Cable modems -- not just a security problem
Carl Weinschenk
Published: 15 Jul 2002 17:41 BST
It's no mystery why cable modems are saturating the corporate communications environment. They're fast, readily available, increasingly reliable, and relatively easy to install.
Yet the security of the shared infrastructure on which cable modems operate has long been a key point of debate between modem advocates and skeptics. In general, tech leaders don't relish the idea that vital corporate information is, at least theoretically, available to the hacker next door.
The devices represent a big change for enterprises, however, and there are several issues CIOs must be aware of. Cable modems have long raised security concerns related to how addresses are distributed within the networks' shared infrastructure. In addition, the sudden spike in the volume and type of applications demanded by off-site workers can and will stress enterprise resources.
Security issues
CIOs are well advised to assume that cable modem access is inherently insecure. In addition to physically sharing infrastructure with other modems, the devices usually have a fixed IP address which is vulnerable to attack. Although this does not expose the corporate network directly, it can give an attacker access to anything on the system at the user's home. Clearly, this means that extra security precautions are necessary. Traver believes that a combination of IP VPNs, software firewalls, and/or next-generation connectivity products from companies such as Neoteris or Flatrock are vital to protecting remote desktops.
Andrew Deskur, director of systems and network administration for VC firm Atlas Venture said he chooses cable modems over DSL even where both are available due to security needs. In addition to good service from his cable provider, AT&T Broadband, Deskur said that cheaper DSL services don't support the point-to-point protocol over Ethernet (PPPoE) used by his Check Point Software Technologies firewall/VPN device.
Others prefer DSL to cable, because the service is not a shared link, but a point-to-point link to the Internet -- although if a fixed IP address is provided, DSL connections are just as vulnerable, so both will require a firewall.
Another downside of DHCP is that it reduces the ability to configure remotely. If multiple PCs are behind a modem connected to a corporate server--a relatively common satellite office scenario--the server might not be able to remotely configure individual PCs, Traver explained.
New technologies tax resources
The general growth of broadband remote connectivity means that CIOs must prepare for new usage patterns, said Bruce Leichtman, the principal of Leichtman Research Group, a consultancy based in New Hampshire, US.
The idea is that the entire infrastructure may be stressed, and usage patterns changed, as the number of remote workers increases and the types of applications in use require more bandwidth. For instance, if telecommuters suddenly begin streaming training and informational videos from the corporate server, CIOs have to be prepared to offer higher quality of service (QoS) levels, in addition to simply increasing the bandwidth.
"If all of a sudden we have a much larger number of people using bandwidth, or [if] connectivity grows, it needs to be factored in," agreed Deskur, who suggests that companies keep close tabs on applications used to ensure infrastructure stability.
Within this scenario are a number of commonsense issues that tech leaders must also consider. For instance, many teleworkers' machines are on home networks. This means that all the computers in the home must be secure, not just those used in connection with work. This poses a problem for the IT unit, as well as for the corporate user policies in place, as it tends to blur the lines between personal and business PC use. It could literally mean that home-office IT visits will be necessary and have to be factored into the staffing and budget mix.
For this reason, experts recommend putting procedures in place to ensure that remote users' PC time is work-related, said Deskur: "You have to go in with predefined limits as to what you will and will not support so that the IT staff isn't in the position of helping to set up the son to print off the employee's wife's computer."
Cable connectivity expected to grow
Tech leaders should also be aware that remote connectivity issues aren't going to go away any time soon, as the cable industry is focused on building up the small- and midsize business (SMB) market. The attraction is particularly high for several reasons: Revenue growth in cable companies' core entertainment markets is slowing, and debt from the decade-long mergers and acquisitions binge is high. Consequently, cable operators such as Comcast, Charter Communications, and Cox Communications have established corporate entities aimed exclusively at SMBs.
The cable industry's advancements are something that CIOs at both small and large companies should be watching. A raft of technology vendors--Narad Networks, Advent Networks, Aurora Networks, Wave7 Optics, Jedai Broadband Networks, Extend Networks, and others--are offering various approaches to optimising the cable industry's business market goals. Narad, for instance, announced a deal with IBM in June to enable cable operators to offer telecom services to SMBs at rates as high as 100 Mbps.
The key is accepting that the flow of information between home offices and corporate hub centers is only going to grow.
"You can't be scared of the traffic," Leichtman said. "I hear so often that CIOs are scared of the traffic. Don't be scared."
Have your say instantly, in the Tech Update forum.
For a weekly round-up of the enterprise IT news, sign up for the Tech Update newsletter.
Find out what's where in the new Tech Update with our Guided Tour.
Tell us what you think in the Mailroom.
Did you find this article useful?
24 out of 75 people found this useful
- Share this article:
