Data input (WAN-port)
Methods for connecting to the Internet (or other external network, such as in
bridge mode) supported by the device.
The classic, most common version of such a connection nowadays is
LAN (Ethernet), but this is not limited to this. A wired connection can also be made via
ADSL or
SFP fiber, and wirelessly via mobile networks (using a
SIM card,
SIM card 5G or an external modem for
3G or
4G), as well as via Wi-Fi. Here is a more detailed description of each option:
— Ethernet (RJ45). Classic wired connection via a network cable via an RJ-45 connector. Also known as "LAN", although this designation is not entirely correct. Nowadays, it is one of the most common methods of wired Internet connection, and is also widely used in local networks. This is due to the fact that the speed of Ethernet is actually limited only by the capabilities of network controllers; at the same time, even the simplest modules support up to 100 Mbps, and in advanced equipment this value can reach 10 Gbps.
— ADSL. A technology primarily used for wired Internet connections over existing landline telephone lines. This is its main advantage — you can use ready-made lines without fiddling with laying numerous addi
...tional wires; at the same time, ADSL works independently of telephone calls and does not interfere with them. At the same time, the speed of such a connection is noticeably lower than via Ethernet — even in advanced equipment it does not exceed 24 Mbps. In addition, ADSL traffic is distributed asymmetrically: full speed is achieved only when working for reception, data transmission speed is much lower, which creates problems for video communication and some other tasks. So nowadays, ADSL is gradually being replaced by more advanced standards, although the complete disappearance of this technology is still far away.
— Wi-Fi. Connect to an external data source via Wi-Fi. By definition, this format of operation is used by Wi-Fi adapters (see "Device type"), as well as by most MESH equipment. (However, if the MESH system package includes both nodes and the main control device for them, then the WAN input can be specified for the control device, and often this is not Wi-Fi). Also, this type of data input can be provided in other types of equipment — in particular, routers and access points (for example, to work in bridge or repeater mode).
— 3G modem (USB). Internet connection via 3G mobile network using a separate external modem connected to the USB port. Most often, we are talking about UMTS networks (the development of GSM mobile communications), the most common in Europe and the post-Soviet space; however, it may also be possible to use modems for CDMA networks (EV-DO technology). These nuances, as well as compatibility with specific modem models, need to be clarified separately. However, anyway, 3G may be a good option for situations where a wired Internet connection is difficult or impossible, such as in the private sector. In addition, some Wi-Fi devices with this feature are equipped with autonomous power supplies and can even be used on the go. The data transfer speed of 3G is close to broadband wired connection (from 2 to 70 Mbps with a normal signal, depending on the specific technology); however, it is less than in 4G networks (see below), but 3G coverage is more extensive, and equipment for this standard is cheaper.
— 4G (LTE) modem (USB). Internet connection via 4G mobile network (LTE) using a separate external modem connected to the USB port. The main features are similar to the 3G connection described above, adjusted for the fact that in this case more advanced fourth-generation networks are used. The data transfer rate in such networks reaches about 150 Mbps; they are not as widespread as 3G-connection, but soon we can expect a change in the situation. In addition, it should be noted that in Europe and the post-Soviet space, LTE networks are usually deployed on the basis of 3G UMTS and GSM networks; so in the absence of full-fledged 4G coverage, modems for such networks can work according to the 3G and even GSM standard.
— SIM card. Connecting to the Internet via a mobile network using a mobile operator's SIM card installed directly in the device. The specific type of supported networks depends both on the capabilities of the router and on the conditions of a particular mobile operator; however, all such equipment is compatible with at least 3G networks, and often 4G as well. The features of these networks are described in detail above (you can also read about the advantages of a mobile Internet connection there). This option is convenient because it allows you to do without a separate USB modem — you just need to purchase a SIM card, the cost of which is negligible. In addition, the use of "sim cards" has a positive effect on compactness and ease of carrying. On the other hand, the built-in mobile communication module significantly affects the overall cost — and you will have to pay for it anyway (whereas a model with support for external modems does not have to be bought immediately with a modem, such devices usually allow wired connection). Therefore, you should pay attention to this option if you initially plan to connect to the Internet through mobile networks.
- SIM card (5G). The ability to operate Wi-Fi equipment in high-speed 5G mobile networks with a peak bandwidth of up to 20 Gbps for reception and up to 10 Gbps for data transmission. Implemented via a SIM card with appropriate 5G support. This standard reduces power consumption compared to previous versions, and it also uses a number of complex solutions aimed at improving the reliability and overall quality of communication - in particular, multi-element antenna arrays (Massive MIMO) and beamforming technologies (Beamforming).
— SFP (optics). Connection via fiber optic cable of the SFP standard. Such a connection can be carried out at high speeds (measured in gigabytes per second), and the fiber, unlike the Ethernet cable, is practically insensitive to external interference. On the other hand, the support of this standard is not cheap, and its capabilities are unnecessary for domestic use. Therefore, SFP is found mainly in professional-level Wi-Fi devices.Indoors range
The range of the device's Wi-Fi module when used indoors, including through walls.
