5G introduces new network architectural concepts for Wi-Fi integration with the 5G standalone mobile core (5G SA). The simplified diagram below shows Wi-Fi service integration with the new service-based 5G Core (5GC) introduced in 3GPP release 15 (untrusted Wi-Fi) and 16 (trusted Wi-Fi).
The first thing to observe is that this architecture is radio network (RAN) agnostic since both the Cellular and Wi-Fi access use the same interfaces (N1, N2, and N3).
Furthermore, 5G has adopted an EAP-based authentication framework (EAP-AKA’ or 5G-AKA), similar to Wi-Fi, for user equipment (UE) authentication with the 5G core.
The 5G signaling and user traffic are transported over IPsec tunnels established between the device, aka user equipment (UE), and the gateway functions (N3IWF, TWIF, and TNGF).
The GPRS Tunneling Protocol (GTP) encapsulation creates tunnels for traffic between the gateway functions and the user plane function (UPF), aka packet gateway.
Let’s now examine the new functions for Wi-Fi access (non-3GPP access). Please note that these functions are not the same as physical gateways. In practice, these functions could all reside in the same gateway.
The Non-3GPP Interworking Function (N3IWF) is a crucial component in the 5G architecture that enables seamless connectivity between 5G networks and untrusted non-3GPP networks, such as a Wi-Fi network not trusted by the mobile operator.
The N3IWF is the IPsec tunnel terminating node for 5G, similar to the ePDG in 4G. It is located in the Mobile Core and communicates with the Access and Mobility Management Function (AMF) control plane over the N2 interface. For the data plane, it communicates with the User Plane Function (UPF) over the N3 interface.
Because it works transparently with any Wi-Fi network, it is the gateway of choice for Wi-Fi Calling but can also be used for all types of data traffic.
Key functions include:
The trusted non-3GPP Gateway Function (TNGF) plays a crucial role in integrating trusted non-3GPP networks, such as a Wi-Fi network trusted by the mobile operator, with the 5G Core Network, providing a secure and standardized way to extend 5G services beyond the traditional cellular network.
The TNGF is, for 5G, the equivalent to the Wireless Access Gateway (WAG) used for trusted access to the 4G Core. The TNGF is located in a trusted environment, often the Wi-Fi network, and communicates with the AMF control plane over the N2 interface. For the data plane, it communicates with the User Plane Function (UPF) over the N3 interface.
The device and the TNGF are connected using an IPsec tunnel with null encryption, more about this later. After successful authentication, a TNGF key is established between TNGF and the device, aka user equipment (UE). Another key is derived from the TNGF key and sent to the Wi-Fi Access Point (AP) for Wi-Fi layer-2 security (WPA2/WPA3).
The trusted WLAN Interworking Function (TWIF) is a 5G function for interoperability with legacy devices. This resolves the contingency that some devices may support 5G SIM authentication but do not support 5G NAS signaling over trusted Wi-Fi access. These devices lack the support for the EAP-5G and IKEv2 protocols, meaning they cannot directly communicate with the 5G core network using the N1 interface over Wi-Fi. 3GPP refers to such devices as non-5G-Capable over WLAN (N5CW). The TWIF contains the NAS protocol stack and exchanges NAS messages with the AMF on behalf of these types of devices.
The TWIF is located in a trusted environment, often the Wi-Fi Network, and communicates with the Access and Mobility Management Function (AMF) control plane over the N1 and N2 interface. For the data plane, it communicates with the User Plane Function (UPF) over the N3 interface. Just as in the case of TNGF, the device connects with the TWIF using an IPsec tunnel with NULL encryption.
There are also other 5G network functions in play for Wi-Fi integration, we will mention them briefly here:
For Cellular networks, the N2 and N3 interfaces connect the base station (gNB) with the AMF and UPF. For Wi-Fi, they use the non-3GPP interworking and gateway functions (N3IWF, TNGF, TWIF) to connect with the AMF and UPF.
5G introduces a new principle for non-3GPP access. Multiple non-access stratum (NAS) connections over the N1 interface make simultaneous connections via cellular and Wi-Fi possible. This is a prerequisite for the new ATSSS (Access Traffic Steering, Switching, and Splitting) specification. The same authentication procedures, EAP-AKA′ and 5G-AKA are used for both Cellular and Wi-Fi.
