Product type
General device type. Nowadays, in addition to the
routers familiar to many (both regular and
gaming), you can find
ADSL routers,
access points(including
directional ones),
MESH systems,
Wi-Fi adapters,
Wi-Fi amplifiers and even
satellite Internet terminals on the market. Here is a detailed description of these types of equipment:
— Router. Devices known to many as the most popular means of wireless Internet access. However, the use of such electronics is not limited to this — it can also be used to create local networks and for some other, more specific purposes. On the technical side, a router is an access point to a wireless network that supports NAT mode; for more details about this mode, see "Functions and Capabilities", here we note that it is thanks to NAT that it is possible to access the Internet from several computers / gadgets at once, working through one provider account.
— Gaming router. A variation of the routers described above, optimized for use in online games. The features of such devices are support for the latest communication standards, high connection speed with a minimum of lags, as well as the availability of special tools and funct
...ions (game traffic priority, connection accelerators, integration with gaming services or even certain online games, etc.). The specific functionality of a gaming router may be different, but if you strive for maximum speed and comfort in online games, it makes sense to choose a device from this category.
— ADSL modem/router. Wireless routers (see above) that provide Internet access through ADSL technology. The key benefit of this technology is that it allows the use of existing telephone networks without the hassle of running wires; at the same time, the Internet and telephone communication work independently and do not interfere with each other. On the other hand, such a connection is inferior to wired Ethernet in terms of speed and functionality (for more details, see "Data input (WAN-port)"); therefore, nowadays, ADSL is gradually “departing from the stage”, and there is not much equipment for this technology on the market.
— Access point. Devices intended mainly for use as a kind of "adapter" between wired networks and wireless devices, as well as for connecting individual network segments to each other via a wireless channel. The fundamental difference between such devices and routers (see above) is the absence of the NAT function (see "Functions and Capabilities") — thus, each wireless device connected to the access point transmits its own IP address to the network. A typical example of a network based on such equipment is a common router for connecting to the Internet, plus several access points located in key locations and connected to the router by wire.
— Directed access point. A variation of the access points described above, in which the coverage area has a clear direction. Simply put, the signal from such a device does not diverge uniformly in all directions, but in a certain direction, in the form of a beam or sector. Such equipment has two main areas of application. The first is situations when the access point needs to be installed not in the centre, but on the edge of the overlapped zone — for example, in the corner of the room. In this case, the directional design allows you to concentrate almost all the transmitter power in the working area, without wasting it on "unnecessary" directions. The second use case is wireless communication over long distances, for example, between networks in different buildings in bridge mode (see "Features"); in some directional access points, the communication range reaches 10 km. Of course, for such communication, the device on the other side of the wireless channel must also have the appropriate range, so the easiest way in such cases is to use two access points with the same characteristics.
— MESH system. Equipment for building wireless networks in MESH format. The idea of this format is to use numerous compact and relatively low-power wireless transceivers that can interact with each other in a coordinated manner. In this way, you can block a significant area (up to a small city), providing a reliable connection at any point in the coverage area. This happens as follows: a laptop, smartphone or other Wi-Fi gadget interacts with the nearest node of the MESH network, then the data is transmitted to the main router or access point wirelessly, along the chain between the nodes. In this case, the so-called dynamic routing is used: the network itself determines the optimal data transfer path and automatically changes this path when the user moves between individual nodes.
Actually, dynamic routing is the key difference between MESH devices and more traditional Wi-Fi amplifiers. At the same time, the work is carried out in a “seamless” format: when switching from one node to another, the connection is not lost and network functions that require a stable connection (downloads, watching videos, online games, authorization sessions) are not interrupted. In other words, the user does not notice switching between individual nodes at all. In addition, this format of operation allows you to maintain a stable connection speed (whereas the use of traditional amplifiers, especially in the form of chains, significantly reduces the speed). Thus, a MESH network can be an excellent solution for situations where a set of several Wi-Fi amplifiers is needed — from a private house on 2-3 floors to office and industrial complexes, and even urban areas. At the same time, equipment for such networks can be sold in sets of several units (up to 8); see "Included" for details.
— Wi-Fi adapter. Adapters for connecting to Wi-Fi networks designed for desktop PCs and other equipment that does not initially have built-in Wi-Fi modules. Such equipment can be both external and internal — see "Interfaces (for adapters)" for details. Also note here that buying a Wi-Fi adapter can be a good alternative to a wired connection — especially if the router is located far away and it would be inconvenient to pull the wire.
