WiFi – from a nice-to-have to a requirement

When was your WiFi network deployed? How many users did it have? How many users are there today?

Not so long ago wireless networks were advanced technology, a gimmick. It was deemed high tech to set up an access point for the sales guy, who had the only laptop in company. Today everyone has a laptop and people are expected to wander around the office and work here and there, but always with equal efficiency. Back then it was sufficient to access email and occasionally browse web pages. Today video conferencing and learning videos have bandwidth requirements in a completely different scale. Designing the wireless network has become important. Parts of the design process are the same as in wired networks, but the radio path does bring its own challenges.


Capacity planning is familiar from wired networks. How many users? What kind of applications? What kind of latencies can be tolerated? How much bandwidth? User mobility does bring some uncertainty to these calcaulations. One day they all sit with their laptops in the same room, where there is only a single access point – and no one is happy. Still, all the access points have to be connected to the network and these connections must provide enough bandwidth and preferably have redundant paths. In many offices a single hardware failure can stop all work.

The same security principles can be applied from wired to wireless networks. You can create a few wireless networks (different names a.k.a. SSIDs) and connect these to different VLANs on the wired side. This way you can separate sales, management and R&D to their own virtual networks. Technically slightly more challenging way is to use a single network, authenticate users and forward their data to the proper VLAN on a per user basis. WPA2 Enterprise provides for user based authentication and personalized settings using 802.1X.

The most difficult aspect of WiFi design is the radio path, because you can't see it. How many access points do we need and where? What kind on antennas? Do we have full coverage or are there holes? Is the capacity sufficient?


In the early days access points were expensive, so usually only one was bought and placed in the middle of the office. This worked fine when there were just a few users with no specific requirements for bandwidth or latencies. Today user count is not the right metric, because every user has multiple devices: a laptop, a smartphone and often a tablet. Smartphone battery capacity is very limited, so is their transmit power. You need to have an access point near every phone, so you need to have multiple access points. Multiple access points will interfere with each other unless you turn down their transmit power, typically on par with the lowest powered smartphone (10-15mW). Do not leave all access points on full power, which is usually the factory default.

Managing multiple access points becomes a burden. Consumer grade access points are managed individually, typically through a web interface. Keeping just five access points in synch regarding setting and updates is a chore. Look for some kind of centralized management solution when choosing access points. With a centralized controller you can update settings and apply updates to all access points with a single action.

Upgrading to 802.11ac

802.11ac will yield enormous speed and capacity, but what are the points you need to consider?

First of all, 802.11ac is defined only for 5GHz band, 2.4GHz band will continue to use 802.11n. Higher frequences fade more quickly, so you will need more 5GHz access points, because they need to be closer to each other. The 5GHz band was already in use with 802.11n, so this has usually already been taken care of.

The new speeds in AC use wider channels (80MHz and 160MHz) and more precise modulation (256-QAM). High precision modulation requires very good reception, in practice it requires clear line-of-sight to the access point. You won't get AC-speed if the access point is on the other side of a wall. This is another reason you usually will want more access points when upgrading to AC. You also gain more capacity so the network can support the increasing number of users and their requirements. When you add more access points you need to turn down the transmit power so the access points won't interfere with each other, otherwise adding access points will degrade performance instead.

The third challenge is more technical. AC access point require more electric power. If they have their own power supllies this won't be a problem. If the power is fed through the Ethernet cable from the switch, the switch may need to be upgraded. Only the latest 802.3at (aka PoE+) can feed the power hungry AC access points. The older standard was 802.3af (aka PoE without a plus).

You may need to consider the data bandwidths as well. 802.11n of the today already exceeded the capacity of 100Mbps Ethernet. 802.11ac requires at least gigabit Ethernet connection – the more powerful access points have two Ethernet ports, because at least in theory you may exceed the capacity of one. In any case dual cabling will add redundacy, but will require more switch ports. If you have connected multiple access points to the same switch, you may need to upgrade the uplink to network core as well to avoid bottlenecks.

Affordable enterprise WiFi

Centrally managed Enterprise WiFi doesn’t have to cost an arm and a leg

Wireless networks can be divided roughly into two categories: autonomous access points and managed enterprise networks. The latter used to carry a tenfold price tag and require skilled personnel to run. Today there are lighter weight alternatives for building an enterprise WiFi:

  • Ubiquiti is a U.S. based company specialized in wireless technology. Ubiquiti has kept their costs down for example marketing mainly by word of mouth. UniFi is their WiFi brand.
  • MikroTik is a Latvian company, that has delivered routers and other network equipment for the last 20 years. MikrotTik access points are fully fledged routers with a wireless card – and yet they are one of the lowest cost APs on the market. RouterBoard is MikroTik’s hardware brand.
  • [Edit 8/2018: Discontinued] XClaim is the lighter weight brand of Ruckus, an established U.S. wireless company. Their product line is very compact, but the quality is Ruckus level. For example there are two 802.11ac access points: one for indoor use, the other for outdoor use.

These brands share the price range in a couple of hunder euros, no annual licenses, centralized management and subdued, businesslike design. Centralized management doesn’t require a dedicated controller but runs as an application (that may even fit in your smartphone). A thousand euros will buy equipment to create a good network for a mid-sized office.