When consumer-class Wi-Fi router’s transfer rate becomes higher, many types of real-time multimedia communication services, such as web conference and unified communication (UC) can be run in middle and low-class business offices. However, a real-time multimedia communication service should also be safe, both in the upper layer (application) and lower layer (data link). This work attempted to create balance optimization between QoS and security. Series of network stress test experiments with Jperf and penetration test with Kali Linux distribution were performed against three of wireless infrastructure topologies. Typically for topology 1, experiments were carried out against 3 of Wi-Fi authentication standards (Open Security, WEP, WPA2 Personal TKIP and WPA2 Personal AES). QoS values (delay and packet loss) were recorded into tables and charts, while security vulnerabilities were recorded into CVSS (common vulnerability scoring system) framework. Wi-Fi authentication standard with best QoS values and CVSS score was chosen to represent at topology 1 and compared against other topologies. Before topology 2 was examined, QoS optimization was performed for authentication and location was moved from wireless router into external RADIUS server. This server changed Wi-Fi authentication method from passphrase checking to public and private certificates/keys validation. Optimization performed by QoS utility installation on OpenWRT firmware prioritized UDP and RTP traffics on Jperf’s and VoIP server’s ports. Another optimization treatment was performed by USB flash disk mounting to add extra swap/cache memory for OpenWRT system. Moreover, transmission frequency was changed from 20MHz to 40MHz On topology 3, optimization was performed by shortening route between wireless router and RADIUS server, namely radius utility installation as internal RADIUS server, on OpenWRT firmware. Security hardening was performed by deploying ZRTP encryption and SRTP protocol into Android smartphone clients. Total QoS values and  CVSS scores comparison proved that topology 3 is the best system for supporting multimedia real-time communication services like VoIP/UC. Topology 3’s performance will be better when deployed into wireless router that has greater processor clock and more memory capacity.

Wi-Fi, RADIUS, ARP, QoS, web conference, CVSS.