Cable, DSL & Building Services

Cable and DSL are very different services but have similar features and problems.

Home
Home

News
News

Topic
Topics

AAx
AAx

Since Cable Modems and DSL are so often considered together, we have put them together here. Both are high speed (5 times to 100 times as fast as modems, depending) Internet access services. Both are commonly referred to as broadband services, but, technically, only cable is broadband.

To the home user there is little difference between cable and DSL except availability.

Index

Home Service

Home service for both DSL and Cable runs about $39 to $49 per month in most parts of the U.S.. Most cable service is "home" only, but some cable providers are starting to offer business service as well. DSL service is almost always available either way (if it is available at all).

For a home service you will be connected to the service provider with a cable modem (cable) or a bridge (DSL - but the installer will probably insist it is a "modem"). When you turn on your PC, it applies to the service provider's server for an IP address, which is likely to be different each time you connect (dynamic IP address).

Because you have a dynamic IP address, you can't set up servers with a domain name or any other permanent incoming connection. Since the connection is semi-permanent, some users access their home PCs from their notebooks in the field over the Internet. They have to check what their current IP address is before leaving home.

Business are using home service to allow "telecomuters" access to the business network over the Internet. DSL and Cable carriers are catching on to this and are starting to deny VPN (Virtual Private Network - encrypted links over the Internet) traffic. They maintain, with a certain logic, that these are business users and should be paying for the full business service. Since no sane company will allow Internet access to their internal network except over a VPN, that pretty much does the deal.

There is no upgrade path for home service. What you get is what you get, and if you need more you have to discontinue it and sign up for business service.
(Top)

Business Service

Business service starts at $69 or $79 per month for an ADSL connection in California (where DSL is available) and includes 5 static IP addresses. Additional services will add to this cost. The next big step is up to about $300 per month for SDSL.

Connection to the service will be through a router. Some of the routers include a 4-port hub which allows several computers to be directly connected to it, or it can be cabled to the hub serving the internal network. Access by multiple computers is presumed.

Since you have static IP addresses, setting up Web, FTP and other servers for outside access and assigning them domain names is feasible. The limit here is that with ADSL up-link service is limited, probably to something like 340-kilobit/sec, so if the servers are heavily used you have to upgrade to SDSL. If you are in a good area, SDSL provides about the same speed as a T1 line.

Some business DSL service providers set up the router to provide a NAT firewall for the internal network. Others set up with fully exposed IP addresses. If your router provides NAT, you have to turn that off and use exposed static IP addresses to allow access from the Internet. That means you have to install an additional firewall to protect your internal network, leaving only servers that must be accessed from the Internet outside the firewall.
(Top)

Cable Service

Cable service is quite simple, and is generally aimed at the home user, who probably already has cable TV service. Some cable companies are now also offering business service.

With a cable modem hookup you are on a local area network (LAN) that includes all the other subscribers on your leg of the cable. The local cable company will be your ISP (Internet Service Provider) and will provide you with Internet access and e-mail boxes. At this time you have no choice whatever in this, but legislation is being considered to open the cable lines to other ISPs.

Because cable is a home service, users establishing servers (Web servers, FTP servers, etc.) on their cable connection is strongly discouraged, often under threat of disconnection. Upstream data flow is often severely choked to further discourage this use.

Server restrictions are now in conflict with "sharing" programs like Napster, which cause ordinary computers to act as servers. Since so many home subscribers consider the right to steal copyrighted material over the Internet God given, the cable operators are trying to figure out a compromise solution.

To connect your PC to the cable service, a "cable modem" is installed by the provider at your site. A regular Ethernet NIC (Network Interface Card) is installed in your PC and the two are connected with a network patch cable.

Your connection through the cable modem applies to the cable company's server for an IP address, which will be different each time a new connection is made (dynamic IP address).

More than one PC can be connected to the cable service by using a NAT (Network Address Translation) router, such as the one provided by Linksys. Your cable company may not approve of this, so you may not want to tell them.