— Wi-Fi booster. Devices designed to amplify the Wi-Fi signal from an existing router or access point. They allow you to expand the coverage area, get rid of "dead zones", as well as improve the overall quality of communication and make the signal more stable. This type of device differs from MESH equipment (see above), which has a similar purpose, in the absence of dynamic routing (Wi-Fi amplifiers are designed to work directly with the router, in extreme cases, via a fixed chain), as well as the impossibility of seamless operation (the amplifier is visible as separate network — see "Features — Repeater Mode" for details). In addition, connecting through such a device can significantly reduce the speed. On the other hand, Wi-Fi amplifiers are much cheaper than nodes in MESH systems. So this particular type of equipment may be the best option for simple domestic use, when you only need to slightly expand the existing coverage and there is no need to build an extensive network with many equivalent connection points.
— Satellite Internet (Starlink). Terminals for accessing the World Wide Web via satellite communications. The infrastructure of such systems usually consists of low-orbit satellites in space, a network of base stations on the ground, and client terminals directly for receiving signals and distributing the Internet. The monopolist in this area is Elon Musk’s company SpaceX with its Starlink terminals.
With the introduction of satellite systems into mass use, it became possible to provide high-speed Internet access in places where this was previously impossible due to the lack or poor development of traditional methods of data transmission. At the same time, such Internet will come in handy during regular power outages and far from electrical civilization. The main thing is to power the client terminal. Among the disadvantages of the technology, the high cost of equipment and the high monthly fee for using satellite Internet services (compared to a traditional cable connection or using mobile access to the global network) are noted.Data input (WAN-port)
Methods for connecting to the Internet (or other external network, such as in
bridge mode) supported by the device.
The classic, most common version of such a connection nowadays is
LAN (Ethernet), but this is not limited to this. A wired connection can also be made via
ADSL or
SFP fiber, and wirelessly via mobile networks (using a
SIM card,
SIM card 5G or an external modem for
3G or
4G), as well as via Wi-Fi. Here is a more detailed description of each option:
— Ethernet (RJ45). Classic wired connection via a network cable via an RJ-45 connector. Also known as "LAN", although this designation is not entirely correct. Nowadays, it is one of the most common methods of wired Internet connection, and is also widely used in local networks. This is due to the fact that the speed of Ethernet is actually limited only by the capabilities of network controllers; at the same time, even the simplest modules support up to 100 Mbps, and in advanced equipment this value can reach 10 Gbps.
— ADSL. A technology primarily used for wired Internet connections over existing landline telephone lines. This is its main advantage — you can use ready-made lines without fiddling with laying numerous addi
...tional wires; at the same time, ADSL works independently of telephone calls and does not interfere with them. At the same time, the speed of such a connection is noticeably lower than via Ethernet — even in advanced equipment it does not exceed 24 Mbps. In addition, ADSL traffic is distributed asymmetrically: full speed is achieved only when working for reception, data transmission speed is much lower, which creates problems for video communication and some other tasks. So nowadays, ADSL is gradually being replaced by more advanced standards, although the complete disappearance of this technology is still far away.
— Wi-Fi. Connect to an external data source via Wi-Fi. By definition, this format of operation is used by Wi-Fi adapters (see "Device type"), as well as by most MESH equipment. (However, if the MESH system package includes both nodes and the main control device for them, then the WAN input can be specified for the control device, and often this is not Wi-Fi). Also, this type of data input can be provided in other types of equipment — in particular, routers and access points (for example, to work in bridge or repeater mode).
— 3G modem (USB). Internet connection via 3G mobile network using a separate external modem connected to the USB port. Most often, we are talking about UMTS networks (the development of GSM mobile communications), the most common in Europe and the post-Soviet space; however, it may also be possible to use modems for CDMA networks (EV-DO technology). These nuances, as well as compatibility with specific modem models, need to be clarified separately. However, anyway, 3G may be a good option for situations where a wired Internet connection is difficult or impossible, such as in the private sector. In addition, some Wi-Fi devices with this feature are equipped with autonomous power supplies and can even be used on the go. The data transfer speed of 3G is close to broadband wired connection (from 2 to 70 Mbps with a normal signal, depending on the specific technology); however, it is less than in 4G networks (see below), but 3G coverage is more extensive, and equipment for this standard is cheaper.
