[ale] OT, mostly - remote access w/o internet
Neal Rhodes
neal at mnopltd.com
Mon Mar 15 00:04:08 EDT 2010
I'm pondering on this for a friend. (really!) He supports control
systems for power plants.
Power companies are adamant that their control systems will NEVER touch
the internet. I'm not sure I disagree with them; but it don't matter.
So, whenever said friend gets a call from said power plant, if he can't
resolve it over the phone, he gets in the car and drives. Hundreds of
miles.
Ergo, accepting that the power company won't ever change, I'm thinking
what kind of remote access could be configured that would meet their
most
rigorous requirements:
A. No in-bound access.
B. Initiate FROM the power plant TO the support vendor. Shutdown when
problem resolved.
C. Allowing many power plants to access a single vendor number, although
not all at the same time.
D. Effectively impossible to intercept.
E. Insignificant monthly costs.
I'm coming up with the vendor hanging a 56K dialup modem on a linux box,
supporting an inbound PPP call from the vendor with a 56K modem. Dog
slow, but I remember the days when we thought that was wicked fast and
it's still waaaaay faster than driving to pensacola and back.
Essentially impossible to eavesdrop or intercept, and it's really easy
to verify the modem is switched off when the vendor is done. Of
course, that requires a "real" phone line to work.
What else? I was thinking a bonded ISDN line. Those support dialup to
another ISDN, and would get them up to 128KB. (whoohoo) Also
essentially not possible to intercept and the same degree of isolation,
but the power company might not "trust" that it's truly dormant when
offline.
What else? They could technically go with leased lines, but client
fear of that might be impossible to overcome. You could talk yourself
blue about running a VPN over the leased line, but they'll plug their
ears and run.
Somehow initiating a new project with 56K modems sounds like dinosaurs
mating in the snow, but I'm not seeing really swell alternatives.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20100315/d154980a/attachment.html
More information about the Ale
mailing list