[jimnotgym]

I have a phobia of MikroTik, especially in the hands of general IT people. Amazing bang per-buck, but I took over a network with 6 sites all with Mikrotik routers and there were some staggering config mistakes. The more I dug the more I became convinced that the OS was, if not to blame, but certainly was a major factor.

I used to test changes (when duties allowed) with nmap, and several times I showed experienced engineers that they had left a service open to the WAN by mistake! When a network is in the hands of general engineers, like it often is in the SME space, I like Watchguard firewalls. Very good defaults, helpful os.

I can imagine in a datacenter where you have network specialists, and robust working procedures Mikrotik could work well.

I use Unifi for Wifi, and have used their routers for a dedicated guest wifi network. For switches I know nothing other than HP, but don't see a lot of issues, especially with the Aruba kit.

[d00bianista]

I again have phobias regarding Watchguard and other products that have the consumer style special WAN-ports and related configuration restraints. Many Mikrotik-devices come preconfigured like consumer devices but the recent CCR-series does not.

The firewall in Mikrotik-devices is among the cleanest I've seen and very hard to miss-configure as long as the firewall is otherwise configured to not let unauthorized traffic through.

And yes, people are people and this is why we educate people when needed.