Securing Remote PHY Infrastructure (2015)

By Pawel Sowinski and Gerry White, Cisco Systems, Inc.

The Remote PHY (R-PHY) architecture represents the next stage in the evolution of DOCSIS and video service delivery as defined in a family of specifications under development by Cable Television Laboratories (CableLabs®). Products can be expected in the near future and operators need to understand the issues with the new technology, and start planning how to deploy it.

Unlike previous versions of DOCSIS this new architecture significantly impacts the HFC access infrastructure. The CCAP PHY components migrate into R-PHY devices (RPDs) located at the edge of the IP network, which is also extended deeper into the outside plant. To enable this evolution, existing linear optical links are converted into standard Ethernet connections and the traditional fiber nodes are replaced with IP enabled R-PHY devices.

Thus the R-PHY architecture requires MSOs to deploy a large number of IP networking devices into inherently unsecure portions of the network, such as pole mounted nodes and remote cabinets. This extension of IP deeper into the plant exposes the network to a set of security threats so that the infrastructure and the RPDs must incorporate critical security measures to protect the network, the RPDs and the customer data.

The paper outlines a comprehensive approach to ensure the security of distributed IP networks in insecure locations, using R-PHY as a specific example, taking into account the unique network, protocol, and application characteristics of R-PHY systems. The authors assess the scope of security threats, propose mitigation techniques to address the identified vulnerabilities and recommend security requirements for individual network components. In particular, the paper details such procedures as the secure authentication of RPDs to prevent unauthorized access to the MSO’s IP network and approaches to secure R-PHY control and data connections.

In summary, the paper demonstrates why, where, and how standards-based, distributed IP networks can be secured in a cost effective and interoperable manner using R-PHY as a specific example.

By clicking the "Download Paper" button, you are agreeing to our terms and conditions.

Similar Papers

Securing Remote PHY Infrastructure
By Pawel Sowinski and Gerry White, Cisco Systems, Inc.
Remote PHY 2.0: The Next Steps For Remote PHY Technology
By Pawel Sowinski, Andy Smith & Tong Liu, Cisco Systems Inc.
The impact of Remote PHY on Cable Service Convergence.
By Pawel Sowinski, Cisco Systems Inc.
R-PHY with Remote Upstream Scheduler
By Tong Liu, PhD & John T Chapman, Cisco Systems
Impact of CCAP to CM Distance in a Remote PHY Architecture
By John T. Chapman, Gerry White, and Hang Jin, Cisco
Leveraging External Applications For DOCSIS 3.1 HFC Plant Optimization
By Pawel Sowinski, Cisco Systems Inc.
Remote PHY for Converged DOCSIS, Video and OOB
By John T. Chapman, CTO Cable Access BU & Cisco Fellow, Cisco
Remote PHY Going the Distance
By Marek Hajduczenia, PhD, Charter Communications; Glen Hardin, Charter Communications; John Chapman, Cisco Systems
Modernizing Cox Communication’s Access and Aggregation Network Infrastructure for Remote PHY Deployment
By Deependra Malla, Cox Communications Inc.
Remote PHY Deployment Options
By Jeff Finkelstein, Cox Communications and Alon Bernstein, Cisco Systems
More Results >>