A new protocol, EAP-5G, has been introduced to support NAS messages over Wi-Fi networks through the N1 interface. The IKEv2 protocol is utilized to establish an IPsec SA tunnel between the device and the gateway functions (N3IWF, TNGF, and TWIF). The EAP-5G protocol then encapsulates NAS messages over the IKEv2 protocol.
Another interesting new principle is the use of IPsec SA also for trusted Wi-Fi networks. Why would you want to use an IPsec connection in a secure Wi-Fi network? The IPsec tunnel, with NULL encryption to avoid duplicated encryption, primarily serves for integrity protection and as a consistent framework for both untrusted and trusted Wi-Fi access. Implementations in devices and gateways with dual support for both trusted and untrusted access will be easier to implement.
The N1 is a control plane interface between the device (User Equipment – UE) and the Access and Mobility Management Function (AMF). It handles Non-Access Stratum (NAS) signaling between the UE and the AMF in the 5G Core Network. The AMF is primarily used for authentication and mobility management.
The N1 interface is used both for Cellular and Wi-Fi for 5G-capable devices. Although the N1 signaling passes through the Radio Access Network (RAN), it is transparent to the RAN and is not processed by the intermediate network elements such as the N3IWF and the TNGF.
The N1 interface plays a crucial role in enabling UEs to communicate with the 5G Core Network for various control plane functions, ensuring proper connectivity, mobility, and service access.
These are the main functions N1 enables:
The N2 is the control plane interface between the cellular or Wi-Fi access networks and the 5G Core Network. It carries Next Generation Application Protocol (NGAP) messages between the RAN (cellular and Wi-Fi) and the AMF. NGAP handles the exchange of control information related to the establishment, modification, and release of connections between gNBs and the AMF for cellular and between the gateway functions (N3IWF, TWIF, and TNGF) and the AMF for Wi-Fi.
The N2 interface is crucial for enabling communication and coordination between the radio access network and the 5G core network. It supports a wide range of control plane functions necessary for network operation and management:
The N3 is the data plane interface between the access network and the User Plane Function (UPF) in the 5G Core. The UPF is the packet gateway that transports data to the internet.
As discussed, traffic is delivered to the UPF through tunnels created by GTP encapsulation. Each subscriber will have one or more GTP tunnels, one for each active PDU session. The GTP tunnels are identified by a TEID (Tunnel Endpoint Identifier) in the GTP messages. The GTP tunnel is updated when a user moves between Wi-Fi and cellular networks to maintain session continuity.
The answer is “yes likely,” and there are a few reasons why:
The answer is “maybe,” largely depending on the adoption of the Access Traffic Steering, Switching & Splitting (ATSSS) standard by device manufacturers. Without ATSSS, there is limited incentive to backhaul Wi-Fi offloading traffic to the mobile core. Instead, the industry is expected to continue with local traffic breakout for Wi-Fi offloading and reserve backhauling primarily for Wi-Fi Calling.
However, if widely adopted, ATSSS could provide a compelling reason for operators to backhaul all traffic. Most web applications do not currently support multipath streaming (using both Wi-Fi and cellular connections simultaneously), requiring an aggregation point to merge these streams. The Packet Gateway in the Mobile Core (UPF) is well-positioned to serve this function. Nonetheless, history suggests that many promising 3GPP standards do not achieve widespread deployment. For a deeper dive, see our upcoming post on Will ATSSS Be the Future of Wi-Fi and Cellular Convergence?
Wi-Fi performance isn’t binary—it’s not just “up” or “down.” Most of the time, the network is technically online, but users are still struggling. Calls drop. Apps lag. Connections stall for a few minutes at a time. Those moments might seem minor, but across an organization, they quietly erode productivity, efficiency, and even revenue.
That’s exactly why 7SIGNAL created the Impact Report—a first-of-its-kind analysis that shows, in black and white, how much time your network fails to meet the performance standards you define.
The Only Platform That Counts the Minutes of Poor Performance
7SIGNAL is the only solution that literally counts the minutes when your wired and Wi-Fi networks don’t meet your defined service-level agreements (SLAs). Using data from 7SIGNAL’s sensors and agents, the Impact Report tabulates these “critical minutes”—real, measurable moments when employees or devices experience degraded performance.
These are the minutes when a nurse’s tablet can’t update a patient record, a warehouse scanner drops off the network, or a retail associate can’t process a mobile payment. Each of those moments translates directly into lost productivity and revenue.
