Pre-defined Low-bandwidth & Low-allowance WAN

Product Discussion Feature Requests
1

Ahoy everyone!

We’ve had a lot of talks internally in the Marine space for about 12-months now about having special devices connected to the network.

The other day someone from Elcome also posted about this on the forum.

Challenge:
We now have Starlink and lots of other sources onboard but still wish to keep things like Fleet Broadband, Iridium GO! & Certus.

Not everyone is comfortable blocking things by default and we spent a lot of time setting this up for people, every time.

And sometimes people delete these rules and sometimes blame us for it not working!

Solution:
We’d like a way to threat ultra-low-bandwidth devices to not carry internet traffic once assigned as such. Like a pre-defined firewall or outbound policy setting.

We also know that super low bandwidth WANs (VSAT, FB, Iridium etc.) will give a local positive live feed, but not go live at all if using Speedfusion - suspect some logic here is timing out.

Even the ability to import a preset of firewall rules locally - and copy local firewall rules like we can on IC2 would be useful for multi-VLAN outbound rule setups.

We’d also like to send all a specific set of apps and critical information over Iridium if only this is available.

Such as PredictWind data, GTMail, Iridium Mail etc…

These should be firewall or outgoing firewall templates we can just click to add.

The WAN Source as well should be marked as ultra-low-bandwidth / limited meaning it would not allow (by default) stuff like Facebook, Netflix etc… and only a specific set of

I’m sure land-based deployments for mining and extreme rural would be the same.

Resource Links:
Step 7: How to prevent bill shock/data overages | PredictWind Help Center
MailASail - Teleport-Firewall | Iridium Satellite Communications
SailMail via Iridium GO! exec | SailMail
Wifi as Wan and Iridium Go - Product Discussion / Pepwave MAX - Peplink Community
Starlink with failover to iridium certus - Specialized Market / Maritime - Peplink Community

I know a lot of this can be managed by InControl2 - but problem is people wish local control as well, and once we do IC2 managed FW local control is removed.

Let me know what you all think.

3 Likes
2

Hello Nick,
Maybe something to allow syncing both ways, such as the Peplink SD-Switches, could help, though we’d want to see that as an option to enable from IC2. Issues I see with this are if settings are common from IC2 to multiple devices, then a local admin messing around with the device locally could daisy-chain issues to other devices within the same organisation/group.

One of the things we like about the Peplink routers is the diversity of ways to manage them (locally, via InControl2 and ICVA). Cloud-based platforms are always going to be able to offer more advanced features than local platforms due to the processing advantage of the larger data centres on which these typically run.

I’m looking forward to seeing what others have to contribute to this. Your situation is not unique to the maritime industry; we also see this in the aeronautical industry, the media/broadcast industry, and the emergency services industry.

Happy to Help,
Marcus :slight_smile: