This document provides guidelines on best practices for configuring EnSky access points, along with guidelines to select the best access point models for particular applications.
Application Guidelines
When should you select 802.11n or 802.11ac wave 1, vs. 802.11ac wave 2 access points?
802.11ac only operates on the 5 GHz band. All EnGenius 802.11ac access points are dual band 2.4 GHz / 5 GHz, utilizing 802.11n on the 2.4 GHz band. In most deployments, dual-band access points are recommended so as to shift all dual-band client devices (including all modern smartphones, tablets, and laptops) to the less crowded and higher capacity 5 GHz band.
802.11ac wave 1 is appropriate for most SMB networks which require good throughput and performance based on signal coverage requirements. EnGenius recommends using 802.11ac wave 1 access points with up to 30-50 simultaneous users per point.
802.11ac wave 2 utilizes a technology called MU-MIMO (multi-user, multiple-input, multiple-output) which is good for very high user capacity environments lectu such as lecture halls, conference centers, houses of worship, and stadiums where a significant number of client devices in the application also support MU-MIMO capabilities. 802.11ac wave 2 is appropriate for environments that typically have more than 50 users per access point.
What’s the difference in MIMO ratings among 2x2:2, 3x3:3, and 4x4:4?
MIMO (Multi-In, Multi-Out) technology in 802.11n and 802.11ac allows for the throughput to be increased by increasing the number of parallel spatial streams connecting a transmitter and a receiver.
Each spatial stream requires its own antenna (positioned out of phase with the other antennas). Thus, a two-stream (2x2:2) device has two antennas per band, a three-stream (3x3:3) device has three antennas per band, and a four-stream (4x4:4) device has four antennas per band. The nomenclature is as follows:
{# transmit radios} x {# receive radios} : {max # spatial streams}
The maximum throughput enhancement is dictated by whichever wireless station (i.e. access point or client device) has the lower number of spatial streams. Thus, to get double the throughput performance, both the AP and the client device must each support 2x2:2. Similarly, to triple the throughput performance requires both the AP and the client device to each support 3x3:3, and to quadruple the throughput performance requires both the AP and the client device to each support 4x4:4.
Whenever there is a mismatch in capabilities, the wireless station with the fewer number of spatial streams dictates the maximum throughput enhancement. As an example, in a situation where a two-stream client device is associated with a three-stream access point, only two of the access point streams are used. That said, a different three-stream client device associated to the same three-stream access point will be able to utilize all three streams for communication.
Most smartphones and tablet devices are only single stream (1x1:1), though higher end smartphones and tablets (e.g. iPhone 6s/6s+, Samsung Galaxy 4) support dual stream (2x2:2) communication. Most modern laptops support two stream (2x2:2), with some higher end laptops supporting three stream (3x3:3). In most SMB environments, a two stream 802.11ac wave 1 access point is appropriate. In environments with higher-end 3x3:3 clients (e.g. schools, offices, etc.), a three stream 802.11ac wave 1 access point is appropriate.
In 802.11ac wave 2, the additional streams are used by the access point to communicate to multiple single stream and dual stream client devices simultaneously with MU-MIMO technology. However, MU-MIMO requires active support and feedback from the client devices, so its applications are currently still limited.
For more information on MU-MIMO, please check out the following blogs at Network Computing:
- How Does MU-MIMO Work?
- A MU-MIMO Reality Check
When should you use directional and/or external antennas?
For MIMO technology in 802.11n and 802.11ac to work properly, the multiple antennas on an access point need to be in precise alignment. Most EnGenius access points come with internal omni-directional antennas where the alignment is fixed.
A few single-band models come with internal directional antennas, which are most appropriate for point-to-(multi)point applications. These models use 2x2:2 MIMO by having the two antennas at opposite polarization. For more information on point-to-(multi)point applications, read the “Deploying a Point-to-(Multi)Point Backhaul Network” white paper.
There are some environments where external antennas are appropriate. The AP models that support external antennas all come with omni-directional dipole antennas, but it is not uncommon in such applications to replace the antennas. In some instances, there may be particular aesthetic or mounting requirements that make it necessary to mount the antenna separately from the access point. More commonly, such access points are used with external directional antennas to extend coverage in a particular direction. Such applications include warehouses, large parking areas, bus depots, truck stops, car dealership lots, and so forth. EnGenius manufactures sector antennas with a 120˚ x 9˚ coverage pattern. These come in 2.4 GHz 2x2:2 (SA2216), 2.4 GHz 3x3:3 (SA2312), 5 GHz 2x2:2 (SA5219), and 5 GHz 3x3:3 (SA5315). Additionally, there are numerous third-party antenna vendors that are compatible with EnGenius access points.
When should you use standalone APs vs. centrally managed APs?