Most services support only Windows95/98 and Mac. If you have anything else, you're on your own. In many cases people have had to borrow a Windows95/98 computer for the service to install to - then switch over to the real computer once the install guy leaves.

Be very, very sure you understand the security implications of a Cable connection.
(Top)

DSL Service

There are many kinds of DSL service (many listed here), but we will talk only about ADSL (Asymetric Digital Subscriber Line) and SDSL (Symetric Digital Subscriber Line), since that covers over 90% of users.

The service you are most likely to get, either for home or business, is ADSL which provides up to 1.5-Megabit/sec download speed and something like 348-Kilobit/sec in the upload direction. Only if you were going to host your own Web servers or something similar would you spend the extra money for SDSL, which goes up to 1.5-Megabit/sec in both directions.

DSL service is not universally available. Your location must qualify in several ways:

  • You must be within 18,000 feet of a CO (Central Office) (or "mini-co" in PON areas).
  • The wiring to the CO must be of sufficient quality.
  • The local CO must have a DSLAM port available.
  • Your building's internal wiring must be good enough - CAT-3 or CAT-5 is good, old "station wire" often isn't.
A call to your phone company will take care of the first three. The last is up to you. Pacific Bell has been offering "do it yourself" DSL kits to home users, and says the most common reason for failure is bad house wiring.

Your DSL connection will be doubled over an existing phone line and will not interfere with regular voice use of that line. The line cannot be a "roll over" line, so usually the fax line is chosen. The installer will install a digital splitter to separate DSL from voice on the line, and will install either a bridge (home service) or a router (business service).

The DSL connection uses this telephone line to connect to the telco's nearest "central office" (switching facility) where it will be connected to a port on a DSLAM (DSL Access Multiplexor). The DSLAM multiplexes your DSL with DSL from other subscribers and sends it over an ATM (Asynchronous Transfer Mode) line to your ISP's router. You must be within 18,000 feet of the CO (central office) and transmission speed will vary depending on just how close you are.

In some areas a new type of connection called PON is being rolled out so you don't have to be so close to a full central office.

Unlike cable, you are not on a LAN (Local Area Network) with other subscribers in your area, but have your own dedicated phone line to the DSLAM, making DSL more like a dial-up than like cable.

Because of deregulation, you can have your choice of DSL providers and ISPs. The easiest choice is just to have the local LEC (your regular telephone company) handle it, and they will also be your ISP, just as with cable. You can have a greater selection of services by contracting with an independent ISP, who may contract with the LEC or a CLEC (Competitive Local Exchange Carrier) to get the line in.

For a business with it's own domain name, your DSL provider and/or ISP do not have to be the same company as the one hosting your domain. For instance, if PacBell provides your DSL/ISP services, but hosts-r-us.net hosts your domain (mycompany.com), you just set up the e-mail account on your email client (Eudora, PMMail, Outlook, etc) to use mail.mycompany.com as the POP (incoming) post office and mail.pacbell.com as the SMTP (outgoing) post office. Thus joeblow@mycompany.com would be your email address but outgoing mail would be transmitted by PacBell.

With a business DSL service you just plug the router into your network's Ethernet hub and your whole network has DSL access (OK, you know it's not going to be that easy, the installer has to program the router to match the ATM link and servers, which offers endless opportunities for confusion and miscommunication).

If you're paying for the router, demand the manuals and software that come with it, and get the router access login name and passwords.

Home service is a bit more complex. In many cases the home service connection uses PPPoE (Point to Point Protocol over Ethernet) which is much like the PPP connection made over a dial-up connection.

PPPoE requires client software similar to the dialer you used for your dial-up connection. The installer will generally provide EnterNet, or a similar PPPoE dialer for Windows, and will probably have something for Apple Macs. For other operating systems you are on your own. For OS/2 you can download pppoe1_0.zip from Hobbes. For Linux just go to freshmeat.net and search for pppoe for a selection.

