Emergency Response Using IP Over Satellite
In mid-October, an Andrew 3.7-meter motorized Ku-band antenna system was hoisted onto the roof of Texas A&M's Institute of Biosciences and Technology (IBT), located at the Texas Medical Center in Houston. Among other things, this system is part of the elaborate Disaster Relief and Emergency Medical Services (DREAMS) project that has been taking shape since the mid-1990s.
"Our overall goal is to mitigate the problems associated with prolonged patient transport, and to incorporate Ka-band technologies. DREAMS is trying to extend what is known in the emergency medical response community as the golden hour," says Larry Flournoy, associate director at the Academy for Advanced Telecommunications and Learning Technologies at IBT. "Critical to this approach is the idea of providing more interactivity between the medics on scene and doctors back in the emergency room. Everything keys around the communications platform on the ambulance, including all the computing, telemetry and support instrumentation."
"This complex in Houston is relatively protocol savvy in that a video signal can come into the complex as IP over ATM, and leave the complex as MPEG-2 over DVB. At this point, I believe that all of the applications that are supported between the hub and ambulance are purely IP over High-Level Data Link (HDLC)," says David Beering, principal at Chicago- based Infinite Global Infrastructures LLC, which is involved in the design, integration and installation of the satellite system. HDLC is another layer-2 protocol that is used primarily by Cisco routers to communicate over a serial link. It is equivalent to ATM and DVB in the Open System Interconnection (OSI) model.
Multiple variations of the DREAMS ambulance are emerging, including one outfitted with SCPC and Spread Spectrum hardware by a team from the Satellite and Wireless Networking Section of the Naval Research Laboratory (NRL) headed by Michael Rupar.
"Due to the small size of the ambulance terminal's Ku-band aperture, the ambulance transmits Spread Spectrum and receives SCPC. Hardware onboard includes an SCPC modulator and demodulator from Comtech EF Data, and spread spectrum modulators and demodulators from Filtronics, Sigtek and Cylink. Additionally, for transmit power, the ambulance is using a Litton Microwave Power Module (MPM), as opposed to a TWTA or SSPA," says Beering.
For public safety agencies requiring a range of Ku-band satellite solutions, Ottawa-based C-COM Satellite Systems Inc. developed the iNetVu, a self-aligning mobile two-way high-speed Internet over satellite antenna system. Agencies such as the Toronto Fire Marshal's Office, Minnesota State Patrol and the Gloucestershire Fire and Rescue Incident Command unit in Quedgley, Gloucestershire, UK, have deployed this system.
"As agencies become familiar with the advantages of accessing multiple IP-based services, including voice on scene, they need a solution that will find the satellite fast on the first try," says President and CEO of C-COM Leslie Klein. "We emphasize a robust solution that is completely actuator driven with no gears or externally mounted electronics."
Avoiding Internet Invasions
Talking about IP requires at least some coverage of the numerous unpleasant scenarios that can arise involving IP traffic in general. For example, did a computer worm or virus create any headaches for you recently? And did one play a role in the August 14, 2003, blackout that severely impacted the United States and Canada?
Mentat Inc. is one company that takes the growing emphasis on network integrity and reliability in stride. According to Mentat President Kay Guyer, there is a substantial increase in port scans. These are probes that run through the TCP and UDP port numbers used to differentiate applications, and scan for vulnerabilities in machines and firewalls.
"Thanks to readily-available automated scripts which are able to scan quickly through large numbers of port numbers, malicious hackers can hunt for potential vulnerabilities on a particular machine or across a protected network," says Guyer. "Certain viruses operate in a similar manner, scanning the Internet for unprotected machines. Port scans can generate enormous numbers of TCP connections, swamping the resources of the end hosts and intermediate networking devices as well as wasting significant bandwidth."
Guyer points to one recent example, the infamous Blaster Worm that disrupted networks. Via TCP port 135, it took over machines and ran its own code. Once infected, the code began searching the network for other machines with the same vulnerability in TCP port 135.
"Recent monitoring of traffic on customer links showed extremely large numbers of TCP connections, far above typical rates for the link bandwidth. Closer analysis of the traffic showed that approximately 90 percent of the connections were generated by just a few machines infected by the Blaster worm," says Guyer.
To counteract this growing menace to its satellite-based ISP customers in particular, Mentat added a new feature into its SkyX Gateway, which can now be configured to suppress the number of connections per second that any client can establish across the satellite link to prevent port scans. It can also suppress connections on any set of port numbers to protect against Blaster-style viruses. These connections can either be passed through without performance enhancement or discarded entirely, according to Guyer.
"These are secondary features of the product. We are not trying to build a firewall or virus scanning system, but there are significant benefits in network stability and bandwidth conservation from using the SkyX Gateway," Guyer says.
Email
Comments
Print
Reuse
Archives
Copyright Permissions