The EnGenius EnSky series utilizes a standalone WLAN architecture, where each AP is configured independently and operates autonomously. This approach is appropriate for point-to-(multi)point networks and for small independent Wi-Fi networks. EnGenius typically recommends the EnSky series for simple, independent networks that require about 5 – 10 access points.
As networks get larger and more complex, however, it is easier to manage and maintain the network from a centralized location. The EnGenius Neutron APs utilize a distributed WLAN architecture, where the AP configurations and statistics are coordinated centrally by a controller, but the operations (including client data handling) are still handled at the AP in order to prevent the controller from becoming a bottleneck in the network. The controller can also be either on the local network (i.e. an EWS switch) or in the cloud remotely utilizing the ezMaster software. EnGenius recommends an on-site EWS controller for independent networks that require up to 50 APs, and the cloud-based ezMaster controller for organizations and managed service providers that operate multiple network sites.
EnGenius AP Models by Application and Capabilities
The following table summarizes the EnGenius AP product line, based on technology generation, MIMO capability, and denotation of models with external antennas as well as models with internal directional antennas.
Technology | Appropriate Venue /
Application | MIMO | EnGenius Electron
(Standalone APs) | EnGenius Neutron
(Centrally Managed) | ||
Indoor | Outdoor | Indoor | Outdoor | |||
802.11n
2.4 GHz only | Budget properties where throughput & performance are not critical | 2x2:2 | EAP300
EAP350
ECB350* | EnStation2†
ENS202†
ENS202EXT*
ENH202†
ENH220EXT* | EWS210AP
EWS300AP
EWS500AP |
|
802.11n
5 GHz only | Point-to-(multi)point applications | 2x2:2 | EnStation5†
ENS500†
ENS500EXT*
ENH500† |
|
|
|
802.11n
dual-band | Budget properties where throughput & performance are not critical | 2x2:2 | EAP600 | ENH710EXT* | EWS310AP
EWS510AP |
|
3x3:3 |
| ENH900EXT* | EWS320AP |
| ||
802.11ac
wave 1
5 GHz only | Point-to-(multi)point applications | 2x2:2 |
| EnStationAC† |
|
|
802.11ac
wave 1
dual-band | Networks driven by coverage and good performance requirements | 2x2:2 | EAP1200H
ECB1200* | ENS1200 | EWS350AP | EWS650AP |
3x3:3 | EAP1750H
ECB1750* | ENS1750
ENH1750EXT* | EWS360AP | EWS660AP
EWS860AP* | ||
802.11ac
wave 2
dual-band | Networks driven by high user capacity & good performance requirements | 2x2:2 |
| ENS620EXT* |
|
|
4x4:4 |
|
| EWS370AP
EWS371AP* | EWS870AP
EWS871AP* |
* Denotes AP models with external antennas
† Denotes AP models with internal directional antennas
2.4 GHz Radio Configuration Setting Best Practices
Parameter | Recommended Setting | Rationale |
Operation Mode | 802.11n | Turn off support for 802.11b/g devices, unless such devices must be explicitly supported on the network. |
Channel HT Mode | 20 MHz | Do not select 20/40 MHz. The use of 40 MHz channels on the 2.4 GHz band does not provide for multiple independent channels in multi-AP deployments. |
Channel Extension | N/A | Not applicable for 20 MHz channels. Channels 1, 6, 11 are the only independent channels on 2.4 GHz. All other channels overlap. |
Channel Mode | Static (1, 6, 11 alternating across neighboring APs) | Static channel settings recommended for optimal performance in multi-AP environments. For EWS, define as “auto” in AP Group and override with a static channel setting per AP |
Power | Select “Lowest” in AP Group, then set by individual AP
· 14 dBm (indoor)
· 17 dBm (outdoor) | Max power not recommended to ensure that weak client devices (e.g. smartphones, tablets) will be able to communicate back to access point. For dual band APs, power level should be at least 6 dB lower on 2.4 GHz band compared to 5 GHz band |
Client limit | 127 (default) | Regulates number of simultaneous associated client devices. Do not change unless advised to do so by EnGenius personnel. |
Data rate | Auto (default) | Regulates speeds at which client devices are allowed to communicate with AP. Do not change unless advised to do so by EnGenius personnel. |
RTS / CTS Threshold | 2346 (default) | Used for backwards compatibility with 802.11b/g devices. Do not change unless advised to do so by EnGenius personnel. |
Aggregation | · Enabled (default)
· 32 packets (default)
· 32000 bytes (default) | Frame aggregation is a feature of 802.11n/ac to achieve higher throughputs. Do not change unless advised to do so by EnGenius personnel. |
5 GHz Radio Configuration Setting Best Practices
Parameter | Recommended Setting | Rationale |
Operation Mode | · 802.11n only (802.11n)
· 802.11n/ac (802.11ac) | Turn off support for 802.11a devices, unless such devices must be explicitly supported on the network. |
Channel HT Mode | · 40 MHz (802.11n)
· 80 MHz (802.11ac) | To maximize throughput, use 40 MHz for 802.11n and 80 MHz for 802.11ac. The use of 160 MHz channels on the 5 GHz band (802.11ac) does not leave enough independent channels available in multi-AP deployments. Note that higher density deployments should use 20 MHz or 40 MHz channels on 5 GHz. |