In one recent analysis, 7SIGNAL identified 11,700 minutes of poor roaming performance caused by outdated drivers on company laptops. That’s nearly 200 hours of lost productivity over just 30 days—time that could have been fully recovered with a simple driver update, recommended and validated by millions of real-world performance samples from 7SIGNAL’s global adapter-driver database.
Turning Data into Actionable Intelligence
Every Impact Report highlights the locations and devices contributing most to performance loss. In one enterprise, 7SIGNAL pinpointed specific floors with as much as one hour per day of poor coverage, revealing clear targets for optimization.
This visibility allows IT teams to act strategically, prioritizing the spaces and endpoints that impact the most users. Help desk teams can identify affected devices, upgrade drivers, or adjust configurations, all with measurable outcomes.
The Real Cost of Lost Minutes
A few minutes of poor Wi-Fi or network connectivity might sound trivial, but across an enterprise, those minutes multiply fast.
If an organization experiences even three hours of poor Wi-Fi performance per day across its workforce, that’s the equivalent of losing multiple full workdays of productivity each week. Multiply this by the average labor cost per employee, and the resulting financial impact can reach several hundred thousand dollars each month.
The Bottom Line
The 7SIGNAL Impact Report goes beyond traditional network monitoring—it quantifies the business cost of poor network experiences and gives you the insights to fix it. By identifying where and when your service level targets are being missed, it empowers IT leaders to reclaim lost productivity, strengthen operational efficiency, and prove the tangible ROI of network improvements.
Because when every minute counts, eliminating critical minutes isn’t just about better Wi-Fi—it’s about better business.
Marvel Rivals has taken the team-based shooter genre by storm, and with the arrival of Season 5, its popularity shows no signs of slowing down. The game brings iconic heroes, unique abilities, and engaging gameplay to the table. However, one issue that can ruin the experience for players is high ping and lag.
Low Ping Server for Smooth Gameplay
Fortunately, NetEase has introduced a server selector feature to help players find the best connection. Whether you’re in quick matches or competitive mode, you can choose the lowest ping server to ensure a smoother gaming experience.
To help you out, we’ve included a list of Marvel Rivals’ dedicated server locations in this blog post. You can also view these servers in-game, complete with their ping values, from the lobby screen before searching for a match.
The ping values in the screenshot below are based on our location in the UK. The servers with the best connection will differ depending on where you live.
Current Marvel Rivals Server Locations
Compared to other major shooters like Call of Duty or Fortnite, Marvel Rivals doesn’t yet boast an extensive network of servers. While the game’s immense success could lead to more server locations in the future, some players may currently face high ping due to limited options.
Your in-game ping depends on how far your game data needs to travel to reach the server. The farther the distance, the higher your ping will be. This is why the game recommends selecting a server close to your physical location for optimal performance.
Improve your Connection With the Netduma R3
If you’re familiar with Netduma and our gaming routers, like the Netduma R3, you know we specialize in optimizing connections for online games. One standout feature is our Geo-Filter, which allows you to control the servers you connect to, bypassing matchmaking algorithms.
While Marvel Rivals already includes a server selector, you might wonder if the Netduma R3 can still improve your connection. The answer is a resounding yes. The R3 offers additional powerful features to minimize lag, reduce jitter, and stabilize your connection. For a detailed walkthrough, check out our Marvel Rivals lag fix guide here.
Maximize Your Marvel Rivals Experience
Playing on low-ping servers is critical for the best Marvel Rivals gameplay. By using the in-game server selector and tools like the Netduma R3, you can ensure a seamless, lag-free experience.
Explore our feature list and discover how the Netduma R3 can revolutionize your online gaming. Don’t let high ping hold you back from dominating in Marvel Rivals Season 5.
Wireless networks are the lifeblood of the modern workplace. They enable new levels of productivity and business growth, while offering phenomenal user experiences and provide a platform for innovation. But let’s be real—you don’t want to broadcast RF into the void and hope only the right people are listening. At Cisco, we know that wireless security isn’t just about slapping WPA3 on your SSIDs and calling it a day; it demands building a multilayered defense that adapts faster than threat actors can say “evil twin.”
Why the airwaves are a battlefield
Wi-Fi’s broadcast nature is both its superpower and its Achilles’ heel. While your users enjoy seamless roaming, attackers are out there with Python scripts, probing for misconfigurations and setting up rogue APs. Cisco’s two-decades-plus leadership in wireless networking means we’re constantly engineering solutions for high-density, high-stakes scenarios—think healthcare teams serving patients, classrooms streaming lectures, and manufacturing with massive IoT swarms.