This indicator is, by definition, less than the range in open space (see below), but it is closer to reality: Wi-Fi equipment is most often used in rooms where the signal has to deal with various obstacles. However note that the figures stated in the characteristics are rather arbitrary: in fact, the communication range will directly depend on the number and type of obstacles, the congestion of the air with signals from third-party electronics, as well as the capabilities of Wi-Fi modules in devices “on the other side of the channel”. However, the difference in claimed range usually corresponds to the difference in the actual range, so it is quite possible to compare different devices by this characteristic.
Also, this information allows you to evaluate the range in open areas (if it is not claimed in the characteristics): usually, this radius is at least twice the claimed range indoors.
Outdoors range
The range of the Wi-Fi connection when the device is operating outdoors is in an open area where the signal does not need to overcome obstacles in the form of walls and other foreign objects. In other words, we are talking about the communication range within the line of sight. This parameter can be useful not only when installed outdoors, but also, for example, in a large office space. However, do not forget that the practical range may be somewhat less, because. it also depends on the capabilities of the connected devices and the level of interference.
Also note that according to these data, it is possible to estimate the range of action in the room, if for some reason this information is not indicated in the characteristics. On average, this radius is 2-4 times less than the outdoor range, and for maximum guarantee it is worth taking a factor of 4: for example, for a reliable connection at a distance of 10 m, it is desirable to have a device with a range in open areas of at least 40 m.
Safety standards
— WPA. An encryption protocol created as a temporary solution to the most critical vulnerabilities of the WEP described below. It uses a more advanced encryption algorithm, as well as the transmission of passwords in encrypted form. However, the reliability of this standard also turned out to be insufficient, so an improved version, WPA2, was developed.
— WEP. Historically, the first encryption protocol used in wireless networks. It uses encryption from 64-bit to 256-bit, the latter option is considered strong in itself, however, the standard's own vulnerabilities allow a specialist to hack such a communication channel without much difficulty. As a result, WEP is completely obsolete, its support is provided mainly for compatibility with the simplest equipment (especially since it is technically easy to provide this support).
— WPA2. The most popular security standard in modern Wi-Fi equipment. At one time, it became an important update to the original WPA: in particular, the AES CCMP algorithm was introduced into WPA2, which is extremely difficult to crack. Over time, however, some vulnerabilities were identified in this protocol, which led to the development of a more advanced WPA3; however, WPA3 is just beginning to be massively implemented, and in most Wi-Fi devices, WPA2 remains the most advanced standard.
It is worth noting two nuances. First, WPA2 is available in two versions — personal and corporate; in this case, we are talking about pers
...onal, corporate options are placed in paragraph "802.1x". Secondly, support for this standard is guaranteed to also be compatible with WEP and original WPA.
— WPA3. A fundamental improvement to WPA2, introduced in 2018, addressing weaknesses identified in WPA2 in the 14 years since it went live. This standard introduced four key innovations:
- Improved security for public networks. Unlike its predecessor, WPA3 encrypts the traffic between the gadget and the router / access point, even if the network is public and does not require a password.
- Protection against the KRACK vulnerability, which allowed hacking the WPA2 communication channel at the time the connection was established. The SAE algorithm is responsible for this protection — more advanced than the previously used PSK. In particular, when establishing a connection via SAE, both devices are considered equal (in PSK, the receiver and transmitter were clearly defined) — this does not allow an attacker to “wedge” between devices using KRACK methods.
- Easy Connect feature — simplifies connection to Wi-Fi networks for devices that do not have displays (in particular, smart home components). Each of these devices will have a QR code on the body, and to connect to the network, it will be enough to scan this code using a smartphone / tablet already connected to this network. However this function is not directly related to WPA3, WPA2 is sufficient for its operation; however, mass adoption of Easy Connect should be expected at the same time as WPA3.
- Improved encryption algorithms for sensitive data, suitable even for government agencies and defense enterprises. However, this feature is relevant mainly for the corporate version of WPA3 — and support for this version is indicated as "802.1x" (see below, in this case we are talking mainly about the personal version of this standard).
In many devices, upgrading from WPA2 to WPA3 can be done in software by installing a new firmware version. However, if support for this protocol is important to you, it is best to choose equipment where such support is initially provided. Also note that the presence of WPA3 is almost guaranteed to also be compatible with WPA2.
— 802.1x. In this case, it implies support for corporate security standards — most often the corresponding versions of the WPA2 protocols, in new devices also WPA3. For example, if the specifications indicate "802.1x" in addition to "WPA3", then this means that this model supports both personal and corporate versions of WPA3. As for the differences between similar versions, one of them is the support for a separate authentication server in corporate protocols. In other words, when using this function, data on accounts and access rights are stored separately from Wi-Fi equipment, on a special secure server, and it is this server that in each case checks the data of the connected equipment and decides whether to allow or deny access.