An alternative is to get something like the Linksys router, which will make the PPPoE connection itself, and you just cable it to your Ethernet hub just like for the business service router. You may need the Linksys anyway for security (see below).

Most services support only Windows95/98 (Windows Me real soon now) and Mac. If you have anything else, you're on your own. This is generally not a problem for business service, but can be a problem for home service. In some cases people have had to borrow a Windows95/98 computer and let the service install to that computer - then switch over to the real computer once the install guy leaves.

Be very, very sure you understand the security implications of a DSL connection.
(Top)

Building Services

Many office buildings and apartments have installed high speed Internet access services as a feature of their building. Generally this service provides e-mail boxes and other ISP functions for the tenants.

The building has a bridge or router connected to a DSL line, a Cable service, a T1 line, or a satellite up-link. Ethernet cables run from each office or apartment to a network hub, which is cabled to the router or bridge.

IMPORTANT: You are on a LAN (Local Area Network) with every other subscriber in the building. If you do not install security measures every other tenant will have access to your computer or network.

An example, we set up networking and security for a firm that moved into a building offering Internet service. They brought in a new notebook computer and hooked it up to the network. Because it wasn't configured for their network when they turned it on, it connected instead to another tenant's network. They had access to all that tenant's computers.

IMPORTANT: The building service may tell you they provide a firewall - but - that firewall may be misconfigured and not give you any protection. We have seen that happen. Also, that firewall does not isolate you in any way from other tenants. It is better to handle your own security as described in our security article.
(Top)

Remote Access

You can use Cable/DSL connections to provide access to the office network from homes and branch offices. Managers can monitor the business from home. "Telecomuters" and remote sales staff can have full network access. No dial-in modem banks are needed and there are no big phone bills. It's just too tempting to pass up.

DANGER! - this can open your network to invasion. That's how Microsoft's network was broken into. Hackers unknown had free reign over Microsoft's corporate network for at least a couple of weeks, and they got that access through a privileged employee's home computer. No sophisticated hacker skills were used, just easily available "trojan" programs - any semi-skilled 16 year old could have done it.

If your business allows access to it's network over Cable/DSL connections, you must:

  • Take security very seriously
  • Use a VPN (Virtual Private Network) to prevent "interested parties" from capturing your login names and passwords.
  • Control the home user's computer. Preferably the business provides that computer, configures it and locks down the configuration.
  • Periodically check to make sure home users have not changed the security configurations.
  • Provide the work side with a business DSL or T1 account with static IP addresses.
  • Firewall the business side and make sure that firewall is monitored and properly managed.
  • Make sure both the business and home ends have effective anti-virus programs and that they are kept strictly up to date.
  • Make employees thoroughly aware that any subversion of security measures will be treated as a serious infraction.
  • Prepare a contingency plan in case someone does get in.
  • Have the whole thing set up by someone who really knows what they are doing.
All this may seem a lot of trouble, but how much trouble will it be if your servers are wiped out, or if all your data ends up in the hands of a competitor, or an employee hacks payroll, or your computers are used to launch a DDoS (Distributed Denial of Service) attack against another company, or your hard disks are used to store kiddie porn libraries?

Remember, breaking into computer systems is no longer restricted to experts, it is a game played by tens of thousands of "script kiddies", and provides employment for industrial spies, blackmailers, and what have you.

Security Considerations

Both cable and DSL services can leave you are wide open to attack and/or manipulation by hackers, crackers and "script kiddies", because you effectively have a static IP address. You are especially vulnerable if you are running Windows95/98/NT. Just how vulnerable you are and how to protect yourself are covered in our topic DSL & Cable Security.
(Top)

©:Andrew Grygus - Automation Access - www.aaxnet.com - aax@aaxnet.com
All linked pages are copyright © the original creator.
Velocity Networks: Network Consulting Service - Internet Service Provider - Web Page Design and Hosting
All trademarks and trade names are recognized as property of their owners