Choose the right wireless AP for your business

Dave Mitchell explains what to look for in an access point

Wireless networks are now an essential requirement for businesses that want to be more productive. The proliferation of tablets, laptops, mobiles and smartphones in the workplace means employees don't need to be tethered to their desk and can reap the benefits of increased mobility.

Wired networks with structured cabling are expensive to install and difficult to upgrade so it makes sense to deploy a wireless network. With the right business-grade access points (APs) in place, they can be expanded easily to keep up with your growing business and the latest products offer vastly increased wireless performance and tight security.

Intense competition in this market sector means prices for business-class access points (APs) are dropping all the time. This is great news for SMBs as they can get a basic, secure wireless network up and running for under 100.

Radio waves

Wireless technology has come on in leaps and bounds over the past year, with the latest 802.11ac Wave 2 APs offering a number of valuable benefits. Along with increased throughput, Wave 2 APs offer a feature called MU-MIMO (multi user multiple input multiple output).

MU-MIMO builds on the older MIMO standard by using a larger aerial array that ups the number of spatial streams from three to four. It essentially increases the number of lanes on your wireless road and enables concurrent downstream communications with multiple devices, allowing it support a large user base without causing congestion.

Advertisement
Advertisement - Article continues below

The downside is Wave 2 APs are more expensive with prices starting at around 250. Worry not though, as you can still get cheaper Wave 1 AC1750 APs along with Wave 2 AC2500 and AC2600 APs.

The numbers refer to the total available data rates, with AC1750 offering 450Mbits/sec on the 2.4GHz band and 1,300Mbits/sec on the 5GHz band. AC2500 and AC2600 are the same (with a little added marketing flair) and push the numbers to 800Mbits/sec and 1,733Mbits/sec.

Business class ticket

Small offices may be tempted by cheap consumer-grade wireless routers, but they'll be missing out on many features essential for business operations. Many business-grade APs have the ability to present multiple SSIDs (service set identifiers) allowing wireless networks to be created for different user groups.

Each SSID can have its own security scheme and authentication method where it could apply a user and group list maintained on the AP or tie in with an external RADIUS server. Security can be tightened further with MAC address black and white lists so only specific systems will be allowed to connect to an SSID.

The first thing a partner or client will whip out when they visit your offices is their smartphone or laptop and providing instant wireless connectivity adds professionalism to your business. You'll want to apply even tighter security, so look for APs that provide guest wireless features such as L2 isolation which stops users on the same SSID from seeing each other.

For general guest wireless access, consider APs that offer a captive portal. This can be used to redirect them to a custom web page where they provide details about themselves, enter login credentials and agree to an AUP (acceptable use policy) before being allowed Internet access.

Intruder alert

When deploying wireless services it's all too easy to forget about the supporting backend network, which could leave a gaping hole in your security. Remember, if you can plug a wireless AP into your LAN - so can someone else.

A recent case in point is an educational establishment that couldn't understand why their ISP was reporting a much higher Internet usage than their internal web filtering appliance. After investigation, it transpired that some enterprising pupils had plugged six old BT home wireless routers into the school network, hidden them in cupboards, set them to hide their SSIDs and passed the details to all their classmates.

The web filtering appliance was configured as a simple proxy but the main gateway server happily handed out DHCP and DNS services to any device plugged into a classroom wall socket. It also placed them on the default VLAN thus circumventing the filtering appliance completely and giving the pupils unmonitored Internet access.

The lesson here is to tighten up your backend systems so this can't happen. Furthermore, all business-class wireless APs can scan for and list neighbour devices, and for greater control consider those offering features such SSID-to-VLAN mapping or intrusion prevention that can block 'rogue' devices.

Standalone or managed

A standalone 11ac AP will be fine for a small office but if you have many areas to cover or big expansion plans, look for those offering central or remote management. It will reduce support overheads as you can create one set of wireless networks and have all managed APs broadcasting the same SSIDs.

Advertisement
Advertisement - Article continues below

This brings roaming into play so as staff or guests wander around your offices, their mobile devices will move seamlessly from one AP to the next - ensuring they always get the best service. Clustering is a very flexible option as products that support this allow a 'master' AP to look after multiple 'slaves' which can be reverted to standalone operations on a whim.

Cloud management is ideal if you're looking after wireless networks in different geographical locations. Cloud enabled APs connect with your portal account to get all their settings, making it simple to manage, monitor and support each location from a single web console no matter where you are.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/government-it-strategy/28305/ir35-news
Policy & legislation

Businesses urged to continue IR35 preparations despite Conservative review pledge

3 Dec 2019
Visit/security/29204/how-can-you-protect-your-business-from-crypto-ransomware
Security

How can you protect your business from crypto-ransomware?

4 Nov 2019
Visit/wifi-hotspots/31488/how-to-boost-your-business-wi-fi
wifi & hotspots

How to boost your business Wi-Fi

22 Oct 2019
Visit/strategy/28223/cio-job-description-what-does-a-cio-do
Business strategy

CIO job description: What does a CIO do?

1 Oct 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019