The Cisco approach to defeating wireless threat vectors
Here’s how the modern wireless warrior outsmarts the enemy:
Zero-trust onboarding: Because MAC filters are so 2003
Basic MAC filtering isn’t cutting it anymore. It’s far too easy to spoof. Modern enterprise security demands a more holistic approach. It starts with using 802.1X authentication and TLS-based EAP methods that provide strong mutual authentication, where both client and network prove their identity with X.509 certificates.
For example, Cisco wireless LAN controllers paired with Cisco Identity Services Engine (ISE) create an 802.1X authentication pipeline with dynamic VLAN assignment, downloadable access control lists (dACLs), segmentation with security group tags (SGTs), and policy enforcement that shuts down attackers. No cert? No network. It’s that simple.
Encryption that actually matters: WPA3 and beyond
Our Wi-Fi 7 access points ship with the latest WPA3 security. Enhancements to WPA3 Personal, Enhanced Open, and WPA3-Enterprise provide the strongest encryption with AES-256-GCMP protecting your data over the air. And for those already thinking about the threat of quantum computers, we support WPA3-Enterprise-192, which offers the strongest encryption and authentication available while post-quantum cryptography wireless standards are being developed. A mandatory feature of WPA3 is Protected Management Frames (PMF/802.11w), which protects you from deauthentication and disassociation attacks.
Adaptive wireless intrusion prevention system (WIPS): The AI-powered spectrum sentinel
Cisco Adaptive Wireless IPS Software monitors every frame flying through your airspace. Fuzzed beacons? Detected. Evil twins? Quarantined. DDoS floods? Mitigated. Using network traffic analysis, network device and topology information, signature-based techniques, and anomaly detection, it learns your RF environment and automatically distinguishes between a well-behaved client and a sophisticated adversary. Add rogue and honey pot detection through managed SSID rules and start sending bad actors packing.
Mastering the patch cadence: Firmware updates and certificate hygiene
Firmware updates aren’t suggestions—they’re your first line of defense against threats. Cisco ships continuous firmware drops for its access points and controllers that squash vulnerabilities and boost stability. Stale firmware is an invitation for attackers. And those X.509 certificates powering your EAP-TLS authentication? They expire. Automate renewal workflows and leverage Cisco features to simplify patching. Certificate lifecycle management isn’t glamorous, but neither is explaining to the business why email went dark.
Real-time detection, assurance, and automated wireless operations
Cisco automatically baselines normal behavior, flags anomalies, and auto-triggers responses before your SOC even gets the alert. Detect rogue DHCP servers, identify suspicious client roaming patterns, and catch misconfigured SSIDs before they become incident reports. And use Cisco CleanAir on access points for event-driven radio resource management to automatically detect and remediate high levels of interference that could be a wireless jamming attack.
But we all know the network is not the end goal for attackers. They want to compromise clients and applications. Cisco brings native integrations with Apple, Intel, Samsung, and Zebra to deliver real-time granular insights into client behavior. Add to this Cisco ThousandEyes integrations and Cisco Application Visibility and Control (AVC), and you’ll have greater visibility so you can better protect every client and application on your network.
You get the kind of visibility that turns reactive firefighting into proactive threat hunting, because the best security incidents are the ones that never make it past your automated defenses.
Practitioner protocols: Your security runbook
Mission accomplished: Now lock it down
Securing enterprise wireless isn’t a checkbox—it’s an ongoing fight requiring intelligence, automation, and hardware that doesn’t fold under pressure. The Cisco Wi-Fi 7 ecosystem, battle-tested security frameworks, and Cisco ISE integrations give you the tools to build networks that are both high performance and hardened against modern threats. Craving more wireless security wisdom? Pick your format: Read more about what Wi-Fi security really means, or tune in to the Packet Pushers podcast to discover the Wi-Fi 7 secrets your competitors don’t want you to know. (Warning: both may cause sudden urges to audit your wireless security posture.)
Now, go forth and lock down those airwaves like the Wi-Fi warrior you are meant to be.
Students’ attempts to access restricted content using unsafe proxy services expose them and their schools to cyber risks
WASHINGTON, D.C. – Nov. 25, 2025 – New research from DNSFilter finds that school networks are becoming high-volume targets for proxy-borne threats, credential theft, malicious extensions and phishing ecosystems. Data from the company’s networks reveals the growing risks posed by misused web proxies and filter-avoidance tools in schools.
