IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Choose the right wireless AP for your business

Dave Mitchell explains what to look for in an access point

Wireless networks are now an essential requirement for businesses that want to be more productive. The proliferation of tablets, laptops, mobiles and smartphones in the workplace means employees don't need to be tethered to their desk and can reap the benefits of increased mobility.

Wired networks with structured cabling are expensive to install and difficult to upgrade so it makes sense to deploy a wireless network. With the right business-grade access points (APs) in place, they can be expanded easily to keep up with your growing business and the latest products offer vastly increased wireless performance and tight security.

Intense competition in this market sector means prices for business-class access points (APs) are dropping all the time. This is great news for SMBs as they can get a basic, secure wireless network up and running for under 100.

Radio waves

Wireless technology has come on in leaps and bounds over the past year, with the latest 802.11ac Wave 2 APs offering a number of valuable benefits. Along with increased throughput, Wave 2 APs offer a feature called MU-MIMO (multi user multiple input multiple output).

MU-MIMO builds on the older MIMO standard by using a larger aerial array that ups the number of spatial streams from three to four. It essentially increases the number of lanes on your wireless road and enables concurrent downstream communications with multiple devices, allowing it support a large user base without causing congestion.

The downside is Wave 2 APs are more expensive with prices starting at around 250. Worry not though, as you can still get cheaper Wave 1 AC1750 APs along with Wave 2 AC2500 and AC2600 APs.

The numbers refer to the total available data rates, with AC1750 offering 450Mbits/sec on the 2.4GHz band and 1,300Mbits/sec on the 5GHz band. AC2500 and AC2600 are the same (with a little added marketing flair) and push the numbers to 800Mbits/sec and 1,733Mbits/sec.

Business class ticket

Small offices may be tempted by cheap consumer-grade wireless routers, but they'll be missing out on many features essential for business operations. Many business-grade APs have the ability to present multiple SSIDs (service set identifiers) allowing wireless networks to be created for different user groups.

Each SSID can have its own security scheme and authentication method where it could apply a user and group list maintained on the AP or tie in with an external RADIUS server. Security can be tightened further with MAC address black and white lists so only specific systems will be allowed to connect to an SSID.

The first thing a partner or client will whip out when they visit your offices is their smartphone or laptop and providing instant wireless connectivity adds professionalism to your business. You'll want to apply even tighter security, so look for APs that provide guest wireless features such as L2 isolation which stops users on the same SSID from seeing each other.

For general guest wireless access, consider APs that offer a captive portal. This can be used to redirect them to a custom web page where they provide details about themselves, enter login credentials and agree to an AUP (acceptable use policy) before being allowed Internet access.

Intruder alert

When deploying wireless services it's all too easy to forget about the supporting backend network, which could leave a gaping hole in your security. Remember, if you can plug a wireless AP into your LAN - so can someone else.

A recent case in point is an educational establishment that couldn't understand why their ISP was reporting a much higher Internet usage than their internal web filtering appliance. After investigation, it transpired that some enterprising pupils had plugged six old BT home wireless routers into the school network, hidden them in cupboards, set them to hide their SSIDs and passed the details to all their classmates.

The web filtering appliance was configured as a simple proxy but the main gateway server happily handed out DHCP and DNS services to any device plugged into a classroom wall socket. It also placed them on the default VLAN thus circumventing the filtering appliance completely and giving the pupils unmonitored Internet access.

The lesson here is to tighten up your backend systems so this can't happen. Furthermore, all business-class wireless APs can scan for and list neighbour devices, and for greater control consider those offering features such SSID-to-VLAN mapping or intrusion prevention that can block 'rogue' devices.

Standalone or managed

A standalone 11ac AP will be fine for a small office but if you have many areas to cover or big expansion plans, look for those offering central or remote management. It will reduce support overheads as you can create one set of wireless networks and have all managed APs broadcasting the same SSIDs.

This brings roaming into play so as staff or guests wander around your offices, their mobile devices will move seamlessly from one AP to the next - ensuring they always get the best service. Clustering is a very flexible option as products that support this allow a 'master' AP to look after multiple 'slaves' which can be reverted to standalone operations on a whim.

Cloud management is ideal if you're looking after wireless networks in different geographical locations. Cloud enabled APs connect with your portal account to get all their settings, making it simple to manage, monitor and support each location from a single web console no matter where you are.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

What is Wi-Fi 6?
wifi & hotspots

What is Wi-Fi 6?

17 May 2022
What does a CISO do?
Careers & training

What does a CISO do?

12 May 2022
29% of UK SMBs cancelled cyber insurance policies in 2021
cyber security

29% of UK SMBs cancelled cyber insurance policies in 2021

9 May 2022
Business value on AWS
Whitepaper

Business value on AWS

27 Apr 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022