Sophos Firewall allows you to create, deploy, and manage wireless networks. You can deploy wireless networks using the built-in access point if you're using a hardware model that includes one. Or you can use a separate Sophos access point.

The firewall supports the latest security and encryption standards to keep your wireless networks secure, including rogue access point scanning and WPA2 (Wi-Fi Protected Access 2). WPA2 is an AES-based (Advanced Encryption Standard) security standard for wireless networks.

Wireless protection allows you to configure and manage access points, wireless networks, and clients in one place. You can also add and manage mesh networks and hotspots.

Separate zone wireless networks

A separate zone wireless network has its subnet completely separate from your LAN network. It allows you to keep both networks segregated and assign different traffic policies to each network. This option provides the most security and flexibility in managing wireless traffic. You should use it for any guest networks or networks where you don't want the wireless devices to communicate with your other LAN networks.

Bridge to AP LAN wireless networks

A bridge to AP LAN network allows you to extend your LAN network across wireless devices. The wireless network devices are assigned IP addresses from the same range as your LAN, and the traffic is controlled by the same policies applied to the LAN network. Additionally, wireless devices will be able to communicate with those on your LAN network. Therefore you shouldn't use this option for wireless networks where you don't want devices to communicate with your LAN network.