How enterprises create and manage Wi-Fi hotspots

Ensure VPC Security

If you have a private network, you must ensure the security of the network. Do not allow any visitor to use your network. The so-called VPC should also be encrypted through WPA or WPA2 encryption technology. The easy-to-install PSK mode and the enterprise mode both require a RADIUS server (the key or password cannot be given to others ).

Make sure that the hotspot Solution Processes data from the VPC and the public network separately. Some hotspot gateways that support VPC, such as providing a port that can directly access the Internet, and the port is separated from the hotspot. In this way, hotspot users will not affect your network traffic or access your network sharing.

If you put your own gateway together, such as replacing the firmware version, you should consider using VLAN.

Protect hotspot users

In a normal network, such as your VPC, you want to share files with other users in the network. However, in a hotspot environment, I am afraid you do not want other users or even strangers in the hotspot to have the right to access your files or computers. Therefore, it is necessary to block network communication between users in hot spots.

If you are using a hotspot gateway, end-to-end data should have been intercepted. However, if you configure the Gateway by yourself, such as using firmware replacement, you must ensure that the access point or layer-2 separation function is enabled.

Create a Wi-Fi mesh to overwrite large busy areas

If you want to provide wireless Internet in a region that requires several access points, consider installing a wireless mesh network.

An access point is called a mesh node. It is different from a traditional Wi-Fi network and does not need to be powered back to a network route or switch.

At least one mesh node must be connected to the network. These nodes are called Gateway nodes. Other nodes are connected by wireless signals. Data is transmitted from one node to another until the data is sent to the gateway or the last node. The inbound and outbound routes can be changed. The Gateway automatically selects the optimal path.

Because many cabling operations are not required, creating a mesh network is less costly. This type of network is suitable for locations that are vulnerable to the impact of wireless environments because network nodes are prone to network redundancy.

Place the hotspot gateway in the center

Remember, Wi-Fi cannot transmit signals over long distances because the signals are weakened by obstacles. Therefore, you should try to put the hotspot gateway or route in the required coverage area, preferably in the center.

Do not place the gateway in a closed space or in an office. If necessary, you can install new cables or cylinder sieve holes in a better position.

Use the identifier Network Name (SSID)

Different from VPC, you want to let people know where the Wi-Fi signal source is from. Therefore, make sure that the default network name (SSID) has been changed to a recognizable name.

Replace with hotspot-specific firmware: CoovaAP

If your wireless route is supported, you can upload the free CoovaAP firmware to it and convert it into a hotspot gateway. This firmware provides a simple hotspot configuration with a built-in static portal, so you can request to log on, display a disclaimer, display a usage agreement, or request a payment. It also provides bandwidth control to control the bandwidth that users can use. In addition, you can also use its free or paid network hosting service.

Common firmware replacement is supported.

General after-sales firmware projects, such as DD-WRT and Sveasoft, also have hot features. For example, the DD-WRT supports Chillispot, NoCatSplash, and Sputnik. These replace firmware can also provide a large number of other functions, such as a web investigation tool that can view the details of nearby networks, manage QoS settings for network traffic, as well as virtual LAN and several SSID for separating VPC and public network.

Use the Sputnik Service

If you have multiple hotspot control sites, consider using the Sputnik service and apply SputnikNet Express to more basic applications. Both services allow you to customize welcome pages/fly out pages, run local AD, and check basic usage reports and images.

In addition, they provide device authentication, so that non-browser devices (such as WiFi phones and PSP) can access it, while VPC blocks it to separate data. The paid service provides more control, management, and deployment options.

Check 802.1X authentication and WPA/WPA2 enterprise Encryption

If you have any security concerns, you can check the usage of the WPA/WPA2 encryption technology enterprise mode. Unlike the WPA/WPA2 pre-shared key mode, you do not know the real key. They only log on to the network using the username and password according to the 802.1X/PEAP authentication requirements. If you are interested, try the free CoovaAAA service.

If you have an old computer at hand, try zonmcm

If you have an idle computer in your hand, you can turn it into a hotspot gateway. Zonmcm is a Linux-based Real-time CD. It can run on a common computer and is compatible with any wireless route or access point that provides public or private networks.

Intel-enabled computers require only MB of memory, a boot CD-ROM boot, a soft drive or USB drive, and two Ethernet adapters.