Business Buyer's Guide to Wireless Networking

Your business is growing, and so is your IT network, so it's important to invest in wireless hardware that can grow with you. This simple guide will make it easy for you to pick the right gear for your business, so you can spend less time and money on your infrastructure and put your energies into the things that really matter.

Wireless is now ubiquitous in the business world, with more users working from mobile devices than ever before. In any given workplace--be it a bustling office, a large construction site, or a family-owned pizza joint--it's become commonplace for everyone from the CEO to the field reps to do all their work from a laptop, or even a smart phone. Here's what you need to know to get all those devices connected to your network with a minimum of fuss and zero downtime.

WIRELESS DEVICE OVERVIEW

A wireless network consists of three major types of devices, all working in unison to deliver seamless connectivity to the Internet, file servers, printers, and other users.

Clients: The client is the most basic element of your wireless network. It can be a laptop with a wireless card, a handheld PDA, or even a cell phone. Even desktop PCs can be outfitted with wireless cards for those times when they're too far from an ethernet jack for wired access. You can run a minimal wireless network (called an ad-hoc network) using just a couple of client devices, which makes it easy to transfer files and data between the two. But in a typical business environment, the primary role of a client device is to connect your users to the rest of the network, and to the Internet, by way of common client applications such as Web browsers and e-mail apps.

Routers: When you turn on your wireless laptop, it automatically searches for something to connect to. In a small business network, that thing is often a wireless router (sometimes called a wireless broadband gateway). A wireless router is a small box with a few ports for ethernet cables on the back and an antenna or three sticking out of it. Inside the box, a few chips and some firmware do the work establishing connections to various devices and controlling who can get in and who can't. In a typical small office, the router often serves as the primary hub of the entire network, connecting to both wired PCs and wireless laptops, and keeping them all connected to the Internet and to each other. Most routers can be easily configured through a simple menu in your Web browser. The typical off-the-shelf router offers reliable connections at a distance of roughly 150 feet indoors.

Many larger networks eschew wireless routers entirely, using more robust wired routers in conjunction with access points (see below) to control traffic on the network.

Access Points: Larger business networks often cover too much area for a single wireless router to handle. Access points serve as extenders for your network. Unlike a router, an access point contains minimal firmware for managing connections. Instead, it simply allows wireless devices to reach the network itself, and leaves all the management business up to your router. Access points can be connected directly to an existing wired network or run in a "bridge" mode that relays data wirelessly between the router on one side and the clients on the other.

WIRELESS STANDARDS (802.11a/b/g/n)

All major wireless standards are built on a common underlying technology, but each has different capabilities. Here's the deal.

802.11a: Established in 1999, 802.11a has a long and successful history on business networks. It operates on frequencies in the 5-GHz range and offers speeds of up to 54 mbps. It remains one of the most popular and stable standards for business data.

802.11b: Created at the same time as 802.11a, 802.11b wireless has enjoyed greater popularity for home users than its "a" counterpart, although its 11-mbps speeds are much slower than 802.11a. It operates on 2.4-GHz frequencies. It's rare to find wireless gear that is strictly 802.11b-compatible these days, as it has been integrated into the newer 802.11g standard.

802.11g: In 2003, 802.11g became the de facto wireless standard for most home and business networks, because it offers the same 54-mbps data rates as 802.11a, while still supporting older 802.11b client hardware. Like 802.11b, it operates on 2.4-GHz frequencies.

802.11n: This is the next great hope for speedy wireless networks, and is currently considered a "draft" specification--it is not yet fully ratified by the IEEE (the organization that oversees wireless standards). Most wireless hardware vendors currently offer 802.11n gear for sale, and promise future firmware updates that will bring the devices into compliance with the final standard when it is ratified. 802.11n offers much faster data rates than a, b, and g devices, with speeds of up 248 mbps. It also roughly doubles the range of the network. Because it operates on both 2.4-GHz and 5-GHz frequencies, 802.11n is backwards-compatible with all of the older standards listed here.

