piece of firmware on your system and have you been able to audit that code too? Hell, let’s take it to its logical conclusion, how do you know nothing is actually embedded in the silicon? All of that could be malware and do every single thing you mentioned. At some point you either have to trust something (but who do you trust) or build it all yourself from scratch.
Well my husband bought me a T500 which has libreboot installed along with Debian. He deals with that sort of stuff