Unifi Cloud Gateway Max Review scaled

Any links to online stores should be assumed to be affiliates. The company or PR agency provides all or most review samples. They have no control over my content, and I provide my honest opinion.

The Unifi Cloud Gateway Max (UCG-Max) is Ubiquiti’s latest addition to their networking lineup, offering a compact and powerful solution for small to medium-sized networks. This review focuses on the UCG-Max-NS model, which comes without an NVMe drive and retails for £190.

In the past, I have reviewed the Unifi 6 Lite, UniFi 6 Long Range and Unifi U7 Pro, but I have never fully committed to Unifi as I have always had access to plenty of other hardware. However, I recently started work as an L3 support technician for an MSP, and they use Unifi for their clients, so I figured it was a good excuse to migrate the core components of my network to Unifi.

Related Reviews

Specification

CategoryCloud Gateway MaxCloud Gateway UltraDream Machine Pro
Mechanical
Dimensions141.8 x 127.6 x 30 mm (5.6 x 5 x 1.2″)141.8 x 127.6 x 30 mm (5.6 x 5 x 1.2″)442.4 x 43.7 x 285.6 mm (17.4 x 1.7 x 11.2″)
Weight460 g (1 lb)520 g (1.1 lb)3.9 kg (8.6 lb)
Enclosure materialPolycarbonatePolycarbonateAluminium CNC, SGCC steel
Mount materialSGCC steel
Hardware
ProcessorQuad-core ARM® Cortex®-A53 at 1.5 GHzQuad-core ARM® Cortex®-A53 at 1.5 GHzQuad-core ARM® Cortex®-A57 at 1.7 GHz
System memory3 GB DDR43 GB DDR44 GB DDR4
On-board storageSelectable NVMe SSD up to 2 TB16 GB eMMC16 GB eMMC
Management interfaceEthernet, BluetoothEthernet, BluetoothEthernet, Bluetooth
Networking interfaceLAN: (4) 1/2.5 GbE RJ45 portsLAN: (4) GbE RJ45 portsLAN: (8) GbE RJ45 ports, (1) 10G SFP+ port
WAN: (1) 1/2.5 GbE RJ45 portWAN: (1) 1/2.5 GbE RJ45 portWAN: (1) GbE RJ45 port, (1) 10G SFP+ port
IDS/IPS throughput1.5 Gbps*1 Gbps*3.5 Gbps*
*Measured with iPerf3 on a DHCP network. Performance may be reduced with PPPoE depending on ISP implementation.*Measured with iPerf3 on a DHCP network. Performance may be reduced with PPPoE depending on ISP implementation.*Measured with iPerf3 on a DHCP network. Performance may be reduced with PPPoE depending on ISP implementation.
Power methodUSB type C (5V DC/5A)USB type C (5V DC/3A)(1) Universal AC input, 100—240V AC, 50/60 Hz, (1) USP-RPS DC input
Supported voltage range100–240V AC100–240V AC100—240V AC
Max. power consumption16.1W6.2W33W
ESD/EMP protectionAir: ± 15kV, contact: ± 8kV
LCM display0.96″ status display0.96″ status display(1) 1.3″ touchscreen
ButtonFactory resetFactory resetFactory reset
Ambient operating temperature-10 to 40° C (14 to 104° F)-10 to 40° C (14 to 104° F)-10° to 40° C (14° to 104° F)
Ambient operating humidity5 to 95% noncondensing5 to 95% noncondensing5 to 95% noncondensing
CertificationsCE, FCC, ICCE, FCC, ICCE, FCC, IC
Gateway Features
PerformanceRedundant WAN with failover and load balancingRedundant WAN with failover and load balancingRedundant WAN with failover and load balancing
WiFi QoS with UniFi APsWiFi QoS with UniFi APsWiFi QoS with UniFi APs
Application, domain, and country-based QoSApplication, domain, and country-based QoSApplication, domain, and country-based QoS
Application and device type identificationApplication and device type identificationApplication and device type identification
Additional internet failover with LTE BackupAdditional internet failover with LTE BackupAdditional internet failover with LTE Backup
Internet quality and outage reportingInternet quality and outage reportingInternet quality and outage reporting
Next-generation securityApplication-aware firewall rulesApplication-aware firewall rulesApplication-aware firewall rules
Signature-based IPS/IDS threat detectionSignature-based IPS/IDS threat detectionSignature-based IPS/IDS threat detection
Content, country, domain, and ad filteringContent, country, domain, and ad filteringContent, country, domain, and ad filtering
VLAN/subnet-based traffic segmentationVLAN/subnet-based traffic segmentationVLAN/subnet-based traffic segmentation
Full stateful firewallFull stateful firewallFull stateful firewall
Advanced networkingLicense-free SD-WANLicense-free SD-WANLicense-free SD-WAN
WireGuard, L2TP and OpenVPN serverWireGuard, L2TP and OpenVPN serverWireGuard, L2TP and OpenVPN server
OpenVPN clientOpenVPN clientOpenVPN client
OpenVPN and IPsec site-to-site VPNOpenVPN and IPsec site-to-site VPNOpenVPN and IPsec site-to-site VPN
One-click Teleport and Identity VPNOne-click Teleport and Identity VPNOne-click Teleport and Identity VPN
Policy-based WAN and VPN routingPolicy-based WAN and VPN routingPolicy-based WAN and VPN routing
DHCP relayDHCP relayDHCP relay
Customizable DHCP serverCustomizable DHCP serverCustomizable DHCP server
IGMP proxyIGMP proxyIGMP proxy
IPv6 ISP supportIPv6 ISP supportIPv6 ISP support
LEDs
EthernetGreen: link/activityGreen: link/activityLink/activity: Green: 1G, Amber: 10/100M
SFP+: Link/activity: White: 10G, Green: 1G
HDD: White: disk activity, Amber: disk error
RPS: Blue: ready
Application Requirements
Mobile appUniFi iOS™ and Android™: Version 10.17.2 and laterUniFi iOS™: Version 10.12.0 and later, UniFi Android™: Version 10.11.2 and later