WIRELESS SECURITY

Because wireless networks can pass through the walls of your office, it's extra important to protect them from unwanted access. Knowing your router's security tools will help keep your network safe.

WEP: The original standard for wireless security, Wireless Equivalency Privacy (WEP) uses a text key to keep casual interlopers from joining your network. Unfortunately, it is barely adequate protection against a hacker with a small amount of knowledge and a readily available software tool. Bypass this one.

WPA: Wi-Fi Protected Access is a more secure authentication system than WEP. It uses a preshared key (PSK) in the form of a passphrase to control access. The strength of your WPA security depends entirely on the difficulty of your passphrase. For best results, use a 63-character phrase with a mix of numbers and letters, and avoid using common English words.

WPA2: This is basically the same as the WPA mentioned above, with the inclusion of a more secure algarithm called AES-CCMP. This algorithm makes it difficult for hackers to spot patterns that could help them gain access to your network.

MAC Address Filtering: Every single wireless device in the world has a unique identifying number called a MAC address, which looks like this: 08:00:69:02:01:FC. This number is usually printed somewhere on the outside of the device so you can see it clearly, and it's a great way to add extra security to your network. By enabling MAC address filtering on your router, you can tell it exactly which devices to allow connections from, and it will deny access to all other users, even if they happen to know your passphrase.

PUTTING IT ALL TOGETHER

Now that you've got a handle on the basic wireless components and specs, it's time to begin assembling a working network. Here's how to get started.

Choose a Standard

The first step in picking your wireless gear is to decide which standard to base your network on. The top two choices are 802.11g and 802.11n, depending on your willingness to work with new technology. If you'd rather stick with tried-and-true tech, 802.11g is likely to be your best bet, because it's been around for years. Since most laptops and other wireless-enabled mobile gear already support 802.11g, it's a very safe choice.

If, however, you're looking at the long haul--and don't mind having to perform a few firmware upgrades on your router over the upcoming year or two--you might consider 802.11n. Once the 802.11n standard is ratified, it will be as stable as 802.11g is today, and it will make "g" networks look paltry by comparison. If you do opt for 802.11n, be sure to ask the manufacturer for a clear explanation of its upgrade and support policy before buying. You want an iron-clad guarantee that your network will fully comply with the final 802.11n specification.

Choose Your Components

Assuming you already have wireless-enabled laptops to work with, the biggest decision you'll have to make in choosing your hardware is what kind of router to buy. First, determine which standard you want to use, as described above. Then consider which security features you'd like to use. Don't even consider buying a router that doesn't support WPA2 (if you can even find a new one that doesn't anymore). Also look for support for RADIUS servers. RADIUS is a sys-tem used on larger networks to automate security management, and while you may not have an immediate use for it, it's a nice feature to have as your business grows. If your office is large, or if you want your employees to be able to work outside on the picnic benches, you may also want to purchase a few access points to extend your network's range.

Hook 'Em Up

To set up your network, start by following the manufacturer's instructions for configuring your router. The process varies slightly from one router to another, but will always consist of some basic elements: setting up your Internet connection, choosing a name (SSID) for your net-work, and setting up security. But before you do any of those things, check the manufacturer's Web site for any firmware updates that may fix potential security holes in your router.

Be sure to give your network a unique name that will be easy to remember. Whatever you do, don't leave the default name in place, as it will give potential hackers way too much informa-tion about your network hardware. Your might also consider turning off SSID broadcast so that passersby won't spot your network easily. When you set up security, select WPA2 encryption and think of a unique 63-character passphrase with a mix of letters and numbers. Write this passphrase down, but keep it in a secure place to prevent it from falling into the wrong hands. It's the key to your business data, after all.

If you're using access points to extend your network, you can either connect them directly to your main router using Ethernet cables or run them in "bridge" mode to relay data to and from the router wirelessly, depending on where you plan to place them.

Once your router and any access points are in place, it's time to start adding devices to the network and get back to work!

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon