SOHO Wireless Gateways

Wi-Fi is quickly becoming a fixture in a growing number of SOHO environments. Many of the devices are used for remote access into enterprise networks, and protecting them from wireless

June 3, 2005

9 Min Read
Network Computing logo

In the U.S. market, D-Link, Linksys (a division of Cisco Systems) and Netgear dominate the wireless SOHO router market, with an array of smaller but often more aggressive competitors slugging it out for shelf space. Although all work hard to offer unique products--and some subtle differences between products do exist--commoditization has occurred, largely because more integrated system offerings are available from the original design manufacturers. For example, Belkin received some headlines for being the first to release a product based on Airgo Networks' True MIMO (multiple input, multiple output) technology, but it wasn't long before Linksys and Netgear released products based on the same chipset.

While the broader consumer market commoditizes and focuses on low cost, a new market is emerging for slightly upscale wireless gateway offerings from enterprise security companies. These midtier products, which typically retail for $500 to $1,000, are available from a wide range of companies, including Check Point Software Technologies, Fortinet, Juniper Networks, SonicWall, Symantec Corp. and WatchGuard Technologies.

Unlike consumer-oriented offerings, these higher-end products provide more advanced enterprise-class features, ranging from centralized management to rich firewalls and content filtering. Some, like those from SonicWall, also offer a scalable architecture, letting you install additional APs (access points) and manage them from a single gateway. Rather than letting employees install their own wireless gateways, some organizations are turning to these more advanced products for greater peace of mind.

Looking toward the future, enterprise WLAN vendors are planning new products aimed at the distributed office. For example, Aruba Networks recently introduced a personal AP that extends the coverage of enterprise WLAN switching gear into the home or remote office--remote users can access all enterprise services, with automated centralized policy enforcement.Flexible and Secure

SOHO wireless gateways are achieving market success because they give users an easy means for sharing a broadband cable or DSL connection among multiple home users while providing freedom to work from various locations--anywhere within a home or office. These gateways don't typically provide performance levels as high as wired Ethernet, but they are far more convenient and less expensive than pulling Category 5 cable to every room in your home or branch office.

Even the lowest-cost gateways offer advanced network functionality, including DHCP services, NAT routing, stateful firewalls and port forwarding. Wireless security is evolving, thanks to the introduction of easy-to-implement WPA-PSK (Wi-Fi Protected Access with preshared keys), which offers robust security, provided long keys are used. Unlike older offerings, most mainstream products are reliable, with one caveat: Although you might be tempted to buy the latest, greatest, highest-speed turbo model, it's often safer to stick with products that have been on the market for a while. Any problems that may have existed with these offerings are likely to have been corrected by firmware upgrades. If you need the newest features to extend range or meet some unique performance-related application requirement, it may make sense to buy the most recent market entry, but be prepared for troubleshooting.

With the commoditization of basic feature sets, vendors are looking for ways to differentiate, mostly in terms of speed or transmission range. You might be able to find a few 802.11b offerings in dusty boxes on the bottom shelf, but the most common entry point is 802.11g, which offers data rates up to 54 Mbps and effective throughput of slightly more than 20 Mbps. If your primary application calls for sharing a DSL or cable modem connection that delivers a few megabits per second of throughput on a good day, even 802.11g is overkill. However, if you're using the wireless network to support local I/O-intensive applications--perhaps a local e-mail server installed in a remote office--selecting a product that goes beyond existing standards to offer higher performance might justify the added cost.

Some vendors get beyond 54 Mbps by employing proprietary features enabled by the major wireless chipset providers--Airgo, Atheros Communications or Broadcom. Each does an effective job of squeezing more performance out of its systems, albeit in different ways. Airgo's MIMO offerings are the best path to high performance, but only if you're using Airgo interfaces on both ends. If you are using a Centrino notebook to connect to an Airgo AP, the performance benefit is much more modest.While performance may be overhyped by vendors, transmission range is a more legitimate concern for SOHO users. Most enterprises are accustomed to installing lots of APs, but in SOHO environments you'd like to provide full coverage from a single AP. The quality of the client makes as much difference in effective range as the AP or gateway. For example, the latest group of Centrino notebook computers offers much better range than embedded wireless solutions that shipped two years ago. But if that's not enough, several options let you eke out an extra few feet of coverage from your gateway. For a summary of these alternative strategies, see "Extending Range" on page 88.

