Today, I’m the fish. Let me explain …
I’m a fan of Sonicwall firewalls, that’s pretty plain to see if you have read much of this blog. And I have been something of a fan of their wireless extensions, the SonicPoint’s and the SonicPoint management built into the firewalls. What really got me going on the SonicPoints was the management and the ability to build “Virtual Access Points”; I really liked those features. But, to be truthful, the actual operation of the SonicPoints has always been somewhat disappointing due to the relatively high number of problems that seem to crop up with them compared to “simpler” devices.
I’ve always been able to mostly tune them up but I’ve hit a wall in the last few weeks that has made me stand back and reassess the use of these things.
We have two installations at two different clients that use multiple SonicPoints. One install uses two of the “dual radio” units (2.4GHz and 5GHz) and the other uses 6 of the regular 2.4GHz units. Both installations are in what could be termed “dirty” RF environments; lots of other radios in the area, lots of congestion, lots of channel overlap. A nightmare environment for the most part in terms of access point configuration in other words. And while I have lots of knobs that I can turn in the management interface, I cannot “tune” the devices to the point where I can make them provide reliable, stable connections to client devices. The maddening thing about all of this is it appears that “cheap”, dumb access points in the same environments CAN provide reliable, stable connections in the same conditions albeit without all of the “security” the SonicPoints provide.
I have looked at other providers and, of course, scoured the ‘Net for answers, and the inescapable conclusion I’m reaching is that SonicPoints are an ongoing source of frustration for many, many users. The idea of combining wireless with firewall-based management and security is a good one in theory but possibly not so great in execution.
I’m also going to admit that planning and successfully executing a multi-access point installation is something of a black art that I have not mastered. You certainly do need the correct tools to perform the site survey (a wifi analyzer on your phone does NOT constitute a site survey …) and you need to use access points that are well understood, well supported/documented and that you know will work with your critical devices (don’t laugh, there are many devices that “clash” with various access points, just ask the vendors of specialized devices like mobile printers to get that particular sob story). Frankly, it is probably worth the extra money to turn to a vendor that specializes in wireless to design and install your multi access point installation and let all of the frustration be theirs and not yours.
In my case I think I’ve got the dual access point install sort of sorted out. And my customer with the bigger installation has been extremely gracious abut the whole thing while deciding that we need to look elsewhere for the critical wireless install in his warehouse (ie Cisco devices and a big wireless installation outfit).
I have relearned an invaluable lesson: concentrate on those things that you are good at and defer to those that are better at the things you are not good at. And when it comes to something that can be as complicated and fraught with tripwires as a large wireless installation, it is best to defer to the experts with the products that work.
Sorry, Sonicwall, but I won’t be doing the SonicPoint dance any further. I love your firewalls but your wireless is no longer on my dance card.