Small Business Buying Guides

How to Choose a Router for Your Business

Today's Best Tech Deals

Picked by PCWorld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

Small Business Buying Guides

Show More
1 2 Page 2
Page 2 of 2

VLAN Support to Separate Traffic

Most business-class networking gear supports virtual LANs, which allow you to create multiple separate virtual networks inside a single network. You can, for example, create one VLAN for your private network (or more to support different departments) and another for public access by visitors; this arrangement prevents the guests from connecting to your computers or snooping on your traffic.

You can create VLANs on your router, gateway, or firewall, and then you can assign each ethernet port to a VLAN (and one to the SSID, if it’s wireless too). If you’re also using a separate switch that supports VLAN, you can assign each of its ports to a VLAN.

Multiple SSIDs to separate Wi-Fi traffic: Business-class wireless access points and wireless routers typically support multiple SSIDs, in what is basically a wireless variant of a VLAN. You can create multiple network names to broadcast from a single access point or wireless router, each with its own wireless and security configuration. Then you can assign each SSID to a VLAN.

Guest Access to Secure Private Traffic
Wireless guest access to secure private traffic: Some of the more advanced consumer-level wireless routers have a guest feature, which uses VLANs and multiple SSIDs to create a separate Wi-Fi network for visitors. This is a great way to quickly and easily create a secondary wireless network, but typically it doesn’t allow configuration such as adding custom VLANs or assigning ethernet ports to the guest VLAN.

USB Port to Share Files or Printers

Some premium consumer-level wireless routers have a USB port so that you can plug in a USB flash drive or hard drive to share files on the network. Though you can always share folders to the network in Windows, sharing at the router provides a central storage location and doesn’t require a certain PC to remain powered on. But keep in mind that most routers offering USB port sharing require you to install software on the PCs in order to access the shared drive.

Business-class routers, gateways, and firewalls usually don’t have USB ports. To compensate for that, you can buy or create a separate component called a network-attached storage device. Your NAS can provide many more sharing features, including native sharing, in which no software is required on PCs for you to access the storage, as well as the ability to control who has access to the shares.

Quality of Service Support to Prioritize Traffic

Most routers, gateways, and firewalls provide a Quality of Service feature that lets you prioritize network traffic. You can, for example, give voice and video traffic (from VoIP phones or Skype, for instance) higher priority since they’re much more sensitive to lags than Web browsing and other traffic. Another example is giving a certain computer or device more priority than others, or less priority for guest access.

Even the majority of advanced consumer-level wireless routers have QoS settings, but business-class equipment may allow more customization and more sophisticated functionality.

RADIUS Server to Run Enterprise Wi-Fi Security

If your business has more than a dozen or so wireless computers and devices (including smartphones and tablets), consider using enterprise-class Wi-Fi security (WPA or WPA2 with 802.1X), which lets you create a unique username and password for each user that connects via Wi-Fi.

WPA2 security
The personal or pre-shared key (PSK) mode of WPA or WPA2 is easier to set up than the enterprise mode, but it isn’t ideal for business networks. It lets you create only a single password for the Wi-Fi network, which becomes an issue if a laptop, tablet, or smartphone is lost or stolen: If a computer or mobile device were to go missing, you would want to change the Wi-Fi password so that the thief couldn’t come to your location and connect, but that would mean changing the password on all of your other Wi-Fi computers and devices as well.

To use the enterprise mode of WPA or WPA2 security, however, you must have a RADIUS server, which handles the 802.1X authentication. You can set up your own with the open-source FreeRADIUS server if you’re a Linux administrator or if you purchase a Windows program such as Elektron. If you don’t want to run your own server, consider buying an access point with a built-in RADIUS server, such as from ZyXel. Alternatively, use a hosted RADIUS service if you don’t want to run one at all.

Content Filtering to Block Inappropriate Sites

Many consumer-level routers have a built-in feature to block specific sites, while more-advanced models and UTM gateways may have a more comprehensive filter to block adult sites, malware, and other inappropriate material automatically. However, don’t worry too much about this feature when choosing your router: You can always use the free OpenDNS service to provide filtering for your entire network on any router.

Routers on the Market

D-Link DIR-655 router
Smaller businesses can usually get away with using a consumer-level router. But if you require more functionality or security, consider a VPN router/firewall or a UTM gateway. Here's what several current router and gateway models offer.

  • D-Link Xtreme N Gigabit Router (DIR-655): This advanced consumer-level wireless router supports gigabit ethernet and sports a wireless guest feature, QoS settings, and a USB port for sharing a drive or printer.
  • Cisco Wireless Network Security Firewall Router (RV220W): In this business-class wireless router, you'll find dual-band Wi-Fi and gigabit ethernet. Additionally, it provides several VPN-server options, VLANs, and multiple SSIDs.
  • Netgear ProSecure UTM Firewall with Wireless N (UTM9S): A UTM firewall/gateway offering dual-band Wi-Fi and gigabit ethernet, this product provides antimalware and antispam functions, content filtering, and intrusion protection. It supplies dual WAN support, several VPN-server options, VLANs, and multiple SSIDs, too.

Finally, consider buying a consumer-level wireless router and uploading aftermarket open-source firmware such as DD-WRT to give it business-class features and to add customization. Or, purchase preloaded routers at a site such as Flash Routers.

Eric Geier is a freelance tech writer. Become a Twitter follower to keep up with his writings. He’s also the founder of NoWiresSecurity, which helps homes and businesses easily protect their Wi-Fi network with Enterprise (802.1X) security.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.
1 2 Page 2
Page 2 of 2
Shop Tech Products at Amazon