Channel Extension | Upper channel | Based on standard channel definitions:
802.11n (40 MHz): 36, 44, 52*, 60*, 100*, 108*, 116*,
124*, 132*, 149, 157
802.11ac (80 MHz): 36, 52*, 100*, 116*, 149
* DFS Channel: Some consumer devices may not support |
Channel Mode | Static (alternating across neighboring APs) | Static channel settings recommended for optimal performance in multi-AP environments. For EWS, define as “auto” in AP Group and override with a static channel setting per AP. |
Power | Select “Medium” in AP Group, then set on individual APs
· 20 dBm (indoor)
· 23 dBm (outdoor) | Max power not recommended to ensure that weak client devices (e.g. smartphones, tablets) will be able to communicate back to access point. For dual band APs, power level should be at least 4 dB higher on 5 GHz band as compared to 2.4 GHz band. |
Client limit | 127 (default) | Regulates number of simultaneous associated client devices. Do not change unless advised to do so by EnGenius personnel. |
Data rate | Auto (default) | Regulates speeds at which client devices are allowed to communicate with AP. Do not change unless advised to do so by EnGenius personnel. |
RTS / CTS Threshold | 2346 (default) | Used for backwards compatibility with 802.11a/n devices. Do not change unless advised to do so by EnGenius personnel. |
Aggregation | · Enabled (default)
· 32 packets (default)
· 32000 bytes (default) | Frame aggregation is a feature of 802.11n/ac to achieve higher throughputs. Do not change unless advised to do so by EnGenius personnel. |
SSID and Advanced Configuration Settings Best Practices
Parameter | Recommended Setting | Rationale |
SSID Name | Descriptive name of network with any distinguishing name up front. Use common SSID across all APs in network. | Some smartphone devices truncate SSID names in their display. Same SSID on neighboring APs required for devices to roam from one AP to another |
Hidden SSID | None (i.e. Visible) | Leave disabled. Many client devices cannot
properly connect to a network with a hidden SSID |
Client Isolation | · Yes (public)
· No (private) | Isolate client devices connected to the same SSID on the same access point. Enable for publicly accessible networks to prevent clients from viewing each other. |
L2 Isolation | · Yes (public)
· No (private) | Isolate client devices connected to the same SSID on the same access point. Enable for publicly accessible networks to prevent clients from viewing each other. |
VLAN Isolation | Yes (if more than 1 SSID) | If multiple SSIDs are to be used in the network,
VLANs should be enabled |
VLAN ID | 2 – 4093 | Each SSID should be on a separate VLAN if VLAN
isolation enabled |
Security | · Open (public)
· WPA2-AES Personal
(private / devices)
· WPA2-AES Enterprise (RADIUS) | Public / semi-public networks should not use encryption to facilitate ease of access. WPA2-AES should always be used. Never use WEP or WPATKIP – these security methods are cracked and deprecated, and do not support 802.11n/ac speeds. |
Band Steering | Prefer 5 GHz
Threshold: -80 dBm | Enables all dual-band capable clients to be on the higher throughput and less crowded 5 GHz band. Note, all SSID, VLAN, and security settings on 2.4GHz and 5GHz must match precisely. |
Fast handover /
RSSI Threshold | Disabled | Intended for networks with excellent coverage (> -
67 dBm everywhere) and sticky clients. If enabled, set threshold between -90 dBm to -80 dBm. |
Guest Network | Disabled | Intended for use on single AP networks only. For multi-AP networks, define the guest network as a regular SSID and implement VLANs. |
Other Access Point Configuration Setting Best Practices
Parameter | Recommended Setting | Rationale |
Wi-Fi Protected Setup (WPS) | Disabled | This is a consumer feature intended to easily connect personal devices to private networks. This should always be disabled in any enterprise deployment. |
SNMP | · Name: Location on property
· Location: Property name
· Contact: Network admin web address | SNMP enables users to monitor and maintain access point via third party network management systems. Disable if not being used. If enabled, change default community names and/or SNMPv3 passwords. |
Time Zone | AP time zone and local daylight savings time (DST) settings. Time server: Use “time.nist.gov” or similar. | Required to keep log functionality useful with correct time reference. |
Logging | Enabled | Local logging should always be enabled.
Remote logging should be enabled if network administrator is using a syslog server. |
Password | Change from default | Always change password from default setting |
Background Scanning | Disabled | This periodically scans the environment for beacons from neighboring 3rd party access points. Useful for diagnostics but can add a lot of overhead on busy networks. Recommend that this is disabled for normal operation, and only enabled when attempting to track down external sources of interference. |