WatchGuard AP225W review: Strong, secure and speedy

This affordable and feature-packed wireless AP offers great cloud management and unique security skills

IT Pro ValueWatchGuard AP225W
Price
£290 exc VAT (AP with one year of Total Wi-Fi)
  • Built-in WIPS support
  • Robust management features
  • Outstanding security support
  • More advanced features may be overkill for SMBs

If you’re familiar with the company’s other products, you probably won’t be surprised to learn that WatchGuard’s diminutive AP225W makes security its top priority. It’s sold as a dual-band Wave 2 AP, but it actually has three radios inside– two providing regular wireless services, plus one dedicated to WatchGuard’s Wireless Intrusion Prevention System, or WIPS for short. 

If you haven’t come across WIPS before, it’s a clever system that can sniff out rogue APs on your premises – such as unauthorised hardware using the same SSID as your real APs – and disrupt them so that no one can inadvertently connect. That might not be a threat you encounter every day, but consider the potential cost of a breach and you’ll quickly see the wisdom of playing it safe.

The AP225W can be managed using either WatchGuard’s Cloud Wi-Fi service or from one of the company’s Firebox security appliances. The option you choose affects the cost: the price above includes a year’s Total Wi-Fi subscription, which enables cloud management, location-based usage analysis and the Engage app for gathering guest demographics.

You should have no difficulty fitting the AP225W into your network: as well as the uplink/PoE+ port at the back, the unit offers three additional network ports at the bottom (the third of which presents an 802.3af PoE output), and two passthrough ports, allowing cable runs to be extended through the AP.

Getting set up via the cloud is swift. While WatchGuard doesn’t offer dedicated smartphone apps, the web portal works equally well on desktop and mobile platforms, and includes a quick-start option that automatically creates an initial set of SSIDs. 

WatchGuard AP225W ports

Once we’d been through this short process, we connected the AP225W to our network, and watched it automatically appear in our cloud account and start broadcasting our SSIDs. The portal’s Discover page presents dashboard views for general connectivity, wireless performance, detected apps and WIPS status.

For more information on that last count, you can jump to the WIPS monitor page to check your security status and enable the feature that fires deauthorisation packets at rogues to prevent clients from associating with them. We tested this by connecting a Linksys LAPAC1750 AP to the lab network. This duly appeared in the portal as a rogue, and when we tried to connect to it from a Windows 10 client, we were immediately booted off, with the WIPS dashboard alerting us to the event. It’s impressively effective – just make sure your own APs are all authorised before enabling WIPS or they’ll get the same harsh treatment.

A neat feature of the WatchGuard cloud is its hierarchical approach. It presents a layered structure of folders, representing countries, cities, offices, departments and floors, and allows you to apply management templates at any level, defining settings to be inherited by all network devices and APs below that level.

You can configure settings using SSID profiles too, such as encryption standards, traffic shaping and QoS for voice and video traffic. Access controls include firewall rules for blocking specific apps, and if you choose to enable a splash page for guest users, you can include custom content and embed authentication plugins for a selection of social media sites including Facebook and Twitter.

Performance is respectable if not outstanding. We saw close-range file copies from a Windows 10 client with a Netgear Nighthawk AC1900 USB adapter average 54MB/sec; with the AP moved 10m away, speeds decreased to 47MB/sec. 

Some of the AP225W’s features may seem like overkill for small businesses, but for the price, it’s hard to quibble. WatchGuard’s cloud portal provides a wealth of high-end wireless management tools, and the WIPS service adds advanced security features that you’d expect to pay far more for.

WatchGuard AP225W specifications

Band support

Wave 2 AC1200 dual-band 2.4GHz/5GHz 802.11ac

Radios

2x2 MU-MIMO, 2x2 WIPS radio, 6 x internal aerials

Ports

4 x Gigabit Ethernet (LAN/PoE+, 3 x LAN), 2 x passthrough ports

Additional features

1yr support contract with advanced hardware replacement, 1yr Total Wi-Fi subscription, wall/ceiling mounting plate

Dimensions (WDH)

186 x 124 x 26mm

Weight

455g

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021
EU plans to launch bloc-wide cyber task force
cyber attacks

EU plans to launch bloc-wide cyber task force

22 Jun 2021