Due to cell phone bans in multiple states, students are more likely to use their school-issued devices for activities they’d normally attempt on their personal phones. As students increasingly try to bypass school security controls – often to access social media, gaming sites or blocked content – they’re unwittingly exposing themselves and school networks to risks like account compromise, malware, credential theft, blackmail scams, and broader system vulnerabilities.
Analysis of traffic on DNSFilter’s network found:
These findings underscore how schools are facing rapidly escalating cybersecurity risks, largely driven by students’ attempts to access restricted content using unsafe proxy services. These attempts are not harmless workarounds; they are now a major threat vector.
Traditional content filtering alone is no longer sufficient. Students are increasingly aware of circumvention methods, and attackers exploit this behavior to gain access to accounts and potentially entire school IT systems. Children and teens are uniquely vulnerable, making them prime targets for social engineering, scams, identity theft or harassment.
Awareness of the risks helps schools strengthen cybersecurity policies, improve filtering and reduce successful student circumvention attempts. Using the threat insights, schools can proactively block proxy/avoidance domains, detect suspicious patterns (e.g., unsafe gaming extensions), and protect student data and campus systems. Concrete data empowers IT teams to anticipate threat spikes, allocate resources and justify budgets for improved filtering and monitoring tools. Read more in our blog here.
Gregg Jones, intelligence analyst, DNSFilter, said: “Proxy misuse is emerging as a serious and growing attack vector inside school environments, and the industry must treat it like the frontline threat it has become. Cybersecurity strategies in K–12 and higher education must expand to focus on DNS filtering, proactive detection of proxy use, better student education, and more compassionate in-class device policies that reduce the incentive to circumvent controls.”
About the company:
DNSFilter is a cybersecurity company that protects every click, leveraging AI-driven content filtering and threat protection to block threats 10 days earlier than competitors. DNSFilter’s solution secures workers anywhere they are, helping to boost productivity, minimize compliance risk, and protect corporate brands on public Wi-Fi networks. Unlike traditional filtering solutions, DNSFilter deploys in minutes instead of days and is trusted by more than 43,000 organizations worldwide. Learn more about how DNSFilter is the first and last line of defense for corporate and hybrid networks at dnsfilter.com.
Media Contact
Shannon Van Every
Force4 Technology Communications
November 17, 2025, San Jose, Calif. – NETGEAR® Inc. (NASDAQ: NTGR), a global leader in intelligent networking solutions designed to power extraordinary experiences, today announced the launch of the Nighthawk 5G M7 Portable WiFi 7 Hotspot (MH7150) supported by a new mobile app (iOS and Android) and eSIM Marketplace. The innovative device combines reliable, portable connectivity with groundbreaking flexibility, allowing users to choose coverage that fits their needs, connecting instantly to high-speed internet in more than 140 countries.
The M7 is engineered for modern life, providing fast connections for travelers, remote workers, and families on the move. Its compact, lightweight design makes it an effortless travel companion, while the powerful battery delivers up to 10 hours of continuous connectivity for work, streaming, gaming, and staying in touch.
The newly designed travel hotspot is a portable powerhouse, delivering WiFi 7 speeds of up to 3.6 Gbps to up to 32 connected devices. For wired options, users can connect directly to the M7 via USB-C or Ethernet adapter (sold separately) for ultra-fast connectivity. ​
Powerful built-in security features including firewall, WPA3 encryption, automatic firmware updates and NETGEAR’s Advanced Router Protection help safeguard user data wherever they travel.
New NETGEAR eSIM Marketplace Offers Freedom and Flexibility
A standout feature of the M7 hotspot is the NETGEAR eSIM Marketplace, a new in-app platform that- provides affordable, high-quality global mobile data. Users can browse, purchase, and activate data plans in seconds, right from the new NETGEAR app, eliminating the need to search for local SIM cards or pay excessive international roaming fees. It delivers a simple, on-demand solution for staying connected in 140+ countries.
“We designed the M7 to solve the universal need for simple, encrypted, and reliable internet access anywhere,” said Graeme McLindin, Vice President of Mobile at NETGEAR. “By integrating an eSIM Marketplace, we are not just launching a hotspot; we’re delivering a complete connectivity solution that empowers users to connect with confidence and ease. This is the easiest way to get your hotspot online, either before you leave on your trip or when you arrive.”
