We are looking at upgrading our network equipment from old HP switches and Aruba access points, we have a Fortinet firewall that we are happy with, so we’ll probably keep using them there, but for the rest we are looking for new stuff.
And we are looking closely at Ubiquiti for switches and APs, but two things have appeared on our radar.
Ubiquiti does have a cloud admin UI, this means that Ubiquiti needs to have access to our network controller to access this feature.
But what if we don’t use that, will Ubiquiti still be able to access the network controller?
I guess that what I am asking is how does the access control work?
Also, updates, I see that they seem to be very frequent and also see some scattered reports that they have required admins to reset their configs and loosing camera footage, can you set updates to be delayed for X days?
Just note, this is the extreme interpretation of software in general (“if you don’t compile the compiler by hand it could insert a back door!”)
For the purpose of your question, as others have stated you can run things isolated on your network with local accounts and not use their remote services (incidentally that’s how I run it)
deleted by creator
That is a very idealistic way of looking at the issue, and I am very impressed if you have the skill and time to maintain your computer systems completely free from proprietary software.
However, we do neither have the skill not the resources to follow that path, so while I agree with you on principle, reality does make those principles impossible for us to work under.
deleted by creator
I am sorry but this is an argument on par with a 5 year old saying “my dad can beat up your dad!”
I am glad that you have an environment that works for you, but unless you yourself maintain it to the standard you set earlier, I find it difficult to take you seriously.
deleted by creator
Didn’t you say that everyone should only run software that they have access to the source?
This is litterarly what you sat on your high horse and yelled out that people should do, yet you decide that you don’t.
Not really consistent.
deleted by creator
Wow, this conversation has really shifted from a sysadmin question to an ideological discussion.
As an IT professional, I have to say that I believe that you have a highly unrealistic view of the world, not everything can be about supporting open source, most of the time you gotta be rational and select the best tool for the job and move on.
I am curious how far you take that. Do you compile your own compiler? Do you have an open BIOS that you can truly audit. Do you know about every piece of firmware on your system and have you been able to audit that code too? Hell, let’s take it to its logical conclusion, how do you know nothing is actually embedded in the silicon? All of that could be malware and do every single thing you mentioned. At some point you either have to trust something (but who do you trust) or build it all yourself from scratch.
deleted by creator