Although 802.11g is in the market sweet spot, dual-band gateways supporting 802.11g and 802.11a make sense for some environments. Probably the most popular situation would be in multitenant environments where there's significant congestion in the 2.4-GHz band. 802.11 is quite robust in dealing with co-channel interference, but in some cases, implementing 802.11a may make sense, especially as more notebook computers come equipped with 802.11a interfaces. In addition, 802.11a provides immunity from microwave oven and cordless phone interference, and its relative obscurity makes it less of a target for hackers.

Mobile Mania and Best Practices

Enterprise IT administrators have mixed feelings about the spread of wireless. Although they understand the technology's obvious benefits, they also realize that improper installation can lead to gaping security holes.

Many of these security vulnerabilities go hand in hand with the trend toward mobile computing. It's not just a home computing problem; it also relates to use of notebook computers in hotel rooms, airports, coffee shops and any public network location. And these challenges are not unique to Wi-Fi. Wi-Fi may be the hottest wireless technology, but the same concerns apply to 2.5G and 3G and, in the future, to new technologies like WiMAX. Every organization must adopt measures to protect mobile computing devices--including personal firewalls, antivirus software and spyware blockers--and establish policies concerning the physical loss or theft of devices where sensitive data files reside. The balancing act is to implement a mobile security model that encourages at-home and on-the-road job productivity without being an excessive burden to IT support staff.Deploying sophisticated enterprise-class wireless security appliances instead of consumer-grade wireless gateways may make sense for many organizations, even though the costs are substantially higher. But give careful consideration to the policies and procedures required to ensure a user experience that's both safe and satisfying. Good technology is only one piece of the puzzle; good practice is the other.

Dave Molta is a Network Computing senior technology editor. He is also assistant dean for technology at the School of Information Studies and director of the Center for Emerging Network Technologies at Syracuse University. Write to him at [email protected].

Before buying wireless router gateway products:

1) Remember that newer products provide more advanced enterprise-class features, but at a significant cost premium.

2) If you need leading-edge features, be prepared for troubleshooting and interoperability problems.3) Supporting 802.11a may help overcome interference problems as long as client systems are compatible.

4) Develop policies and procedures to protect mobile computing assets.

5) Consider installing custom antennas or newer MIMO gateways to increase range.

For details and prices on specific systems, use our Interactive Buyer's Guide charts.

In an enterprise WLAN deployment, maximizing the coverage of each AP (access point) isn't always desirable. That's because 802.11's CSMA (carrier sense multiple access) architecture requires that client devices share the medium, contending for fair access. Thus, larger coverage cells translate into more users contending for a limited amount of bandwidth, so per-user bandwidth is diminished. This problem is particularly acute in high-density user environments. Best practice for enterprise wireless design now favors denser AP deployments, reducing the number of users per cell and increasing per-user bandwidth.In a SOHO environment, however, user density is usually quite low, so extending the coverage range of a single AP doesn't typically lead to increased contention and an adverse performance impact. Put a different way, you'll want to install a system that can cover your entire home or office with a single AP. Unlike product offerings of years past, this is usually possible, but it may take some planning.

In general, we've found that a single wireless gateway, positioned centrally, can provide full coverage in a typical 2,000-square-foot home or office. However, it may be impractical to position the gateway in an optimal location because you usually install the device near your cable modem or DSL termination device. In such a case, or in a situation where a larger structure must be covered, you may need to extend the range of your wireless gateway.

The easiest way to do this is to install high-gain antennas, provided your gateway has antenna jacks that allow for replacement. The Federal Communications Commission has relaxed rules in recent years regarding use of external antennas, but it's still a good idea to check on the manufacturer's Web site to see if third-party antennas are supported. Most wireless gateways come with integrated antennas that provide about 2 decibels of gain. By upgrading to a 6-dBi antenna for $30 to $40, you can increase your effective transmission range significantly. Most of the larger SOHO vendors offer such antennas, which are also available through third parties, such as Hawking Technologies.

If you'd like to increase range without looking to high-gain antennas, consider products that are designed with extended range in mind. For example, several vendors now offer products based on Airgo Networks' True MIMO technology. MIMO uses multiple radios and antennas in combination with advanced signal processing to not only increase performance, but also provide significant improvements in range, especially when Airgo-compliant wireless interfaces are used on both the gateway and the client device.

Another alternative worth considering is intelligent beam-forming antenna technology from Video54, implemented in Netgear's RangeMax product line. Beam-forming antenna arrays have been available in high-end network gear, but this is the first time such technology has been available in low-cost wireless products. In our testing, we've found that RangeMax provides significant increases in effective transmission range.0

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
More Insights