NWLOGOLR.gif (5118 bytes)

COMPETITION
Box.gif (13084 bytes)

REVIEW SPECIAL
BOXBIG.GIF (10751 bytes)
cov903.jpg (13379 bytes)

EDITORS COMMENT - March 2000 - This month our feature on Remote Access focuses largely on ADSL technology because BT is launching a commercial ADSL service this month after years of trials of the technology. On the whole ADSL is a Good Thing, with its promise of higher speeds and a fixed fee each month independent of usage. But ADSL is like a leased line in that it provides an always-on connection to the Internet, and this is both good and bad. The good side is that you don't have to dial up to find out that you haven't got any mail! Electronic mail can be delivered virtually instantly in real time. The downside is that this always-on aspect poses a security risk that the users of dial-up connections are unfamiliar with.

"Users of the BT ADSL trial system have reported frequent  attacks on their home systems"

Larger companies, accustomed to leased-line connections to the Internet, always have a firewall to protect them from hackers. Smaller companies and home users that have used dial-up connections in the past have often ignored this problem, arguing that the risk is small as they are only accessible when they are actually on-line. Furthermore, on most dial-up ISPs, when you're online you're at your computer and your IP address will be temporarily allocated from a pool used by the ISP. With a permanent connection, your PC or LAN will accept packets from anyone on the Internet, at any time, and the IP address range it uses will be fixed.
This isn't scare-mongering. Users of the BT ADSL trial system have reported frequent attacks on their home systems. The solution is proper security, using a firewall. But firewalls are notoriously difficult to configure and not cheap. The service provider could offer firewall functions, but this is also not easy, as different users will require different degrees of protection. For example, anyone hosting a Web site at their own location would have to let in significantly more types of traffic than someone using it for email and browsing. It is true that the symmetric nature of ADSL makes it less than ideal for hosting a Web site at the subscriber end of the connection, but many will want to do this for experimental purposes, or for limited private applications.
Alternatively, there is a new emerging market for cheaper, easy-to-configure firewalls, suitable for home workers and small offices that cannot afford a traditional firewall. Sensible factory defaults and ease of configuration are very important for this market, which lacks the skills to ensure that it is set up correctly There are some software-only Windows firewalls available, but these are not really satisfactory because Windows 9x is not itself a sufficiently secure operating system for such an applications. Ideally, it should run on a dedicated machine that is running a more secure operating system such as UNIX, NetWare, or Windows NT/2000 - but then you're into the same costs and complexity as a traditional firewall.
What we need is a 'consumer' firewall - a commodity product that you can buy and plug in just like a modem. Such products are emerging, but they are still too expensive for homeworkers. In the meantime, if you are going to try ADSL, make sure you ask your service provider exactly what security it offers customers.

Geoff Marshall
Editor