Features

Compact 2.5G Cloud Gateway with 30+ UniFi devices / 300+ client support, 1.5 Gbps IPS routing, and selectable NVR storage.

  • Includes full UniFi application suite for device management
  • Manages 30+ UniFi devices and 300+ clients
  • 1.5 Gbps routing with IDS/IPS
  • Multi-WAN load balancing
  • Selectable NVMe SSD storage up to 2 TB for NVR
  • 0.96″ LCM status display
  • USB-C powered (adapter included)

Unboxing / Design

Unifi Cloud Gateway Max Unboxing Front

The UCG-Max-NS sports a sleek, minimalist design that’s become synonymous with Ubiquiti products. Its polycarbonate enclosure feels sturdy and well-built despite its lightweight nature. The device’s small footprint makes it ideal for desk placement or wall mounting in space-constrained environments.

There are potentially some issues with the polycarbonate body; it doesn’t have much in the way of venting for airflow, just some slots on its base. There have been reports of this running very hot, so this sleek, minimalist design is possibly having a negative impact on the performance or longevity of the gateway.

There has been some controversy with the UCG-Max-NS as it comes without an NVMe drive at a considerably lower price than the other models, but it turns out that you need a proprietary tray to mount a drive, and this is not supplied with one. Ubiquiti will kindly sell you a tray for £18.42 + £10 shipping but it is not available until the end of September. I have seen on Reddit that a daring person hacked open his UCG-Max-NS to install a drive, which is a bit of an extreme solution. I’d expect we will see people 3D print and sell them on eBay for a much lower price than Ubiquiti sells them for.

The front of the device features a 0.96″ status display, providing at-a-glance information about the gateway’s operation. This small screen is a welcome addition, allowing quick checks without needing to access the management interface.

Unifi Cloud Gateway Max Unboxing ports and USB C

On the rear, you’ll find the device’s ports: four 2.5 GbE LAN ports, one 2.5 GbE WAN port, and a USB-C power input. The port layout is logical and well-spaced, making cable management straightforward.

Unifi Cloud Gateway Max Unboxing Side with NVME cage

One potential drawback is the lack of a dedicated power button. The device powers on as soon as it’s plugged in, which might not suit all users’ preferences, though it is quite common for networking equipment.

I am a big fan of Ubiquiti, and I use USB-C for power. I haven’t tested this with third-party adaptors, but it gives me the flexibility to power multiple devices with one USB-C power adaptor. I am also a nightmare for mixing power adaptors up and losing them, which is not much of a problem with this.

Set Up

Setting up the UCG-Max-NS is a straightforward process, especially for those familiar with Ubiquiti’s ecosystem. The device can be adopted and managed through the UniFi Network application, available as a web-based interface or mobile app.

To begin, you’ll need to connect the gateway to your network and power it on. The OS allows you to install the various UniFi OS features, so you’ll want to install the Network feature, but you can optionally install Protect (for cameras), Access, Talk, and Connect, which is the modern Enterprise of Things platform.

For newcomers to UniFi, there might be a slight learning curve. However, the interface is generally intuitive, and Ubiquiti provides ample documentation to help users get started.

Adopting Unifi Devices

If you already have other UniFi devices, the UCG-Max-NS integrates seamlessly into your existing network. Adopting devices such as access points, switches, or cameras is as simple as a few clicks within the UniFi controller interface. The controller automatically detects compatible devices on your network, allowing you to adopt and configure them without needing to manually input IP addresses or other settings.