— 4G (LTE) modem (USB). Internet connection via 4G mobile network (LTE) using a separate external modem connected to the USB port. The main features are similar to the 3G connection described above, adjusted for the fact that in this case more advanced fourth-generation networks are used. The data transfer rate in such networks reaches about 150 Mbps; they are not as widespread as 3G-connection, but soon we can expect a change in the situation. In addition, it should be noted that in Europe and the post-Soviet space, LTE networks are usually deployed on the basis of 3G UMTS and GSM networks; so in the absence of full-fledged 4G coverage, modems for such networks can work according to the 3G and even GSM standard.
— SIM card. Connecting to the Internet via a mobile network using a mobile operator's SIM card installed directly in the device. The specific type of supported networks depends both on the capabilities of the router and on the conditions of a particular mobile operator; however, all such equipment is compatible with at least 3G networks, and often 4G as well. The features of these networks are described in detail above (you can also read about the advantages of a mobile Internet connection there). This option is convenient because it allows you to do without a separate USB modem — you just need to purchase a SIM card, the cost of which is negligible. In addition, the use of "sim cards" has a positive effect on compactness and ease of carrying. On the other hand, the built-in mobile communication module significantly affects the overall cost — and you will have to pay for it anyway (whereas a model with support for external modems does not have to be bought immediately with a modem, such devices usually allow wired connection). Therefore, you should pay attention to this option if you initially plan to connect to the Internet through mobile networks.
- SIM card (5G). The ability to operate Wi-Fi equipment in high-speed 5G mobile networks with a peak bandwidth of up to 20 Gbps for reception and up to 10 Gbps for data transmission. Implemented via a SIM card with appropriate 5G support. This standard reduces power consumption compared to previous versions, and it also uses a number of complex solutions aimed at improving the reliability and overall quality of communication - in particular, multi-element antenna arrays (Massive MIMO) and beamforming technologies (Beamforming).
— SFP (optics). Connection via fiber optic cable of the SFP standard. Such a connection can be carried out at high speeds (measured in gigabytes per second), and the fiber, unlike the Ethernet cable, is practically insensitive to external interference. On the other hand, the support of this standard is not cheap, and its capabilities are unnecessary for domestic use. Therefore, SFP is found mainly in professional-level Wi-Fi devices.Wi-Fi standards
Wi-Fi standards supported by the equipment. Nowadays, in addition to modern standards
Wi-Fi 4 (802.11n),
Wi-Fi 5 (802.11ac),
Wi-Fi 6 (802.11ax)(its variation
Wi-Fi 6E),
Wi-Fi 7 (802.11be) and
WiGig (802.11ad), you can meet also support for earlier versions —
Wi-Fi 3 (802.11g) and even Wi-Fi 1 (802.11b). Here is a more detailed description of each of these versions:
— Wi-Fi 3 (802.11g). An outdated standard, like Wi-Fi 1 (802.11b), which has sunk into oblivion. It was widely used before the advent of Wi-Fi 4, nowadays it is used mainly as an addition to newer versions — in particular, in order to ensure compatibility with outdated and low-cost equipment. Operates at a frequency of 2.4 GHz, the maximum data transfer rate is 54 Mbps.
— Wi-Fi 4 (802.11n). The first of the common standards that supports the frequency of 5 GHz; can operate in this range or in the classic 2.4 GHz. It is worth emphasizing that some models of Wi-Fi equipment for this standard use only 5 GHz, which is why they are incompatible with earlier versions of Wi-Fi. The maximum speed for Wi-Fi 4 is 600 Mbps; in modern wireless devices, this standard is very popular, only recently it began to be squeezed into this position by Wi-Fi 5.
— Wi-Fi 5
...(802.11ac). The successor to Wi-Fi 4, which finally moved to the 5 GHz band, which had a positive effect on the reliability of the connection and data transfer rate: it is up to 1.69 Gbps per antenna and up to 6.77 Gbps in general. In addition, this is the first version to fully implement Beamforming technology (for more details, see "Functions and Capabilities").
