Ubiquiti EFG Enterprise Fortress Gateway

DESCRIPTION

Enterprise Fortress Gateway
25G Cloud Gateway with 500+ UniFi device / 5,000+ client support, 12.5 Gbps IPS routing, and complete high availability.
Runs UniFi Network for full-stack network management
Shadow Mode High Availability with automatic failover provides uninterrupted connectivity (VRRP)*
12.5 Gbps routing with IDS/IPS
License-free, real-time inspection of encrypted packets with NeXT AI Inspection (SSL/TLS decryption)
(2) 25G SFP28**, (2) 10G SFP+**, and (2) 2.5 GbE RJ45 ports (two interfaces remappable to WAN)
(2) included hot-swap PSUs for power redundancy
1.3″ touchscreen
*Requires UniFi OS 4.0 and later. Must be paired with another EFG.
**Pair with an official SFP28 Module, SFP+ Module, or SFP+ to RJ45 Adapter for the best experience.
Welcome to UniFi Enterprise

Designed for Massive Scale
Effortlessly manage 500+ UniFi devices and 5,000+ clients.

VRRP High Availability
Link a second system in Shadow Mode to minimise network downtime.

25 Gbps Performance
Seamlessly balance WANs and support high-capacity switching.

Built for Secure Routing
Deliver over 12 Gbps of routing throughput with full IPS security.

Cybersecurity
Intrusion Detection & Prevention
UniFi’s intrusion detection and prevention system (IDS/IPS) guards against potential threats that originate both within and outside of the network.

This dynamic system swiftly detects and blocks suspicious activity that could signal a security compromise based on a real-time database of known cyber threats.
Cybersecurity
Application-Aware Firewall
UniFi’s application-aware firewall accurately detects and blocks traffic directed at specific applications, websites, and IP addresses.

Easily block specific targets that might pose security threats at the network, VLAN, and client device level.
High Availability
Multi-WAN Load Balancing
UniFi can leverage multiple internet connections at a single site for highly-resilient service.

Choose between Failover Only mode, which uses an alternative internet source only as a backup, and Distributed mode, which splits internet traffic between your internet sources based on a customisable weighting.
High Availability
Shadow Mode (VRRP)
For enterprise-grade High Availability with Virtual Router Redundancy Protocol (VRRP), link a second EFG in Shadow Mode.

If the primary EFG goes offline, its Shadow will automatically take over so your network continues running with minimal downtime.
Site Management
ISP Health Monitoring
The UniFi Site Manager dashboard at unifi.ui.com features ISP health metrics for quick, insightful monitoring across sites.

Real-time email and mobile app alerts for site-level ISP health events are also available with push notifications settings customisable for each site.
Site Management
Global Admin Management
The UniFi Site Manager at unifi.ui.com enables easy management of all admins across UniFi sites from a single interface.

Effortlessly onboard and offboard admins with granular control over site access and application permissions.
Deployment