For those new to UniFi, this ease of adoption is one of the platform’s biggest advantages, reducing the time and effort required to set up and maintain a network.

For this review, I bought the USW Pro Max 16, which I will be reviewing at a later date and adopted the U6 Lite and U7 Pro, which I have previously reviewed.

UniFi OS UI and Features

The UniFi Network Controller software provides a comprehensive and user-friendly interface for managing the UCG-Max-NS and the entire UniFi network. The dashboard offers a clear overview of network status, including connected devices, internet health, and security events.

Dashboard

The dashboard of the UniFi OS offers a comprehensive snapshot of your network. You can quickly see the status of your WAN connections, any connected UniFi devices, traffic and WiFi data.

Traffic Identification / Insights

One of the standout features of the UCG-Max-NS is its traffic identification capability. The device can categorise traffic by application and device type, giving you a detailed understanding of how your network is being used. This can be particularly useful for identifying bandwidth hogs or detecting unusual activity.

From this page, you can block apps which send you to the traffic and firewall rule sections.

Topology

The Topology view is another useful feature, offering a visual representation of your network’s structure. This can help you quickly identify issues such as bottlenecks or misconfigurations.

In my case, it doesn’t work perfectly, as I have a mixture of networking hardware, and the device identification wasn’t always accurate. If you are using a mix of networking brands, then you need to make sure to enable viewing of client devices.

Manually naming devices neatened things up a bit. However, it is much better than topology options from Zyxel and EnGenius by far because they wall off most of the features in a subscription. It also performed better than Domotz’s automated network mapping tool which I was trying out to plan my network better now I am migrating to Unifi.

Most people probably don’t need a topology, but for larger networks, this feature has become indispensable for maintaining an organised and efficient network. My network isn’t massive, but there are around 90 devices on it, and it is a mess of a network, so the topology function is great for helping me visualise what is connected to what.

Client Devices

The Client Devices tab gives you detailed information about each device connected to your network. This includes data usage, connection strength, and device type. You can also set custom rules or limits for specific devices, which is handy for managing bandwidth or securing sensitive areas of your network.

System Log

The UCG-Max-NS features a comprehensive system log that records all significant events and system activities. This is particularly useful for troubleshooting and ensuring that your network is running smoothly. The logs are easy to access and navigate, with options to filter by event type or severity, helping you to pinpoint issues quickly.

VPN (Teleport / WireGuard / OpenVPN)

The VPN functionality of the UCG-Max-NS is one of its stronger points. It supports WireGuard, L2TP, and OpenVPN, providing flexibility depending on your specific VPN needs. The setup process is straightforward, and the UniFi controller interface makes it easy to manage VPN connections.

The inclusion of WireGuard is particularly noteworthy, as it offers a good balance between security and performance. The UCG-Max-NS also supports Teleport VPN, which is a one-click VPN solution that’s ideal for users who need quick and secure remote access without diving into more complex VPN configurations.

I found the VPN functionality to be far better than the EnGenius ESG510. However, apart from testing it for this review, I have been using TailScale and Twingate for my home network (undecided which one to commit to) which both offer superior functionality and an easier setup.

Security / Intrusion Prevention / Ad Blocking

Security is a critical aspect of any network device, and the UCG-Max-NS performs well in this regard. It features a signature-based Intrusion Prevention System (IPS) and Intrusion Detection System (IDS), which help protect your network from a wide range of threats.

The UCG-Max-NS also includes content, country, domain, and ad filtering, which adds an extra layer of security by blocking unwanted or malicious content. While these features are effective, their impact on performance can vary depending on the specific network load and configurations.

The application-aware firewall is another useful feature, allowing for more granular control over network traffic. This is particularly beneficial in environments where certain applications need priority access to bandwidth or where specific security policies must be enforced.

Routing

In terms of routing, the UCG-Max-NS offers robust performance with support for redundant WAN connections, load balancing, and advanced routing protocols such as policy-based routing. These features ensure that your network remains operational even in the event of a primary connection failure, which is particularly important for businesses that rely heavily on continuous internet access.

The policy-based routing options are extensive, allowing you to create custom rules based on traffic type, source, destination, and more. This level of control is particularly beneficial in complex network environments where certain types of traffic need to be prioritized.

Day to Day Performance

I experienced a few network glitches since introducing the UCG-Max-NS, but it is hard to pinpoint what is to blame as I have a lot of things on my network that could be the culprit. I noticed my wired connection drop out a couple of times, some apps like Smartthings didn’t work on my phone properly and my partner complained a game on her tablet wasn’t working. I think some of the issues are the ad blocking on my network and things have settled down so I will assume everything is working as should now.