— Wi-Fi 6, Wi-Fi 6E (802.11ax). The development of Wi-Fi 5, which introduced both an increase in speed to 10 Gbps, and a number of important improvements in the format of work. One of the most important innovations is the use of an extensive frequency range — from 1 to 7 GHz; this, in particular, allows you to automatically select the least loaded frequency band, which has a positive effect on the speed and reliability of the connection. At the same time, Wi-Fi 6 devices are capable of operating at classic frequencies of 2.4 GHz and 5 GHz, and a modification of the Wi-Fi 6E standard is capable of operating at frequencies from 5.9 to 7 GHz, it is generally accepted that devices with Wi-Fi 6E support operate on frequency of 6 GHz, while there is full compatibility with earlier standards. In addition, some improvements were introduced in this version regarding the simultaneous operation of several devices on one channel, in particular, we are talking about OFDMA technology. Thanks to this, Wi-Fi 6 gives the smallest of modern standards a drop in speed when the air is loaded, and the modification of Wi-Fi 6E operating at a frequency of 6 GHz has the least amount of interference.
— Wi-Fi 7 (802.11be). This Wi-Fi standard began to be implemented in 2023. Thanks to the use of 4096-QAM modulation, a maximum theoretical data rate of up to 46 Gb / s can be squeezed out of it. Wi-Fi 7 supports three frequency bands: 2.4 GHz, 5 GHz and 6 GHz. The maximum bandwidth in the standard has been increased from 160 MHz to 320 MHz - the wider the channel, the more data it can transmit overnight. Among the interesting innovations in Wi-Fi 7, the development of MLO (Multi-Link Operation) is noted - with its help, connected devices exchange data using several channels and frequency bands simultaneously, which is especially important for VR and online games. The Multiple Resource Unit technology is designed to minimize communication delays when there are many connected client devices. The new 16x16 MIMO protocol is also aimed at increasing throughput with a large number of simultaneous connections, doubling the number of spatial streams compared to the previous Wi-Fi 6 standard.
WiGig (802.11ad). Wi-Fi standard using an operating frequency of 60 GHz; data transfer rates can be up to 10 Gbps (depending on the specific version of WiGig). The 60 GHz channel is much less loaded than the more popular 2.4 GHz and 5 GHz, which has a positive effect on the reliability of data transmission and reduces latency; the latter is especially important in games and some other special tasks. On the other hand, the increase in frequency has significantly reduced the connection range (for more details, see "Frequency range"), so that in fact this standard is only suitable for communication within the same room.
Note that in fact, the data transfer rate is usually much lower than the theoretical maximum — especially when several Wi-Fi devices operate on the same channel. Also note that different standards are backwards compatible with each other (with a speed limit according to the slower one) provided that the frequencies match: for example, 802.11ac can work with 802.11n, but not with 802.11g.Number of antennas
The total number of antennas (of all types — see below) provided in the design of the device.
In modern Wi-Fi equipment, this indicator can be different: in addition to the simplest devices with 1 antenna, there are models where this number is
2,
3,
4 and even
more. The point of using multiple antennas is twofold. Firstly, if there are several external devices per antenna, they have to share the bandwidth among themselves, and the actual communication speed for each subscriber drops accordingly. Secondly, such a design may also be required when communicating with one external device — to work with MU-MIMO technology (see below), which allows you to fully realize the capabilities of modern Wi-Fi standards.
Anyway, more antennas, usually, means a more advanced and functional device. On the other hand, this parameter significantly affects the cost; so specifically looking for equipment with numerous antennas makes sense mainly when the speed and stability of communication are critical.
Note that antennas intended for mobile communications may also be considered in this clause. So when choosing a model with support for mobile networks, it's ok to clarify this point.
2.4 GHz antennas
The total number of antennas in the router that are responsible for communication in the 2.4 GHz band. For details about the number of antennas, see "Total antennas", about the range — "Frequency range".
Outdoors range
The range of the Wi-Fi connection when the device is operating outdoors is in an open area where the signal does not need to overcome obstacles in the form of walls and other foreign objects. In other words, we are talking about the communication range within the line of sight. This parameter can be useful not only when installed outdoors, but also, for example, in a large office space. However, do not forget that the practical range may be somewhat less, because. it also depends on the capabilities of the connected devices and the level of interference.
Also note that according to these data, it is possible to estimate the range of action in the room, if for some reason this information is not indicated in the characteristics. On average, this radius is 2-4 times less than the outdoor range, and for maximum guarantee it is worth taking a factor of 4: for example, for a reliable connection at a distance of 10 m, it is desirable to have a device with a range in open areas of at least 40 m.
