This week we are going to talk about the types of equipment you need for your new FTTH high-speed internet connection and how they relate to some NSA best practices. We will then look at the difference between all-in-one “plug and play” router+wireless devices compared to purchasing separate devices. Finally, We will look at how the placement of your Wireless Access Point within the building impacts performance.
To have Internet access in your home or office, you will need a Modem, Router, Network Switch, and Wireless Access Point. Typically, your Internet Service Provider (ISP) will provide the modem which is their responsibility to manage and sometimes requires a monthly fee. However, it is not recommended to rely on your ISP for a Router, Switch, or Wireless Access Point as it is best practice to own your router for maximum administrative control, according to NSA Best Practices. To follow this practice, our ISP will only provide a modem in our network design.
Goals & Requirements
Let’s define some requirements for our network, following a few NSA Best Practices:
1. We will purchase our Router and other network equipment.
2. The router will be capable of supporting the internet connection, can be updated easily (NSA BP #2 Secure routing devices and keep them up-to-date), and have a firewall (NSA BP# 5. Employ firewall capabilities). We will also want VPN support (NSA BP# 14. Exercise caution when accessing public hotspots).
3. The wireless must deliver sufficient coverage for the space at high speeds while utilizing WPA2 or WPS3 security (NSA BP #3 Implement WPA3 or WPA2 on the wireless network). The wireless will also have the capability of supporting a guest network (NSA BP #4 Implement wireless network segmentation).
3 Different Scenarios
Throughout this guide, we will build 3 different networks for 3 different Home Office / Small Office spaces below.
Home Office – 1400 SqFt. Main Living Space – 2 People – Fully finished, no additional wiring available. Running wires would be cost-prohibitive.
Small Office – 1500 SqFt. Office – 5 people + Conference Space – Newly leased office, existing floor plan, able to retrofit with wires.
Large Office – 5000 SqFt. 25 People – New construction, unlimited budget, and possibilities.
A router is a device that helps manage the flow of traffic to and from your computer network. It comes with several essential features, such as a firewall that prevents unauthorized access to your network from the outside world. Routers differ in terms of speed, features, and price, so it’s crucial to choose one that matches your internet connection.
Wireless Access Points provide WiFi connectivity for your wireless devices. Some manufacturers offer all-in-one devices that have both routers and wireless access points in a single unit, which can be a good option for smaller buildings. However, it’s important to place your Wireless Access Point strategically to ensure quality WiFi coverage throughout your office. If you choose an All-In-One device, it’s usually installed near your modem, which is often located in your Living Room or utility room in the office.
Let’s take a look at our 3 different office scenarios, when they are utilizing an All-In-One device, and determine if this is a good solution:
As you can see above, in the Home Office and Small Office, the all-in-one device provides basic coverage of the main area where the router is installed, with lower-quality coverage farther away from the router. In the larger office, we can see that the WiFi will have very poor coverage through a majority of the space.
Lets now take a look at a configuration, with a separate Wireless Access Point mounted central to the space:
By placing the Wireless Access Point in the center of a space, a single device can offer superior coverage compared to an all-in-one device in a corner. However, for larger offices, it’s clear from the graphic that a single device cannot handle the large space, and multiple devices are necessary.
If it is not cost-effective or practical to wire your office to a centralized wireless access point, there are wireless options available to extend the WiFi coverage. Mesh network wireless access points can be used to extend wireless coverage without the need for running wires.
In the upcoming week, we will be discussing All-In-One routers and Wireless devices, along with their Mesh network expansion options. In the following weeks, we will also cover managed and unmanaged (wired) wireless networks Managed Vs. UnManaged Wireless Networks.
Will my old router work?
What about my wifi?
To determine if you need to replace your router, the most crucial factor is its capability to receive updates. You should regularly perform software updates on your router, at least once a month. If your router manufacturer has ceased publishing security updates for your router, then it’s about time to consider upgrading it.
If your router vendor is still delivering updates, it’s important to assess its capabilities. With internet speeds increasing, older routers may not be able to keep up and can become a bottleneck in your network.
It is important to check if your older wireless access points support WPA2 or WPA3, as recommended by NSA BP #3. Newer models offer faster technologies such as WiFi 5 and 6. To ensure optimal performance, make sure that your WiFi speeds are faster than your internet connection speeds.
The graphics above were created with the UniFi Design Center: https://design.ui.com