Wireless network devices

There are two types of wireless devices for the home wireless user, the traditional wireless router and the WiFi system. The two types are very similar in that they both have a router built-in and are used to connect devices to the internet. The built-in router is a switch that has multiple ports for plugging in Ethernet cables to wire devices. The WiFi systems are very similar to the older wireless router that most people are familiar with. However, there are a few distinct differences. The first is the price of the WiFi system; they cost quite a bit more than a standard router. Second is the range they offer which qualifies as extended range, and thirdly they are multipart systems, utilizing two or more pieces of hardware. When shopping for premium wireless routers, the price is about the same.

The Asus ROG 5300 AC wireless router supports Wi-Fi systems.

The Asus ROG AC5300 is a monolithic router that supports whole home WiFi mesh systems priced at $399.99.

Wi-Fi system

WiFi systems use mesh network topology that extends the range of the wireless network by hopping from one device node to the next device node until reaching the central router node, connecting to the modem or gateway. Spreading the devices around and across an area can provide a solid signal to all areas covered. Satelite placement is essential to a WiFi systems overall performance. Place your first hop or device in the wrong spot can cause the mesh network performance to be compromised. Even in a perfect setup, the furthest node would see some performance degradation due to the distance and number of hops the data must make to get to the primary node. Mesh network systems tend to cost a bit more than a standard single wireless router design, primarily because at least two devices come with it as a kit, and many come with three or more. Manufacturers price WiFi devices higher due to the technologies potential for better overall performance.

The main benefit of mesh networks is that they can improve home wireless network range without adding additional SSIDs, such as when using a repeater with standard wireless systems. However, placement is critical to good performance, and most homes are not set up for wireless network performance. The wireless signals degrade like a traditional wireless router as you extend from the primary router. However, with WiFi system mesh networks, the signal strength can be maintained by adding more satellites. Too many satellites or improperly placed satellites and your wireless devices will spend a lot of time switching between them as you move around the covered space, degrading performance.

Wireless router

The classic monolithic, all-in-one wireless router still has the same design for many years. The main visual difference is the number of antennas, lack of antennas, or size. Some wireless routers include types of technology proprietary to the manufacturer, such as the active antennas of the Netgear X8 pictured. Modern high-end wireless routers effectively cover a large area and have served their purpose well. Technology will evolve the traditional wireless router into something like a mesh network. Manufacturers produce products that extend their wireless network without committing to a complete kit or brand.

The Netgear Nighthawk AX8 RAX80-100NAS wireless router provides excellent wireless coverage, but at a steep price of $399.99 list.

The Netgear AX8 is a monolithic wireless router that provides excellent performance and wireless coverage, priced at $399.99.

Wireless network security

Secure your wireless network; there is no good reason not to. Why share your expensive internet connection with someone you don't know, and more importantly, you have no control over what they do. Suppose a wireless router left at the default settings is connected to the internet. In that case, a bad actor can use any common user name and password combination to access your router settings. Someone could easily lock you out of your wireless router and block you from using your internet. It is fixable by resetting the router, but it is easier to prevent it by changing the password. Not securing your wireless network is asking for trouble. If the police were to show up, they would want to speak with the person who pays for the internet service before figuring out who committed the crime. That could be potentially embarrassing, so take a moment and secure your wireless router today.

Wireless routers of any type or brand are very easy to secure.

Router passwords

The router password is not the same as your wireless password. The router password secures the hardware device from being accessed and re-configured. The wireless network password connects the router to your device, laptop, or computer. The wireless network connection allows for access to the internet and blocks others from accessing your network or using your internet.

Wireless router configuration

Most new routers' firmware is pretty intelligent. Your system can be pretty secure by following the directions for the initial setup. Be sure to make the router password different from the wireless network password. Manufactures have been printing connection information on devices now for some time; this information includes the default service set identifier (SSID) and wireless network password. The SSID is the broadcast network name for identification. Having your wireless network information printed on the router is helpful, and after resetting the device, it can save a lot of headaches. It may be convenient. However, PCMD recommends changing the wireless network SSID and the wireless password.

One of the easiest ways to secure your wireless router is to follow the built-in step-by-step browser-based configuration tools used by most routers today. An alternative for older or less expensive routers would be to use the configuration disk that comes with the wireless router. DVD/CD ROM drives are being phased out and eventually unavailable with new computers. Disk configuration will likely become a thing of the past if it has not already. When setting up your router for the first time, it is easiest to connect your device using an Ethernet cable and then open a browser and follow the steps. One issue with this is that wireless routers come with only one cable. Therefore, if you do not have a second Ethernet cable, you must turn the unit on wait for all the lights, and then use the default SSID and wireless network settings printed on the device to connect to it. For many changing the wireless settings when connected wirelessly can be a challenge and therefore stick with the manufactures default SSID and wireless network password. That is fine. Just be sure at the very least to change the default router password.

Firmware

Another crucial step is to update the device's firmware. Firmware is the code that makes the device work, and manufacturers make changes that can improve the security or functionality of the device. Using out-of-date firmware can cause odd issues and possibly leave your wireless connection and network vulnerable to attack. Firmware updates are usually handled automatically during setup. If the firmware does not force the update, do not skip updating the firmware during setup. As time goes by, it is essential to sign in to your router and check for firmware updates since they are not automatic.