Transmitter power
Rated power of the Wi-Fi transmitter used in the device. If multiple bands are supported (see “Ranges of operation”) the power for different frequencies may be different, for such cases the maximum value is indicated here.
The total transmitting power provided by the device directly depends on this parameter. This power can be calculated by adding the transmitter power and the antenna gain (see above): for example, a 20 dBm transmitter coupled with a 5 dBi antenna results in a total power of 25 dBm (in the main antenna coverage area). For simple domestic use (for example, buying a router in a small apartment), such details are not required, but in the professional field it often becomes necessary to use wireless devices of a strictly defined power. Detailed recommendations on this matter for different situations can be found in special sources, but here we note that the total value of 26 dBm or more allows the device to be classified as equipment
with a powerful transmitter. At the same time, such capabilities are not always required in fact: excessive power can create a lot of interference both for surrounding devices and for the transmitter itself (especially in urban and other similar conditions), as well as degrade the quality of the connection with low-power electronics. And for effective communication over a long distance, both the equipment itself and external devices must have the appropriate power (which is far from alway
...s achievable). So, when choosing, you should not chase the maximum number of decibels, but take into account the recommendations for a particular case; in addition, a Wi-Fi amplifier or MESH system often turns out to be a good alternative to a powerful transmitter.Features
The main functions and capabilities implemented in the device.
This category mainly includes the most key functions — namely
load balancing (Dual WAN),
channel reservation,
Link Aggregation,
Bluetooth(various versions, including
Bluetooth v 5),
voice assistant, NAT,
MESH modes,
bridge,
repeater,
Beamforming function ,
firewall (Firewall) and
CLI (Telnet). Here is a more detailed description of each of these items:
— Dual WAN. Possibility of simultaneous connection to two external networks. Most often used for simultaneous work with two Internet connections (although other options are possible); at the same time, there are two main modes of operation with such connections — redundancy (Failover / Failback) and balancing (Load Balance). So, in backup mode, the device constantly uses the main channel to connect to the Internet, and in case of failures on this channel, it automatically switches to a fallback option. In balancing mode, both channels are used simultaneously, while the load between them is distributed either automatically (depending on the traff
...ic consumption of a particular device) or manually (clearly specified in the settings for specific devices). This allows, for example, to separate the channel for online games from the rest of the connection, minimizing lags and increasing efficiency.
— Link Aggregation. A function that allows you to combine several parallel physical communication channels into one logical one — to increase the speed and reliability of the connection. Simply put, with Link Aggregation, a device can be connected to another device not with one cable, but with two or even more at once. The increase in speed in this case occurs due to the summation of the throughput of all physical channels; however, the total speed may be less than the sum of the speeds — on the other hand, combining several relatively slow connectors is often cheaper than using equipment with a more advanced single interface. And the increase in reliability is carried out, firstly, by distributing the total load over individual physical channels, and secondly, by means of "hot" redundancy: the failure of one port or cable can reduce the speed, but does not lead to a complete disconnection, and when the channel is restored, the channel is switched on automatically.
— Bluetooth. The device supports Bluetooth wireless technology. The meaning of this function will depend on the format of the equipment operation (see "Device type"). For example, adapters with this capability allow you to supplement your PC not only with Wi-Fi, but also with Bluetooth support — thanks to this, you can get by with one adapter instead of two. And in routers and access points, this feature allows external devices to access the Internet (or local area network) over a Bluetooth connection instead of Wi-Fi. This format of work allows you to unload the Wi-Fi channel and reduce the power consumption of connected devices; this is especially important for smart home components and other IoT devices, some routers/access points expressly state that Bluetooth is intended mainly for such electronics. Other ways of using this technology, more specific, may be envisaged; however, this is rare.
— Voice assistant. Device support for a particular voice assistant. The most common options are (individually or together):
- Amazon Alexa
- Google Assistant
The specific functionality of these assistants can be clarified from special sources (especially since it is constantly being optimized and expanded). Here we note that in the case of Wi-Fi equipment, we are usually not talking about an assistant built into the device itself, but about improved compatibility with smartphones and other gadgets that have the corresponding assistant installed. Such functionality can be especially useful given that modern voice assistants are also used to control smart home components. Communication with such control is often carried out just through a home router or other similar equipment, and the support of such equipment for voice assistants greatly simplifies setup and expands the capabilities of the entire system.
