Managing wireless networks in an enterprise is not always easy. But those who rely on Sophos access points know that they can benefit from a central management console. However, as is often the case with Sophos, there is not just one solution available to meet a need. And when it comes to wireless, there are three ways to get your wireless networks under control.

In this blogpost I present the current three solutions and hope to make your decision a little easier.

1. Sophos UTM + Wireless

The first option requires the Sophos UTM operating system as a basis. If you like it simple, buy a suitable Sophos SG Appliance with a Sophos Wireless Protection licence. However, if you prefer to use your own hardware or a virtualized version of UTM, you will need UTM Software with a wireless protection licence.

Once you have installed the Wireless Protection licence, you can start using the Sophos access points right away. The following models are supported:

• Older models: AP10, AP30, AP50
• Current Models: - AP 15, AP 15c, AP 55, AP 55c, AP 100, AP 100c, AP 100x

2. Sophos XG + Wireless

In November 2015, when Sophos launched the XG series with the new Sophos Firewall OS, it automatically added another way to manage wireless networks. This is based on the Sophos Firewall OS. Again, you can either buy a suitable XG Appliance from Sophos or use your own hardware. However, this will require the XG Software.

The advantage of the XG series is that, unlike the UTM series, the wireless license is included free of charge.

The following access points are supported:

• Older models: AP10, AP30, AP50
• Current Models: - AP 15, AP 15c, AP 55, AP 55c, AP 100, AP 100c, AP 100x, APX 120, APX 320, APX 530, APX 740

3. Sophos Central + Wireless

The latest solution of all is to manage Sophos access points via Sophos Central. We also recently introduced this solution in a blog post. The integration with Sophos Central eliminates the need for SG or XG appliances. All you need is access to Sophos Central and the appropriate Sophos Wireless licence.

With this solution, however, it is important to note that Sophos Central only supports the latest access points from Sophos: AP 15, AP 15c, AP 55, AP 55c, AP 100, AP 100c, AP 100x, APX 120, APX 320, APX 530, APX 740

However, you need the latest firmware on the devices. If there is no “Sophos Central Ready” label on the packaging and access points, you will need to follow a few steps. The exact steps are explained in this post under “Requirements’”.

Conclusion

All three of these options provide a simple solution to manage your access points and configure your wireless networks. While the “UTM + Wireless” and “XG + Wireless” are still ahead of the game in terms of functionality at the moment, “Sophos Wireless in Central” will also have reached feature parity by the end of 2016. One feature that “Sophos Wireless in Central” currently has ahead of the other solutions is the ingenious Wireless Planner. There you can upload a floor plan of the building and place the access points virtually. Using the range radius of the respective model, you can find out whether a location offers good coverage even before assembly.

From a price point of view it is of course a different matter. Variant 2 is certainly the cheapest, as there is no need to buy an additional “wireless licence”. But if you don’t need a firewall and only want to manage your access points, you might be better off with the “Sophos Central” solution. In terms of the licensing model, you simply have to be aware that per access point is licensed.

Now you can decide which solution suits you best. :-)