Manage wireless networks – Three ways with Sophos

Managing wireless networks in an enterprise is not always easy. But those who rely on Sophos access points know they can benefit from a central management console. However, as is often the case with Sophos, they don’t just offer a solution to fill a need. In exactly the same way, when it comes to wireless, you have three different ways to get a handle on your wireless networks.

In this blog post, I will briefly present the three most current solutions and hope to make your decision a little easier.

1. Sophos UTM + Wireless

The first option requires the Sophos UTM operating system as a foundation. If you want to keep things simple, you can buy a Sophos SG appliance with a Sophos Wireless Protection license. However, if you prefer to use your own hardware or a virtualized version of the UTM, you will need the UTM software with a wireless protection license.

Once you have installed the wireless protection license, you can start using the Sophos access points right away. The following models are supported:

• Older models: AP10, AP30, AP50
• Current models: – AP 15, AP 15c, AP 55, AP 55c, AP 100, AP 100c, AP 100x

2. sophos XG + wireless

When Sophos introduced the XG series with the new in November 2015, it automatically provided another way to manage wireless networks. The Sophos Firewall OS serves as the basis here. Here, too, you either buy a suitable XG appliance from Sophos or rely on your own hardware. However, this then requires the XG software.

The advantage with the XG series is that the wireless license is included for free, unlike the UTM series.

The following access points are supported:

• Older models: AP10, AP30, AP50
• Current models: – AP 15, AP 15c, AP 55, AP 55c, AP 100, AP 100c, AP 100x, APX 120, APX 320, APX 530, APX 740

3. Sophos Central + Wireless

The latest solution of all offers the management of Sophos access points via Sophos Central. We have also presented this solution in a recent blog post. Integration with Sophos Central eliminates the need for an SG or XG appliance. All you need is access to Sophos Central and the corresponding Sophos Wireless license.

With this solution, however, it is important to note that Sophos Central only supports the latest Sophos access points: AP 15, AP 15c, AP 55, AP 55c, AP 100, AP 100c, AP 100x, APX 120, APX 320, APX 530, APX 740.

However, you need the latest firmware on the devices. Thus, if there is no “Sophos Central Ready” label on the packaging and access points, you need to perform some steps. The exact steps are explained in this post under “Prerequisites”.

Conclusion

All three options provide a single point of contact to manage its access points and configure its wireless networks. While the “UTM + Wireless” and “XG + Wireless” are still ahead in terms of feature set at the moment, “Sophos Wireless in Central” will also have reached feature parity by the end of the year (2016). One feature that “Sophos Wireless in Central” currently has ahead of the other solutions is the ingenious wireless scheduler. There you can upload a floor plan of the building and place the access points virtually. Based on the range radius of the respective model, you can find out whether a location offers good coverage even before installation.

Price-wise, of course, it’s a different matter. The cheapest option is certainly variant 2, since no additional “wireless license” has to be purchased. However, if you don’t need a firewall, for example, and only want to manage your access points, you might be better off with the “Sophos Central” solution. In terms of the licensing model, you simply have to be aware there that licensing is per access point.

Now you can decide which solution suits you best. 🙂