— NAT (Network Address Translation). A function that allows Wi-Fi equipment, when working with an external network (for example, the Internet), to replace the IP addresses of all computers and other devices connected to this equipment with one common IP address. In other words, a network with such a router is seen "from the outside" as one device, with one common IP. The most popular use of NAT is to connect several subscribers to the Internet (for example, all computers and gadgets within a home or office) through one provider account. At the same time, the number of such subscribers within the network is limited only by the capabilities of the router and can be freely changed; this will not affect access to the World Wide Web (whereas without using NAT, one would have to organize a separate account for each device). NAT support is a mandatory feature for routers (see "Device type").
— Bridge mode. Possibility of operation of the equipment in the bridge mode. This mode allows you to wirelessly connect individual network segments to each other — for example, to combine two floors if it is difficult to lay a cable between them. However, communication over longer distances is also possible — in some directional access points (see "Device type"), created mainly for just such an application, the range can exceed 20 km. Actually, this mode supports most access points (both directional and conventional), but it is also popular in other types of equipment, in particular, routers.
Note that to work in bridge mode, it is best to use the same type of device — this guarantees high-quality communication in both directions. It is also worth mentioning that in addition to the two-way point-to-point mode, there is also equipment with support for multi-way bridges (“point-to-multipoint”); the availability of such a possibility should be clarified separately.
— Repeater mode. An operating mode in which the equipment only repeats the Wi-Fi signal from another device, playing the role of a repeater. The main function of this function is to expand Wi-Fi networks, providing access where the main device (for example, a router) does not reach. A classic example of repeaters is Wi-Fi amplifiers (see "Device type"), they have this mode by definition; however, it is also found in other types of Wi-Fi equipment. The exception is MESH systems that have similar specifics, but differ in the format of work. See below for more information about this format, but here we note that networks with repeaters are in many ways inferior to MESH in terms of practical capabilities. Firstly, the signals from the main equipment and from the repeater are seen as separate Wi-Fi networks, and when moving between them, subscriber devices must reconnect; this can happen automatically, but disconnections and network changes still cause inconvenience. Secondly, working through a repeater significantly reduces the speed of Wi-Fi. Thirdly, the repeater operates according to a strictly fixed, pre-established routing scheme. On the other hand, access points with a repeater function are much cheaper than MESH nodes, and the mentioned drawbacks are far from always critical.
— MESH mode. Ability to operate the device as a MESH network node. By definition, all MESH systems have this feature, but it can be provided in other types of equipment. A detailed description of networks of this type is given in the paragraph “Device type — MESH system”. Here we will briefly describe their features and the difference between this mode and the repeater mode (see above), which has a largely similar purpose.
MESH technology allows you to create a single wireless network using many separate nodes (access points) connected to each other via Wi-Fi. In this case, the so-called seamless mode of operation is implemented: the entire network is seen as a single whole, switching between access points, if necessary, occurs automatically, in such cases the connection is not broken and the user does not notice the transition to another network node at all. This is one of the key differences from using repeaters. Another difference is dynamic routing: MESH network nodes automatically determine the optimal signal traversal mode. Due to this, as well as due to some other features of this technology, the presence of "intermediaries" on the signal path practically does not affect the communication speed (unlike the same repeaters). The main disadvantage of equipment with this function can be called a relatively high cost.
— Beamforming. A technology that allows you to amplify the Wi-Fi signal in the direction where the receiving device is located (instead of broadcasting this signal in all directions or in a wide sector, as is the case in normal mode). Narrowing the radiation pattern allows you to send more power towards the receiver, thus increasing the range and communication efficiency; while the position of the receiving device is determined automatically, the user does not need to deal with additional settings. And many models of Wi-Fi equipment are capable of amplifying the signal in several directions at once (usually, several antennas are provided for this). At the same time, subscriber devices do not have to support Beamforming — communication improvement is noticeable even with the one-way use of this technology (although not as obvious as with the two-way one).
Also note that the unified Beamforming standards were officially implemented as part of the Wi-Fi 5 specification. However “beamforming” was also used in earlier versions of Wi-Fi, however, different manufacturers used different methods for implementing Beamforming, incompatible with each other. So these days, this feature is almost never found outside of Wi-Fi 5 compatible equipment.
