UniFi Network 9.0 - Built to Scale

UniFi Network 9.0 is packed with powerful features that enhance your deployment—whether you’re managing a single site or thousands of locations. We’ve taken valuable insights from the network engineers and IT professionals who use UniFi daily, and we’re excited to unveil what’s new.

Zone-Based Firewall Rules

Zone-based rules simplify network traffic management by grouping devices and services into zones (e.g., Internal, External, Gateway, VPN). Instead of juggling countless rules for individual VLANs or devices, you define a handful of zones and apply your policies at scale.

If you’re new to zone-based firewalls, they become intuitive after some hands-on experience. If you’ve used them before, UniFi’s approach will feel streamlined. Each rule now supports descriptions, so you can easily document its purpose. This clarity is a big win for teams managing complex networks.

Zone-based firewalls are quickly becoming an industry standard—reducing hundreds of potential rules to a concise set of zones. Less clutter means fewer mistakes, clearer control, and a more efficient workflow.

UniFi CyberSecure

UniFi CyberSecure, powered by Proofpoint, takes your gateway’s IDS/IPS to the next level with an extensive, continuously updated library of threat signatures. Proofpoint’s advanced threat intelligence, coupled with Microsoft MAPP insights, ensures early protection against emerging vulnerabilities.

CyberSecure vs. CyberSecure Enterprise

• CyberSecure: Covers over 55,000 threat signatures, ideal for mid-sized deployments. Includes a Memory Optimized Mode for resource-constrained gateways. $99/year.
• CyberSecure Enterprise: Offers more than 95,000 signatures and additional threat categories, built for large-scale networks running on high-end gateways like the Enterprise Fortress Gateway (EFG) and UXG Enterprise. $499/year.

Both operate locally on the gateway, preserving data privacy and reducing latency. We believe in a license-free network, so CyberSecure is an optional subscription-based service, reflecting the ongoing cost of delivering advanced threat intelligence. You can Enable or disable CyberSecure from Site Manager with ease. Choose between detection-only and automated blocking modes to fit your security strategy. Proofpoint-curated signatures minimize false positives for a hassle-free experience. High-end gateways also support fine-tuned category controls for advanced deployments.

SiteMagic SD-WAN: Now Scaled to 1,000 Sites

SiteMagic SD-WAN is license-free, letting you connect multiple sites without recurring fees. UniFi Network 9.0 introduces a hub-and-spoke topology that supports up to 1,000 locations—perfect for organizations with a large footprint.

Choose between:

• Mesh (up to 20 sites) for straightforward connectivity.
• Hub-and-spoke (up to 1,000 sites) for massive deployments or critical failover scenarios, with support for multiple tunnels and a secondary failover hub for disaster recovery (DR).

SiteMagic relies on peer-to-peer connections managed in Site Manager, eliminating the usual SD-WAN licensing costs. It’s a major opportunity to cut expenses on large deployments or justify SD-WAN in smaller settings. We can’t wait to see how IT teams leverage this expanded, zero-license model.

UniFi Network API

Building on the success of our cloud-based Site Manager API, the new Local Network API provides deeper, direct access to your UniFi deployment. You can monitor site activity, analyze client performance, and integrate UniFi data into custom tools—all without routing traffic through the cloud.

Key Features

• Device Control & Insights: Reboot devices, retrieve device lists, and view status details. Future releases will add even more device actions.
• Real-Time Monitoring: Access CPU, memory, and uptime data, plus live stats for Wi-Fi, wired, and VPN clients.
• Multi-Site Oversight: List, track, and manage data from multiple sites, making complex environments easier to handle.

Developer-Ready Enhancements

• Streamlined Integration: Automate updates and configure devices (where available) by pulling UniFi data into your existing IT workflows.
• Efficient Data Handling: Pagination keeps performance smooth in large-scale networks.
• Deeper Visibility: Diagnose and troubleshoot connectivity issues by pulling UniFi Network data into your workflow, backed by real-time stats and granular client data.

Whether you’re integrating UniFi data into custom dashboards or automating network tasks, the Local Network API delivers the insights and controls you need to keep deployments agile and efficient.

UniFi Network 9.0 brings a host of features designed to make your life easier, reduce complexity, and improve performance. From zone-based firewalls to a more powerful SD-WAN and a streamlined Local Network API, we’re committed to empowering you with the best network tools available.