Find the perfect gift for the grad in your life with Graduation gifts that connects us from AT&T.
Get superfast AT&T Fiber internet
levdor11's profile

3 Messages

Friday, February 9th, 2024 7:27 PM

Is Guest Wifi network as robust and secure as the main wifi network?

I'm using a BGW320-500 modem. I've come to understand that all my connected smart home devices are creating a security vulnerabilty.  Instead of moving all my 30+ smart home devices to the Guest network does it make sense to simply move my laptop and phone to the Guest network? Is the Guest Wifi network equally fast, secure, etc. as the main wifi network?

ACE - Expert

 • 

24.5K Messages

3 months ago

Some routers isolate the Guest network to keep it separate from the primary network so that it communicates only with the internet but not any other devices. The primary and IoT WiFi networks allow them to communicate with any network. That's why, with my router (which is not AT&T's gateway) I don't bother with the IoT network and put my IoT devices on the renamed Guest network which has its own SSID and pw separate from my primary network. I don't know what AT&T's gateway do but I would suspect that they don't isolate the Guest Network.

Former Employee

 • 

22.4K Messages

3 months ago

Guest fast as main, not normally… Guest is 2.4Ghz only which can travel a longer distance with less interference passing through objects such as walls as the main Wi-Fi is dual band 2.4Ghz b/g/n and 5ghz n/ac and 6Ghz ax. The higher the frequencies the faster the speed but at a shorter distance thus more interference from more objects the signal has to pass through and the density of the materials.

The guest network is also isolated from the main network, think a doctors office that has business devices on main network and allows a guest network that cannot connect to the main devices. For home usage the guest network can perform well for family, friends, children visiting, etc however the total bandwidth is combined for one pot, cannot have 300 for main and separate 300 for guest it is 300 max that is reduced by total devices and their usage at any point in time. Example someone watching 4K streaming using 25M is 25 from the 300 regardless if on the main or guest network.

ACE - Expert

 • 

24.5K Messages

3 months ago

@my thoughts  All I know is that all of our IoT devices work just fine with no hiccups, and the same for the primary network as far as WiFi goes. The big bandwidth hogs, both of our HTS's are completely wired, which is different, but we can be watching 4k HDR on both systems at the same time, have our laptops and phones connected to WiFi (primary network) and the Ring cameras (which are on the Guest network) working just fine. What is a bit odd though is that one of our IoT devices, which is not used that often, is connected at 5GHz to the Guest network 🤷‍♂️.

3 Messages

3 months ago

While I appreciate the responses, can anyone out there speak specifically to AT&T's BGW320-500 modem's configuration of the primary and Guest wifi?

1. Is the Guest Wifi network equally fast, secure, etc. as the primary wifi network? 

2. If all my 25+ smart home devices are currently connected to my primary wifi network, is there any reason why I cannot simply connect my sensitive data devices (phone, computer, etc.) to the Guest wifi network?

Thank you.

Tutor

 • 

65 Messages

3 months ago

I would get a second router and separate the IoT devices completely.   We call them (Edited per community guidelines) devices.   I don't use them in my house or corporate network.  

(edited)

ACE - Expert

 • 

24.5K Messages

3 months ago

AT&T gateways leave a lot to be desired. If their Guest Network is 2.4GHz only, which a lot Guest Networks are, then no, it won't be as fast as the 5GHz network. It probably is as secure if you assign it a new SSID and pw that is different from your Primary but as far as isolating it from your Primary, I doubt it. Your best security would be to use a second router that you know isolates Guest from Primary/IoT and then just use the Guest for your IoT to keep it separted from your Primary and don't even bother with the IoT option. 

(edited)

Tutor

 • 

65 Messages

3 months ago

To add to my previous post. 


It is a Gateway Router that supports AT&T infrastructure.   I disabled what the call a firewall, more like a packet filter.  It is in pass through mode.  It is not a firewall solution.   I installed a Fortinet 60E firewall years ago.   I put Fortinet 221-C and 231-F wireless access points in our home for Secured Wifi.   They cover 2.4, 5 and 6 GHz.   They connect to interfaces on the 60E.  FortiOS handled the security policies.  I spend probably $1500 and $400+ a year for HW/SW support.   I have two WAN, AT&T and Comcast on SD-WAN, I have 5 LAN subnets, and two interfaces for the WAPs.   For most home users,  the gateway and Windows/Linux firewalls are sufficient.   IoT devices don't get security upgrades and can be vectors for attacks.   I would have isolated it on its own SSID and interface that is outbound only.   No access to any other interface.  

ACE - Expert

 • 

24.5K Messages

3 months ago

That's fine. But the complexity and cost is above what most posters here want to spend or even understand how to configure and maintain. Any setup is subject to attack if the attacker is intent on breaking in and has the skills/tools to do so. For most users, just having a router that can isolate the Guest from the Primary, setting them up with different SSIDs/PWs, and a firewall will thwart most garden-variety attacks. And, if your router offers an additional paid security layer that's an additional factor that can be used for minimal cost. IP Passthrough mode on the AT&T gateways is the best way to connect an additional router if you want to use it in Router Mode because the AT&T gateways do not offer Bridge Mode as an option.

Tutor

 • 

65 Messages

3 months ago

Basic packet filtering will be attacked.  The Fortinet does IPS, DoS, etc.  It is much hardware to get through it.  I have yet seen AT&T, WoW or Comcrap provide better paid solutions.   Pfsense/Netgate has consumer based firewalls starting at $189.   Users on this forum recommend them.  

ACE - Expert

 • 

24.5K Messages

3 months ago

Fortinet is a cybersecurity company in California so they should offer a robust security product. Pfsense/Netgate is also pretty good but are a bit much for the average home user to configure properly and maintain. I don't depend on my ISP to offer robust security. I depend on my router HD/SW. I also don't leave any of our laptops connected to the internet 24x7. 

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.