Consumer electronics on the laboratory network

Connecting consumer devices to a wireless network in your home is perfectly reasonable, but connecting them to the laboratory network is problematic. Photo: James Fee

With more and more consumers having home wireless networks, there is a rapidly increasing number of products offered that use these wireless networks to provide various services, such as allowing screens from laptops or tablets to be displayed on a television screen. Given the convenience of such devices, lab users may be tempted to use them on the lab network. But there are important differences between home and work networks that can make this a very bad idea.

Your home network is typically used by a very limited set of individuals and devices and is (hopefully) protected by a password that prevents strangers from accessing it. Home networks are also usually protected by a firewall that strictly limits what sort of traffic is allowed into the network from the outside Internet. Thus you can be pretty certain that no one from the general Internet will be able to access your consumer device.

The Fermilab network, on the other hand, is used by thousands of people each day and is configured to allow a variety of scientific communications to flow freely between the lab and outside collaborators. And connecting to our network is relatively open to provide service to visiting scientists. Consequently, any consumer devices placed on the lab network can be accessed, not only by anyone else using the lab network, but also by intruders from the general Internet. Moreover, such devices, which are not designed to be used on such a widely populated enterprise network, can generate signals that seriously interfere with normal lab business and may lack authentication mechanisms that would prevent outsiders from accessing them.

For example, we have seen streaming video devices on the lab network. But since these devices can be accessed by anyone else on the network, an outsider can stream their own video to your screen or even purchase video content with the credit card you have registered with the device! Even worse is use of the popular Chromecast device, which can often behave like a wireless hub, disrupting the operation of the network. Such behavior would not be a problem in your basement but is much more serious when it can disturb the network for hundreds of other lab personnel who may be nearby.

Not all devices are subject to these perils. Some devices are benign and can be used on the general lab network. But please check with computer security at computer_security@fnal.gov before connecting any such device.

Irwin Gaines