IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Choose the right wireless AP for your business

Dave Mitchell explains what to look for in an access point

Wireless networks are now an essential requirement for businesses that want to be more productive. The proliferation of tablets, laptops, mobiles and smartphones in the workplace means employees don't need to be tethered to their desk and can reap the benefits of increased mobility.

Wired networks with structured cabling are expensive to install and difficult to upgrade so it makes sense to deploy a wireless network. With the right business-grade access points (APs) in place, they can be expanded easily to keep up with your growing business and the latest products offer vastly increased wireless performance and tight security.

Intense competition in this market sector means prices for business-class access points (APs) are dropping all the time. This is great news for SMBs as they can get a basic, secure wireless network up and running for under 100.

Radio waves

Wireless technology has come on in leaps and bounds over the past year, with the latest 802.11ac Wave 2 APs offering a number of valuable benefits. Along with increased throughput, Wave 2 APs offer a feature called MU-MIMO (multi user multiple input multiple output).

MU-MIMO builds on the older MIMO standard by using a larger aerial array that ups the number of spatial streams from three to four. It essentially increases the number of lanes on your wireless road and enables concurrent downstream communications with multiple devices, allowing it support a large user base without causing congestion.

The downside is Wave 2 APs are more expensive with prices starting at around 250. Worry not though, as you can still get cheaper Wave 1 AC1750 APs along with Wave 2 AC2500 and AC2600 APs.

The numbers refer to the total available data rates, with AC1750 offering 450Mbits/sec on the 2.4GHz band and 1,300Mbits/sec on the 5GHz band. AC2500 and AC2600 are the same (with a little added marketing flair) and push the numbers to 800Mbits/sec and 1,733Mbits/sec.

Business class ticket

Small offices may be tempted by cheap consumer-grade wireless routers, but they'll be missing out on many features essential for business operations. Many business-grade APs have the ability to present multiple SSIDs (service set identifiers) allowing wireless networks to be created for different user groups.

Each SSID can have its own security scheme and authentication method where it could apply a user and group list maintained on the AP or tie in with an external RADIUS server. Security can be tightened further with MAC address black and white lists so only specific systems will be allowed to connect to an SSID.

The first thing a partner or client will whip out when they visit your offices is their smartphone or laptop and providing instant wireless connectivity adds professionalism to your business. You'll want to apply even tighter security, so look for APs that provide guest wireless features such as L2 isolation which stops users on the same SSID from seeing each other.

For general guest wireless access, consider APs that offer a captive portal. This can be used to redirect them to a custom web page where they provide details about themselves, enter login credentials and agree to an AUP (acceptable use policy) before being allowed Internet access.

Intruder alert

When deploying wireless services it's all too easy to forget about the supporting backend network, which could leave a gaping hole in your security. Remember, if you can plug a wireless AP into your LAN - so can someone else.

A recent case in point is an educational establishment that couldn't understand why their ISP was reporting a much higher Internet usage than their internal web filtering appliance. After investigation, it transpired that some enterprising pupils had plugged six old BT home wireless routers into the school network, hidden them in cupboards, set them to hide their SSIDs and passed the details to all their classmates.

The web filtering appliance was configured as a simple proxy but the main gateway server happily handed out DHCP and DNS services to any device plugged into a classroom wall socket. It also placed them on the default VLAN thus circumventing the filtering appliance completely and giving the pupils unmonitored Internet access.

The lesson here is to tighten up your backend systems so this can't happen. Furthermore, all business-class wireless APs can scan for and list neighbour devices, and for greater control consider those offering features such SSID-to-VLAN mapping or intrusion prevention that can block 'rogue' devices.

Standalone or managed

A standalone 11ac AP will be fine for a small office but if you have many areas to cover or big expansion plans, look for those offering central or remote management. It will reduce support overheads as you can create one set of wireless networks and have all managed APs broadcasting the same SSIDs.

This brings roaming into play so as staff or guests wander around your offices, their mobile devices will move seamlessly from one AP to the next - ensuring they always get the best service. Clustering is a very flexible option as products that support this allow a 'master' AP to look after multiple 'slaves' which can be reverted to standalone operations on a whim.

Cloud management is ideal if you're looking after wireless networks in different geographical locations. Cloud enabled APs connect with your portal account to get all their settings, making it simple to manage, monitor and support each location from a single web console no matter where you are.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

EnGenius ECW220S review: Peerless protection
routers

EnGenius ECW220S review: Peerless protection

30 Jun 2022
CMO job description: What does a chief marketing officer do?
Business strategy

CMO job description: What does a chief marketing officer do?

9 Jun 2022
CFO job description: What does a chief financial officer do?
Business strategy

CFO job description: What does a chief financial officer do?

9 Jun 2022
What is Wi-Fi 6?
wifi & hotspots

What is Wi-Fi 6?

17 May 2022

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022