With things working properly, the UCG-Max-NS delivers solid performance for its price point. With its 2.5 GbE ports, it can handle gigabit-plus internet connections without breaking a sweat. In real-world testing, the gateway consistently achieves near-line-rate speeds on its LAN ports. My Virgin connection reliably connects at around 1100Mbps, exceeding the performance I would get from a gateway with gigabit ports.

The device’s IDS/IPS throughput is rated at 1.5 Gbps, which should be sufficient for most home and small business use cases. However, it’s important to note that enabling all security features simultaneously may impact overall throughput.

One area where the UCG-Max-NS is highlighting is its ability to handle multiple concurrent connections. It can comfortably manage networks with 30+ UniFi devices and 300+ clients; some people view this as a negative, as it isn’t sufficient for larger installations. But, this is not designed for larger offices, it is perfect for prosumers, SOHO environments and small businesses.

The gateway’s quad-core processor and 3 GB of RAM ensure smooth operation even under load. However, users with very high-traffic networks or those requiring extensive VPN usage might want to consider more powerful options like the Dream Machine Pro. Temperature

My UCG Max typically reports 73°C. We are only a household of two, but I am a heavy user. I am on my PC all day, with around 300GB of data transferred per day (up and down).

It doesn’t appear to impact performance, and several people have said it will get to 90°C+. This could, in theory, shorten the life of the product, but most networking hardware is designed to handle higher temperatures.

That being said, I personally turned the display off as I don’t use it. Other people have said they reduced temperatures by placing it vertically on its side.

Price and Alternative Options

The Cloud Gateway Max comes in four variants based on storage:

  • UCG-Max-NS: £190.80 VAT incl.
  • UCG-Max 512GB: £267.60 VAT incl.
  • UCG-Max 1TB: £334.80 VAT incl.
  • UCG-Max 2TB: £459.60 VAT incl.

The UCG-Max-NS lacks a tray to install the storage, and this will be sold as an accessory next month. I suspect people will be quick to produce 3D printed alternatives.

The Dream Machine Pro is a much more competent gateway and is priced reasonably at £363.60. The main downside is that it is in a rackmount design and uses a fan, but it is reported to be inaudible.

The Cloud Gateway Ultra is very affordable at £95. It is basically the same as the Max but it lacks the option for NVMe storage then only has gigabit ports on the LAN side.

The UCG-Max replaced my EnGenius ESG510, which retails for around $300 (£320 is the cheapest I can find in the UK). I’d say the hardware is better with the ESG510; it doesn’t overheat as badly, and you get a single POE port. However, the underlying software and features are more basic, and EnGenius walled off some cloud features as a subscription.

Qnap has the QHora-321, which has six 2.5GbE ports, which looks impressive and has a strong focus on VPN functionality. It is more expensive at £450.

Overall

There are still some niggles on my network to iron out before I can say I love the Unifi Cloud Gateway Max UCG-Max-NS. It is not a perfect product, but I am not aware of anything significantly better than this. I loved the EnGenius ESG510, and I would say the hardware is better, but the UI and overall features of the Cloud Gateway Max are much better, and more importantly, they are relatively user-friendly for people who are not networking experts.

Assuming I continue to have a stable network, then the Unifi Cloud Gateway Max UCG-Max-NS is a capable and well-rounded networking device that offers excellent value for money. Its combination of 2.5 GbE ports, robust security features, and integration with the UniFi ecosystem make it an attractive option for home power users and small businesses alike.

The device’s compact is a double-edged sword, offering silent operation at the cost of higher operating temperatures. While this shouldn’t be a deal-breaker for most users, it’s something to keep in mind when considering placement and ventilation.

For those already invested in the UniFi ecosystem, the UCG-Max-NS is an easy recommendation. It integrates seamlessly with other UniFi devices and provides a unified management interface that simplifies network administration.

If you are feeling flush, you would likely benefit from the Dream Machine Pro or the Dream Machine Pro Max for larger offices.

Ubiquiti Unifi Cloud Gateway Max UCG-Max-NS Review

Summary

The Unifi Cloud Gateway Max UCG-Max-NS is a capable and well-rounded networking device that offers excellent value for money. Its combination of 2.5 GbE ports, robust security features, and integration with the UniFi ecosystem make it an attractive option for home power users and small businesses alike.

Overall
95%
95%
  • Overall - 95%
    95%

Pros

  • 2.5 GbE ports for faster networking
  • Comprehensive UniFi OS features at no additional costs
  • Good integration with other UniFi devices
  • Competitive pricing

Cons

  • Runs hot
  • Lacks a POE port
  • Requires a NVMe caddy if you ant to install storage

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *