Skip to content
Avanet
Managing Wireless Networks – Three Options with Sophos

Managing Wireless Networks – Three Options with Sophos

Managing wireless networks in an enterprise is not always straightforward. Anyone using Sophos access points, however, knows they can benefit from a central management console. As is often the case with Sophos, there is rarely a single way to meet a requirement. The same applies to wireless: there are three different ways to bring your wireless networks under control.

In this blog post I briefly introduce the three most up-to-date solutions and aim to make your decision a little easier.

1. Sophos UTM + Wireless

The first option is based on the Sophos UTM operating system. If you prefer a straightforward approach, the easiest method is to buy a suitable Sophos SG appliance with a Sophos Wireless Protection licence. If you would rather run UTM on your own hardware or as a virtual appliance, you will need the UTM software with a Wireless Protection licence.

Once the Wireless Protection licence has been applied, you can immediately start bringing your Sophos Access Points online. The following models are supported:

  • Older models: AP10, AP30, AP50
  • Current models: AP 15, AP 15c, AP 55, AP 55c, AP 100, AP 100c, AP 100x

2. Sophos XG + Wireless

When Sophos introduced the XG series with the new in November 2015, this automatically created another option for managing wireless networks. Here, the foundation is the Sophos Firewall OS. Again, you can either buy a suitable XG appliance from Sophos or use your own hardware, in which case you will need the XG software.

The advantage of the XG series is that, unlike the UTM series, the wireless licence is included at no additional cost.

The following access points are supported:

3. Sophos Central + Wireless

The most recent option is managing Sophos Access Points via Sophos Central. We also introduced this solution in a recent blog post. Thanks to its integration into Sophos Central, you no longer need an SG or XG appliance. All you require is access to Sophos Central and the corresponding Sophos Wireless licence.

With this option, you must bear in mind that Sophos Central only supports the latest Sophos access points: AP 15, AP 15c, AP 55, AP 55c, AP 100, AP 100c, AP 100x, APX 120, APX 320, APX 530, APX 740.

However, the devices must be running the latest firmware. If there is no “Sophos Central Ready” label on the packaging or the access points themselves, you will need to perform a few additional steps. The exact procedure is explained in this post under ‘Prerequisites’.

Conclusion

All three options provide a central point for managing your access points and configuring your wireless networks. While “UTM + Wireless” and “XG + Wireless” currently still have the edge in terms of features, “Sophos Wireless in Central” is expected to reach feature parity by the end of 2016. One feature that “Sophos Wireless in Central” already offers over the other solutions is the excellent wireless planner. You can upload a floor plan of your building and place access points virtually. Based on the coverage radius of each model, you can determine in advance whether a given location will provide good coverage.

Pricing is, of course, a different matter. Option 2 is certainly the most economical, as there is no need to purchase an additional wireless licence. However, if you do not need a firewall and simply want to manage your access points, the “Sophos Central” solution might be a better fit. Just be aware that its licensing model is based on per access point.

Now it is up to you to decide which solution works best for you. :)

Patrizio

Patrizio

Patrizio is an experienced network specialist focused on Sophos firewalls, switches, and access points. He supports customers and IT teams with configuration, migration, and clean network segmentation.