Technical Specs
Mechanical
Dimensions
442.4 x 43.7 x 325 mm (17.4 x 1.7 x 12.8″)
Weight
6.5 kg (14.3 lb)
Enclosure material
Aluminium CNC, SGCC steel
Hardware
Processor
18-core ARM® v8.2 at 2 GHz
System memory
16 GB DDR4 DIMM
Management interface
Ethernet, Bluetooth
Networking interface
(2) 25G SFP28 ports
(2) 10G SFP+ ports
(2) 2.5 GbE RJ45 ports
Map any (2) interfaces to WAN
Power method
(1) Universal AC input, 100—240V AC, 7A Max., 50/60 Hz
Power supply
(2) Hot-swappable 150W CRPS
Supported voltage range
100–240V AC
Max. power consumption
82W
ESD/EMP protection
Air: ± 8kV, contact: ± 4kV
LCM display
(1) 1.3″ touchscreen
Button
Factory reset
Ambient operating temperature
0 to 40° C (22 to 104° F)
Ambient operating humidity
5 to 95% noncondensing
Certifications
CE, FCC, IC
Gateway Features
Performance
Redundant WAN with failover and load balancing
WiFi QoS with UniFi APs
Application, domain, and country-based QoS
Application and device type identification
Additional internet failover with LTE Backup
Internet quality and outage reporting
Next-generation security
Application-aware firewall rules
Signature-based IPS/IDS threat detection
Content, country, domain, and ad filtering
VLAN/subnet-based traffic segmentation
Full stateful firewall
Advanced networking
License-free SD-WAN
WireGuard, L2TP, and OpenVPN server
OpenVPN client
OpenVPN and IPsec site-to-site VPN
One-click Teleport and Identity VPN
Policy-based WAN and VPN routing
DHCP relay
Customisable DHCP server
IGMP proxy
IPv6 ISP support
Capacity
UniFi devices
500+
Client devices
5,000+
Concurrent sessions
1 million
New sessions / sec
71,000
SSL/TLS inspection concurrent sessions
10,000
Limiting to 5,000 concurrent sessions is recommended if the gateway is passing significant traffic. This can be achieved by restricting which VLANs and domains pass through NeXT AI Inspection, such as only including search engine and LLM queries on employee devices.
IDS/IPS signatures
80,000+
With Enhanced Threat Updates.
Routing Throughput
Firewall
23.5 Gbps
IDS/IPS
12.5 Gbps
Measured with iPerf3 on DHCP WAN. Performance may be reduced with PPPoE depending on ISP implementation.
VPN Server Single User Throughput
UniFi Identity
1.2 Gbps
Teleport
1.2 Gbps
WireGuard
1.2 Gbps
OpenVPN
210 Mbps
L2TP
280 Mbps
Measured with iPerf3
Site-to-Site VPN Single Tunnel Throughput
Site Magic
1.1 Gbps
OpenVPN
120 Mbps
IPsec
580 Mbps
Measured with iPerf3
VPN Client Single Tunnel Throughput
WireGuard
980 Mbps
OpenVPN
180 Mbps
Measured with iPerf3
LEDs
Ethernet
White: Link/activity
SFP+
White: Link/activity
CRPS
Off: No AC power present
Steady white: AC power and DC output active
Flashing white: AC power present
Steady red: AC power lost/failure events
Flashing red: Warning events
Software
Mobile app
UniFi iOS™: Version 10.16.2 and later
UniFi Android™: Version 10.17.2 and later

Important Warranty Information:•2-Year Warranty: Current promotion running from March 2024, all Ubiquiti items purchased during this period come with 2 years warranty.
•For items purchased outside the specified period (Before March 2024), the standard Manufacturer’s warranty duration is 1 year.

”Want to know more about this product? Click Here to Book a time with our Pre-sales Solutions Experts”

Ubiquiti Enterprise Fortress Gateway *Requires Deal Reg*

SKU: EFG

Tech Specs: Click Here
Installation Guide: Click Here

Description: Enterprise-grade 25 Gbps UniFi Cloud Gateway with three WAN ports, high availability, and a full suite of advanced routing and security features
*** Require Enterprise Deal Registration, please register the deal: Click Here before place the order

Features:
•Runs UniFi Network for full-stack network management
•Shadow Mode High Availability with automatic failover provides uninterrupted connectivity (VRRP)*
•12.5 Gbps routing with IDS/IPS
•License-free, real-time inspection of encrypted packets with NeXT AI Inspection (SSL/TLS decryption)
•(2) 25G SFP28**, (2) 10G SFP+**, and (2) 2.5 GbE RJ45 ports (two interfaces remappable to WAN)
•(2) included hot-swap PSUs for power redundancy
•1.3″ touchscreen
*Requires UniFi OS 4.0 and later. Must be paired with another EFG.
**Pair with an official SFP28 Module, SFP+ Module, or SFP+ to RJ45 Adapter for the best experience..