Customers can choose data plans ranging from 3GB to 20GB and manage their usage in real time with transparent tracking. The NETGEAR eSIM platform makes it simple to find and activate competitive data plans that best match travel needs. For the M7 Product launch, NETGEAR has partnered with Gigs to deliver data plans in the eSIM Marketplace.
Built for maximum flexibility, the M7 is unlocked and supports both physical SIMs and third party eSIMs, giving users the freedom to select travel data directly from local carriers and travel data plan providers.
Technical Specifications:
Availability
The M7 Portable WiFi Hotspot with eSIM marketplace will be available in January 2026 for $499.99 MSRP. Visit www.netgear.com for more information.
About NETGEAR, Inc.
Founded in 1996 and headquartered in the USA, NETGEAR® (NASDAQ: NTGR) is a global leader in innovative networking technologies for businesses, homes, and service providers. NETGEAR delivers a wide range of award-winning, intelligent solutions designed to unleash the full potential of connectivity and power extraordinary experiences. For businesses, NETGEAR offers reliable, easy-to-use, high-performance networking solutions, including switches, routers, access points, software, and AV over IP technologies, tailored to meet the diverse needs of small and medium enterprises. NETGEAR’s consumer products deliver advanced connectivity, powerful performance, and enhanced security features right out of the box, designed to help keep families safe online, whether at home or on the go. More information is available from the NETGEAR Press Room or by calling +1 (408) 907-8000. Connect with NETGEAR on LinkedIn, Facebook, Instagram and the NETGEAR blog at NETGEAR.com.
©2025 NETGEAR, Inc. NETGEAR, NETGEAR Insight and the NETGEAR logo are trademarks and/or registered trademarks of NETGEAR, Inc. and/or its affiliates in the United States and/or other countries. Other brand and product names are for identification purposes only and may be trademarks or registered trademarks of their respective holder(s). The information contained herein is subject to change without notice. NETGEAR shall not be liable for technical or editorial errors or omissions contained herein. All rights reserved.
Source: NETGEAR-G
Remote working, or telecommuting, allows employees to work outside a traditional office. This approach, often conducted from home, is gaining importance, particularly due to the digital revolution and the recent pandemic. Companies recognize its cost, productivity, and satisfaction benefits. Thus, remote working is becoming a standard in many industries.
However, maintaining online privacy and security is a complex task due to numerous challenges. Users often face risks such as using public Wi-Fi networks, which cybercriminals can exploit, and many are unaware of these risks. Data snooping is another issue, where third parties observe a user’s data without consent, posing a significant privacy threat.
Thus, providing a secure and easy-to-use VPN has become more critical than ever for a growing business and its workforce.
What is a VPN?
A VPN, or Virtual Private Network, is a service that creates a secure, encrypted online connection. This secure connection offers an additional layer of protection, mainly when using public Wi-Fi networks or accessing company files remotely.
What is Client VPN
Client VPN allows individual devices (clients) to connect to a secure private network from anywhere. It encrypts the user’s connection, making it difficult for third parties to detect the user’s activities or steal data.
What is a Site-to-Site VPN
Site-to-site VPN, on the other hand, allows multiple networks in different locations to connect to a central network through the Internet. This is particularly useful for businesses with several office locations or employees working remotely.
How VPN Benefits to Remote Workers
VPN technology provides a secure and encrypted connection, ensuring that all data transmitted between the remote worker and their company network remains confidential. It also offers remote workers the ability to safely access their company’s network and its resources, which is particularly crucial when handling sensitive data. Moreover, VPNs provide access control, allowing organizations to restrict and monitor access to sensitive information.
Protect Data and Enhance Cybersecurity in Public Wi-Fi
Under Cybersecurity, VPNs act as a first line of defense against cyber threats by masking the user’s IP address and obscuring their online activities. This makes it more difficult for cybercriminals to target specific users or launch phishing attacks. Additionally, VPNs can help protect against malware and other forms of cyber threats that may compromise the user’s system.
Secure Remote System Access
Under Secure Remote Access, VPNs provide remote workers with a secure pathway to access company resources, regardless of their location. This secure connection protects sensitive data from potential eavesdropping or interception. Additionally, it allows for smooth, uninterrupted remote work, fostering productivity and efficiency.
Manage and Control Access for Extra Protection
Access Control with VPNs allows companies to specify which users and devices can access specific resources. This minimizes the risk of unauthorized access to sensitive data. Furthermore, it enables organizations to manage and monitor their network’s usage easily, enhancing overall security.
