The WAN port characterizes the ability of the device to receive a wired signal. There may be models with both one port and
two WAN ports, and in rare cases, more connected providers. Such an expanded number of WAN connectors affects the cost and, accordingly, is found in more part among professional-level routers.
In terms of speed, when choosing a device, the priority is the speed of the output LAN port or Wi-Fi. However, faster WAN ports (
1 Gbps,
2.5 Gbps,
5 Gbps,
10 Gbps) allow you to divide the load on several outputs at once without reducing speed performance, as may be the case with
WAN port 100 Mbps.
The presence
of a removable antenna(or several antennas) in the design of the device.
Only external antennas can be made removable (see "Type of antennas"). This design is especially convenient for storage and transportation: it allows you to remove external equipment, making the device less bulky. In addition, many devices with this feature allow replacement of standard antennas with others (for example, more powerful ones or with a more optimal radiation pattern). Some of these models are even initially sold without antennas — in the expectation that the user will choose them himself, at his discretion; such equipment is not needed for domestic use, but it can be very convenient when selecting high-quality professional equipment. On the other hand, the detachable design reduces the reliability of the antenna mounting, increases the possibility of failures at the connection point, and increases the cost of the device. Therefore, most modern Wi-Fi equipment is still equipped with
fixed antennas.
— WPA. An encryption protocol created as a temporary solution to the most critical vulnerabilities of the WEP described below. It uses a more advanced encryption algorithm, as well as the transmission of passwords in encrypted form. However, the reliability of this standard also turned out to be insufficient, so an improved version, WPA2, was developed.
— WEP. Historically, the first encryption protocol used in wireless networks. It uses encryption from 64-bit to 256-bit, the latter option is considered strong in itself, however, the standard's own vulnerabilities allow a specialist to hack such a communication channel without much difficulty. As a result, WEP is completely obsolete, its support is provided mainly for compatibility with the simplest equipment (especially since it is technically easy to provide this support).
— WPA2. The most popular security standard in modern Wi-Fi equipment. At one time, it became an important update to the original WPA: in particular, the AES CCMP algorithm was introduced into WPA2, which is extremely difficult to crack. Over time, however, some vulnerabilities were identified in this protocol, which led to the development of a more advanced WPA3; however, WPA3 is just beginning to be massively implemented, and in most Wi-Fi devices, WPA2 remains the most advanced standard.
It is worth noting two nuances. First, WPA2 is available in two versions — personal and corporate; in this case, we are talking about pers
...onal, corporate options are placed in paragraph "802.1x". Secondly, support for this standard is guaranteed to also be compatible with WEP and original WPA.
— WPA3. A fundamental improvement to WPA2, introduced in 2018, addressing weaknesses identified in WPA2 in the 14 years since it went live. This standard introduced four key innovations:
- Improved security for public networks. Unlike its predecessor, WPA3 encrypts the traffic between the gadget and the router / access point, even if the network is public and does not require a password.
- Protection against the KRACK vulnerability, which allowed hacking the WPA2 communication channel at the time the connection was established. The SAE algorithm is responsible for this protection — more advanced than the previously used PSK. In particular, when establishing a connection via SAE, both devices are considered equal (in PSK, the receiver and transmitter were clearly defined) — this does not allow an attacker to “wedge” between devices using KRACK methods.
- Easy Connect feature — simplifies connection to Wi-Fi networks for devices that do not have displays (in particular, smart home components). Each of these devices will have a QR code on the body, and to connect to the network, it will be enough to scan this code using a smartphone / tablet already connected to this network. However this function is not directly related to WPA3, WPA2 is sufficient for its operation; however, mass adoption of Easy Connect should be expected at the same time as WPA3.
- Improved encryption algorithms for sensitive data, suitable even for government agencies and defense enterprises. However, this feature is relevant mainly for the corporate version of WPA3 — and support for this version is indicated as "802.1x" (see below, in this case we are talking mainly about the personal version of this standard).
In many devices, upgrading from WPA2 to WPA3 can be done in software by installing a new firmware version. However, if support for this protocol is important to you, it is best to choose equipment where such support is initially provided. Also note that the presence of WPA3 is almost guaranteed to also be compatible with WPA2.
— 802.1x. In this case, it implies support for corporate security standards — most often the corresponding versions of the WPA2 protocols, in new devices also WPA3. For example, if the specifications indicate "802.1x" in addition to "WPA3", then this means that this model supports both personal and corporate versions of WPA3. As for the differences between similar versions, one of them is the support for a separate authentication server in corporate protocols. In other words, when using this function, data on accounts and access rights are stored separately from Wi-Fi equipment, on a special secure server, and it is this server that in each case checks the data of the connected equipment and decides whether to allow or deny access.