Wireless Access Points for business networks

Symbol (now Motorolla) has a nice switch based wireless.   Access Ports get all configuration and security from the switch.  If you have multiple AP at a location it allows you to configure, monitor etc from one interface.   It also supports multiple SSID's, HotSpots, Rouge detection, etc.   I believe the base unit is a WS2000.    I think the last time we purchased it was about the same as buying 3 stand alone AP and over 4 was cheaper.

Well, it depends on what security you are using.  If you are using WEP, you have a screen door on your submarine.

You should find a wireless that runs WPA2.  Combine this with a VERY long key.  One good place for secure keys is

www.grc.com/password

What's your system firewall? If you have Sonicwall, for example, give *serious* consideration to using SonicPoints, coz they're centrally managed from the Sonicwall and because traffic from them is treated as a separate firewall zone and access from the WiFi to the rest of your network is controlled by the firewall.

Otherwise, consider the new Zyxel 3160, or their NXC8160 series. The former allows you to control all the access points from a "master" point, so if you need to change the WPA secret, for example, you don't have to do it (and get it RIGHT) on six different points, you do it on one and it pushes the config to the other five.   The NXC8160 takes this a stage further and has a central controller for all your APs. Note these APs also support multiple concurent SSIDs, so you can have a private wireless LAn and a "guest" one, a separate one for sales dept, say - i.e. a wifi scanner will see up to 8 available networks but in fact they're all running off the SAME access points. Having a GUEST network is particularlty useful coz it means you can give a visitor an access key, then change it the next morning without having to tell all your local users what the new key is - coz theirs has not changed!

I am not really looking for managed access points.  Most times I just need a single WAP, on a small domain network <50 computers, in a single building.  The business will have a few laptops and will need for those laptops to connect to the domain on a wireless connection.  There is usually a need to have a guest wireless connection as well, but I usually just use a cheap Linksys Gateway and place it on the outside of the firewall.  This provides just Internet and the security is not a concern.

So back to the WAP need.  I will research the cost for each of your recommendations.  Is WPA2 the best encryption to use?  Is it hackable?  I have always wanted to try and hack the WEP key on my Linksys router.  Are there tools out there that will allow me to try and do this?

WEP can be easily compromised because there's too much "known" data being sent using the (comparatively short) key. This provides crptos with their beloved "crib", and from then to knowing the key is just a matter of CPU cycles. Modern PCs have lots of those!

WPA is much harder to crack, irrespective of key length (though longer will always be harder) because the key you use is NOT what is used to encode the traffic - rather, the key you provide is used ONLY for the devices to negotiate the ACTUAL data key that is used to encrypt the payload. Then after a couple of hours they generate a new pair. And again. So the main payload encryption uses a computer generated (so not prone to human weakness) code which is changed every hour or so. The key you put in is used ONLY for that conversation which does not provide nearly enough data to feed into the cracking machinery.