The Risk of VPN
Despite its numerous benefits, using a VPN is not without potential risks. These include the possibility of VPN service providers logging user activity, potential vulnerabilities in VPN software that could be exploited, and slower internet speeds due to encryption processes. Understanding these risks is vital to ensuring the safe and efficient use of VPNs.
How to Choose a Business VPN Solution
Choosing the correct Business VPN Solution can be complicated, but several factors can guide your decision. The security features are the first to consider, followed by these additional factors:
Interface and Ease of Use
The VPN solution should be user-friendly and intuitive, allowing your employees to integrate it into their workflow seamlessly. Given that employees use diverse devices dynamically in their day-to-day work, seamless VPN software that supports multiple platforms is also crucial for productivity.
Cost Effective
Cost is always a significant factor to consider. The VPN solution should provide excellent value for money and fit within your company’s budget. However, remember that the cheapest option may not always be the best, particularly with regard to security and reliability.
Flexibility and Scalability
As your business grows, your VPN needs may increase. Therefore, the chosen VPN solution should be flexible and scalable, capable of accommodating potential business growth and adapting to your changing requirements.
Privacy Policy
Moreover, the provider’s privacy policy should be transparent and robust, ensuring that sensitive data remains secure, confidential and comply with your company’s policy and standard.
EnGenius SecuPoint VPN – Seamlessly Connects Remote Workers
The EnGenius Cloud SecuePoint offers a seamless experience, and it stands apart with its tight integration with the EnGenius gateway, both the Cloud series and the Fit series. The unique per-user licensing model provides flexibility, sidestepping the limitations of per-device models, ofering a cost-effective VPN solution for enterprise and small business.
For IT Manager: Automatic Configuration
Once connected to the VPN server, the gateway immediately pushes the required configurations and certificates to SecuPoint. This ensures a seamless user experience and reduces the chance of errors that can arise from manual setups, which can cause connectivity issues or security vulnerabilities. 
In addition, the automatic configuration allows for quick and easy scaling as businesses grow and onboard more employees, avoiding the need for manual VPN setups that can be overwhelming and strain IT resources. Furthermore, automatic configurations are self-reliant, reducing the need for specialized IT intervention and offering long-term cost savings.
For Remote Workers: Instant Cross-Platform Security
For remote workers, the log-in process was made easy by simply logging in to the SecuPoint app. It automatically configures the best security settings to keep your connection safe.
As work becomes more dynamic, employees need to switch between devices without losing their connection. The multi-platform feature ensures that you can stay connected and secure while transitioning between devices, whether the device is provided by the company or of their own.
Conclusion
As we embrace this new era of telecommuting, it’s clear that the right VPN solution is not just a luxury, but a necessity for safeguarding our digital interactions and fostering a productive, secure remote work environment.
The use of VPNs represents a significant stride in addressing these needs. By providing a secure, encrypted connection, VPNs ensure the confidentiality and integrity of data transmitted between remote workers and their company networks. The ease of use, cost-effectiveness, and scalability of such solutions are paramount for businesses adapting to the evolving landscape of digital workspaces. Furthermore, the integration of automatic configurations and cross-platform compatibility highlights a commitment to seamless and efficient remote work experiences.
Anaheim, California, November 27, 2025 – Zyxel Networks, a leader in delivering secure and AI-powered cloud networking solutions, today announced that its USG FLEX 50HP firewall has been honored with a prestigious Taiwan Excellence Award 2026. This latest accolade also brings the Zyxel Group’s total Taiwan Excellence Awards to over 100 wins, underscoring its long-standing commitment to innovation. The Taiwan Excellence Award, held on November 26 in Taipei, recognize products that create new value through innovation. Established by the Ministry of Economic Affairs in 1993, this year nearly 1,000 entries were judged on their achievements in R&D, design, quality, and marketing, with only 336 receiving the honor. This recognition validates the USG FLEX 50HP’s comprehensive strength as a top-tier product representing Taiwan’s innovative spirit.
Bridging the long-standing gap in network security management
Unlike most hybrid firewalls that treat cloud and on-premises security as separate entities, the USG FLEX 50HP firewall unifies them into one seamless solution. This is achieved through its industry-leading Smart Sync feature, which synchronizes security policies, network objects, and high availability settings across both platforms. This ensures consistent protection and streamlines management. Its rich set of security features provides comprehensive protection against ever-increasing cyber threats, while its friendly pricing empowers small and medium-sized businesses (SMBs) and managed service providers (MSPs) with enterprise-grade security without compromising budget, making advanced network protection attainable for a wider range of businesses.
