Setting Up a Small Business Network: What You Actually Need

The components of a small business network

A small business network has four components, and understanding what each one does helps you make better purchasing decisions rather than just buying whatever the salesperson recommends.

Modem: Connects your office to the internet via your ISP (internet service provider). Usually provided by your ISP as part of your service. Some ISPs provide a modem/router combo; if so, it may be worth replacing with separate dedicated hardware for better performance and control.

Router: Manages the flow of traffic between devices on your network and the internet. This is where your network’s security and performance are primarily determined. For a business, use a business-grade router, not a $40 consumer model.

Switch: Expands the number of wired connections available. A router typically has 4 wired ports; a switch adds 8, 16, or 24 more. For offices with desktop computers, servers, printers, or other fixed devices, a switch is often needed.

Wireless access points (WAPs): Provide Wi-Fi coverage. Some routers include a built-in WAP; for larger spaces or better coverage, dedicated access points provide more reliable and faster wireless coverage than a router’s built-in radio.

Recommended hardware for a 5–15 person office

For most small offices, you need three things:

1. Business-grade router: Ubiquiti UniFi, Cisco Meraki Go, or pfSense on a Protectli device. Budget $150–400. These provide better security, more configuration options, and more reliable performance than consumer routers.

2. Unmanaged switch: If you have more than 4 wired devices, a simple unmanaged switch from Netgear or TP-Link ($30–80 for an 8-port model) is sufficient for most small offices.

3. Wireless access point(s): One access point covers roughly 1,500–2,500 sq ft in an open office. For larger or multi-room spaces, add access points rather than using range extenders (which reduce speed). Ubiquiti UniFi access points ($100–180 each) are the gold standard for small business.

The configuration decisions that matter

Separate guest Wi-Fi from business Wi-Fi. Customers or visitors connecting to your guest network should not be on the same network as your business devices. Most business routers support VLAN or guest network isolation built-in.

Use WPA3 (or WPA2) encryption. Set a strong password for your Wi-Fi. Not “businessname2019.”

Change default admin credentials on every device. Router default credentials (admin/admin, admin/password) are publicly known. Change them immediately on setup.