WiFi Protected Access (WPA)

The best security choice at this time is WiFi protected access or WPA2 personal encryption using a strong password. WPA3 is the latest WIFI security encryption. Routers have made it available, but compatibility with older hardware is questionable. When using WPA3, be sure to test all of your older equipment and, if possible, use only WPA3 rated hardware. This wireless communication technology encrypts the communication between your devices and the wireless router. It is also the password used to keep others out. New routers have rules to follow when creating their password to help strengthen security. It is best to choose a password you can type and remember. Just make it at least twelve characters long with random keys like capitals or symbols. The password does not need to be full of random characters, but the more random it is, the longer the password, the safer it is.

Before securing your wireless network with WPA2 personal encryption, ensure all your hardware supports WPA2. It is not an issue for newer hardware and need not be concerned. However, if you have older hardware, one may select WPA (WiFi Protected Access) and TKIP (Temporal Key Integrity Protocol) encryption, allowing older and newer devices to connect to your network. Using TKIP is a trade-off with security strength and connectivity, but it is better than not using the older device wirelessly. The much older WEP (Wired Equivalent Privacy) en cry ti on should not be considered at all.

In general, any encryption is better than an open network. However, cracking encryption is a matter of money. If a person has access to password cracking tools and a powerful computer, it can be tough to prevent from being hacked by them. One online company based out of Russia sells a product that claims to hack a WPA2 wireless password in minutes. Mind you, the program costs $1800.00, and you need multiple $900.00 video cards to do it quickly. They also sell a more expensive product that can use up to 100 Amazon servers.

Connecting to your wireless network SSID

Wireless networks broadcast a name used to identify them. It is called the service set identifier or SSID. When looking to connect to a network, the SSIDs or network names in the list are all available networks in your area. The SSID is how you find and identify your wireless network so you can connect to it. When setting up your wireless router, you need to choose an SSID, this can be any name, so it is best when setting up your home network to select a name that is easy for you to remember, and be sure to only connect to that wireless network SSID.

It is best not to pick an SSID that could identify you personally in any way. It offers no absolute security. It is just a means to make it harder for an attacker to know whom they are attacking. There is also an option to hide or not broadcast an SSID. It is not worth setting up since simple tools can be downloaded to find and locate hidden networks, reveal the SSID, and even show the general direction from their wireless network location. So, do not hide your SSID since you are only hiding it from yourself.

When connecting to your wireless router, you may see many names of wireless systems you could join with, however only connect with your wireless network. The other names in the list are different wireless SSIDs of neighbors, and they may be secured so you can't connect, while others may be unsecured, allowing you to join. Free internet is tempting, but don't do it unless you know the person and trust them.

Guest account setup

When setting up a guest account, select the option to keep the networks separate unless you have a good reason not to. The phrasing varies between wireless router manufacturers, so look for network isolation, wireless isolation, AP isolation, or enable routing between unchecked zones. You are keeping the guest account separate which means that your guests will not be able to access your computers. An example of the need to isolate the guest network would be your kids are giving out the password to anyone and everyone, potentially exposing your computers.

Wireless SSIDs are broadcst everywhere even more so in the city.

Wireless networks keep us connected.

More security settings

Other settings can help secure your wireless router. Some are there to simplify setup, and others are there to streamline access. In general, all settings that make connecting devices or accessing the router easier are best turned off or disabled. The most common security risks are UPnP and remote access.

Universal Plug in Play (UPNP)

UPnP is a way to simplify networked device discovery, and having it enabled does allow for easy device configuration. However, that ease comes at the cost of increased vulnerability to outside attacks. It has become commonplace for manufacturers to misconfigure universal plug-in-play exposing all users of their hardware and UPnP technology to a higher level of risk. Therefore universal plug-in-play should only be turned on if you know you need it; otherwise, in general, you should turn off UPnP.

Remote Access

There are very few reasons for a home user to need to configure a router remotely, but if you do, use remote access by all means. However, it is best to turn off remote access from a security standpoint. Manufacturers try to make things easy for the end user and create security risks that cannot be avoided if a feature is used. So, rather than find out the hard way, a manufacturer has poorly configured remote access, disable it.

Protect your network with internet filters

How do you prevent your internet users from going to sites you deem inappropriate? Over the years, there have been many different approaches to this problem, and one way is to use internet filters such as OpenDNS, which homes and businesses can use. To note, PCMD is not affiliated with OpenDNS. They provide a beneficial service that anyone can use to help secure their computers while browsing the Internet.

When properly configured, all traffic goes through OpenDNS servers. OpenDNS is easy to set up and can be pretty effective at preventing access to sites you do not want people to visit. The service has several real-world benefits, such as avoiding typosquatting. Typosquatting is when malicious websites have names just slightly different from those typed. Internet filters can provide easy and quick block filters for any number of categories. Category examples would be gambling, guns, pornography, and many more. The downside to using internet filters like OpenDNS is that OpenDNS knows every website request you make since all traffic flows through their servers. For some, that may not be acceptable. Some routers are even pre-configured for OpenDNS to make it easier to set up.