What does the AP Isolation setting on routers do?
Description: This technical article will show what AP Isolation is and what it can be used for on home routers. If you own a wireless router, it is possible that under your advanced wireless settings, there is a feature known as Access Point Isolation or AP Isolation. This feature is not typically enabled by default, as it causes computers in the network to be invisible to each other. This can be a good thing under certain circumstances, but in everyday home networking, it is usually a detriment.
The reason why AP Isolation is included on so many routers is that router manufacturers want to make their products usable by both home consumers and small business consumers. In a small business setup, especially when configuring a wireless hotspot for public use, AP Isolation is a rather important feature to enable. It provides an additional layer of security for users of the hotspot by preventing connections between computers in the network. In this sense, each computer is isolated from the others in the network, hence the name AP Isolation.
On a home router, AP Isolation is only really necessary if there are frequently visitors that connect to the wireless network and there is no intra-home networking occurring. For example, if there is a NAS (Network Attached Storage) device connected to the network, it is recommended to disable AP Isolation because if it is enabled, it will prevent the NAS device from communicating with any other devices on the network, thus negating the benefits gained by using a NAS device.
Because most routers provide functionality for a guest network, it is usually recommended to use this feature in a home environment instead of enabling AP Isolation. This way, devices connected to the main network can still communicate with each other, but there is a separate network to which visitors can connect that provides full internet connectivity while separating devices connected to the guest network from devices connected to the main network. Many of these guest networks also have functionality for AP Isolation that can be enabled without affecting the main network. If enabled, visitors connected to the guest network will be unable to see any other computers on either the main or the guest network.
The main reason why AP Isolation is a recommended feature for hotspots and guest networks is because preventing connections between computers will provide an additional layer of security above and beyond the software firewall installed on a user’s computer. If AP Isolation were disabled on a public hotspot, then anyone could connect and begin taking steps to view or gain control of another computer on the network. AP Isolation prevents this and allows each user of the network to be confident that they are safe and secure.