Garnering recognitions from experts worldwide
Beyond this esteemed Taiwan Excellence Award, the USG FLEX 50HP has consistently earned accolades from experts globally. It was recently named Security Hardware of the Year in the UK’s PC Pro Excellence Awards 2025. In Germany, thousands of professional users rated Zyxel Networks as the Champion in both Network Firewall and VPN categories in the recent Techconsult Professional User Rating (PUR) survey 2026. Further cementing its reputation, the USG FLEX H series outperformed competitors in third-party evaluations conducted by the Tolly Group in the United States, underscoring the strong reputation of Zyxel Networks’ security firewalls among IT professionals.
“The USG FLEX 50HP firewall is a testament to our dedication to delivering advanced and accessible security solutions,” said Ken Tsai, President of Zyxel Networks. “This Taiwan Excellence Award, alongside other recent honors, validates our efforts to empower SMBs and MSPs globally with robust, user-friendly, and cost-effective protection against evolving cyber threats.
Further reinforcing its commitment to secure the global digital landscape, the Zyxel Group recently became the first in Taiwan’s networking industry to join the Forum of Incident Response and Security Teams (FIRST). This membership further strengthens Zyxel Networks’ focus on providing robust security solutions and its dedication to collaborating with the cybersecurity community to combat evolving threats.
For more information about the Zyxel Networks’ USG FLEX 50HP firewall, please visit https://www.zyxel.com/global/en/products/next-gen-firewall/usg-flex-firewall-usg-flex-50h
About Zyxel Networks
Zyxel Networks is a leading provider of secure, AI-powered cloud networking solutions for SMBs and the enterprise edge. We deliver seamless connectivity and flexible scalability through subscription services, all backed by robust security. With a reputation built on decades of unlocking potential and helping people adapt to the changing workplace, Zyxel Networks has earned the trust of over 1 million businesses across 150 markets
Calculus will offer Aprecomm’s award-winning software solutions—including Wi-Fi optimization and support automation tools—to its expanding base of ISP customers in developing markets spanning the Middle East & Africa, India & Mexico.
Dubai, UAE – November 19, 2025 – Calculus, a global leader in advanced network innovation, today announced a strategic partnership with Aprecomm, a leading provider of intuitive, self-healing network and customer experience solutions. The collaboration sees Calculus deliver Aprecomm’s full portfolio of AI-powered customer experience products and grow its managed and professional services offering across the Middle East and Africa (MEA), India, and Mexico. Aprecomm’s solution empowers Internet Service Providers (ISPs) and telecommunications operators to improve online consumer experience by improving network performance through a self-healing and self-optimizing approach.
This partnership combines Aprecomm’s industry-leading AI platform—renowned for enabling intelligent, intuitive, self-healing Wi-Fi networks—with Calculus’ deep expertise delivering omnichannel innovation, engineering excellence, and 360° of market penetration. Together, the companies will accelerate the adoption of automated network assurance, real-time analytics, and proactive service optimization for operators seeking to elevate customer experience and operational efficiency.
AIVRA™, Aprecomm’s most recently announced Agentic AI product, delivers simplified, personalized, and actionable insights across the entire ISP organization—from CEOs to network engineers to marketers—through a single, intelligent interface streamlining decision-making, reducing complexity, and driving new levels of efficiency.
With advanced analytics and automated support tools, Aprecomm’s customer experience (CX) suite gives providers unparalleled visibility into subscriber behavior and network health, thereby enhancing satisfaction and reducing operational costs. The platform recently earned Frost & Sullivan’s Best Practices
Award for Innovation, recognizing its impact on the telecom ecosystem. Learn more: here.
This partnership underscores a shared vision and commitment to accelerating digital transformation for service providers and powering more reliable, adaptive, and customer-centric connectivity across key global markets.
UWB is advancing with the 4ab amendment, bringing meaningful improvements in reliability, speed, and scalability. Unlike other wireless technologies focused on high data rates, UWB excels in real-time positioning and secure access. With growing adoption in mobile and automotive devices, the technology is evolving. Our video series, 3 for 3, provides 3 answers for 3 pressing questions about trends in wireless test. In our latest video, LitePoint’s Adam Smith dives into the latest enhancements in Ultra Wideband, or UWB, technology.