— Firewall. A feature that allows a Wi-Fi device to control traffic passing through it. In fact, the Firewall is a set of software filters: these filters compare data packets with the specified parameters and decide whether or not to pass traffic. In this case, the processing can be carried out according to two rules: “everything that is not expressly prohibited is allowed”, or vice versa, “everything that is not expressly permitted is prohibited”. The main function of a firewall is to protect the network (or individual network segments) from unauthorized access and various attacks. In addition, this function can be used to control user activity — for example, prohibitions on access to certain Internet sites. Note that a firewall can also be implemented at the level of individual devices, but using it on a router allows you to secure the entire network at once.
CLI (Telnet). Ability to control the device via Telnet protocol. This is one of the protocols used today to remotely control network equipment; while Telnet, unlike another popular HTTP standard, does not have a graphical interface and uses only the command line. Such access is used mainly for service purposes — for debugging and changing settings in other text-based protocols (HTTP on web pages, SMTP and POP3 on mail servers, etc.); Telnet requires specialized knowledge.Safety standards
— WPA. An encryption protocol created as a temporary solution to the most critical vulnerabilities of the WEP described below. It uses a more advanced encryption algorithm, as well as the transmission of passwords in encrypted form. However, the reliability of this standard also turned out to be insufficient, so an improved version, WPA2, was developed.
— WEP. Historically, the first encryption protocol used in wireless networks. It uses encryption from 64-bit to 256-bit, the latter option is considered strong in itself, however, the standard's own vulnerabilities allow a specialist to hack such a communication channel without much difficulty. As a result, WEP is completely obsolete, its support is provided mainly for compatibility with the simplest equipment (especially since it is technically easy to provide this support).
— WPA2. The most popular security standard in modern Wi-Fi equipment. At one time, it became an important update to the original WPA: in particular, the AES CCMP algorithm was introduced into WPA2, which is extremely difficult to crack. Over time, however, some vulnerabilities were identified in this protocol, which led to the development of a more advanced WPA3; however, WPA3 is just beginning to be massively implemented, and in most Wi-Fi devices, WPA2 remains the most advanced standard.
It is worth noting two nuances. First, WPA2 is available in two versions — personal and corporate; in this case, we are talking about pers
...onal, corporate options are placed in paragraph "802.1x". Secondly, support for this standard is guaranteed to also be compatible with WEP and original WPA.
— WPA3. A fundamental improvement to WPA2, introduced in 2018, addressing weaknesses identified in WPA2 in the 14 years since it went live. This standard introduced four key innovations:
- Improved security for public networks. Unlike its predecessor, WPA3 encrypts the traffic between the gadget and the router / access point, even if the network is public and does not require a password.
- Protection against the KRACK vulnerability, which allowed hacking the WPA2 communication channel at the time the connection was established. The SAE algorithm is responsible for this protection — more advanced than the previously used PSK. In particular, when establishing a connection via SAE, both devices are considered equal (in PSK, the receiver and transmitter were clearly defined) — this does not allow an attacker to “wedge” between devices using KRACK methods.
- Easy Connect feature — simplifies connection to Wi-Fi networks for devices that do not have displays (in particular, smart home components). Each of these devices will have a QR code on the body, and to connect to the network, it will be enough to scan this code using a smartphone / tablet already connected to this network. However this function is not directly related to WPA3, WPA2 is sufficient for its operation; however, mass adoption of Easy Connect should be expected at the same time as WPA3.
- Improved encryption algorithms for sensitive data, suitable even for government agencies and defense enterprises. However, this feature is relevant mainly for the corporate version of WPA3 — and support for this version is indicated as "802.1x" (see below, in this case we are talking mainly about the personal version of this standard).
In many devices, upgrading from WPA2 to WPA3 can be done in software by installing a new firmware version. However, if support for this protocol is important to you, it is best to choose equipment where such support is initially provided. Also note that the presence of WPA3 is almost guaranteed to also be compatible with WPA2.
— 802.1x. In this case, it implies support for corporate security standards — most often the corresponding versions of the WPA2 protocols, in new devices also WPA3. For example, if the specifications indicate "802.1x" in addition to "WPA3", then this means that this model supports both personal and corporate versions of WPA3. As for the differences between similar versions, one of them is the support for a separate authentication server in corporate protocols. In other words, when using this function, data on accounts and access rights are stored separately from Wi-Fi equipment, on a special secure server, and it is this server that in each case checks the data of the connected equipment and decides whether to allow or deny access.