Public Fixed IP SIM vs Private Fixed IP SIM

expand_more

Public fixed IP SIM cards carry risks that can be negated with a Private fixed IP SIM.

IP (Internet Protocol) address is a sequence of numbers similar to 192.168.0.1 allocated to a network device which uses a network or the internet for communication. The IP address assigned to a network device MUST be unique on the network it is connected to. There are only around 4.3 billion possible unique IPV4 IP addresses in existence for use across the globe. These IP addresses are shared out between the internet connected organisations across the globe and and can only be allocated for use by the organisation responsible for managing them. Our partner ISP Faelix is one of these organisations able to allocate IP addresses from their assigned pool of IP addresses. There are two main types of IP address, public and private.

A public IP address is one that can be described as internet routable. In other words it can be considered to be directly connected to the internet. Most ISPs and mobile operators offer only dynamic public IP addresses which means that the IP address assigned to the SIM either changes each time the SIM connects to the internet, changes periodically or is shared across multiple SIMs similar to your home or business broadband connection. Dynamic public IP addresses are an essential part of internet communication, but do not generally allow you to remotely connect to the IP address. To remotely connect to the IP address you would require a fixed public IP address.

Private IP addresses are NOT internet routable and therefore cannot be reached directly from the internet. Your home or business networks use private IP addresses for all of the devices connected behind your internet router. It is possible for a device connected behind the internet router to be reached from the internet but only if special programming (port forwards and associated firewall rules) are added to the internet router. Private IP addresses look exactly the same as public IP addresses, because they are! Quite simply there are three IP address ranges out of the around 4.3 billion possible IP addresses that have been put aside for private use. These are:

  • 10.0.0.0 to 10.255.255.255
  • 172.16.0.0 to 172.31.255.255
  • 192.168.0.0 to 192.168.255.255

Again private ip addresses can be used in a dynamic manner. Most home broadband routers do this. So the IP address or your computer / phone / TV etc, will change over time. In order to be reliably able to contact any network connected device remotely it is necessary to switch to use fixed (or static as it is also known) ip addresses.

SIM cards are normally allocated dynamic IP addresses which may change over time. This is perfectly acceptable for browsing the internet because the data SIM is only making an outbound connection to the internet. However IoT SIM cards can very often be used applications which require an inbound connection to the SIM from the internet. A prime example would be a CCTV recorder plugged into a 4G router which needs to be accessed remotely by an end user or an Alarm Receiving Centre, which means we would require a fixed (static) IP address.

So, what are the options when it comes to allocating a fixed IP to a SIM card?

  • Public fixed IP

    We can assign a public fixed IP address to a SIM card. This would mean that it can be connected to publicly from the internet by anybody with an internet connected computer or deviceand this makes it incredibly flexible because you can simply share the IP address with 3rd parties who can access the router and associated hardware plugged into it. This is the main upside but it is also a big problem at the same time.

    The downside of your SIM being connectable openly from the internet leaves the device incredibly vulnerable to a cyber attack. The effects can be mitigated if the SIM is installed in a router with an integral firewall by programming the firewall to only allow a connection from specified IP’s but even this partial fix leaves you vulnerable to excessive data fees because data will be consumed even if the connection request is rejected by the firewall, because the data transmissions have to get to the remote router firewall before it can be rejected.

    An added complication here is the fact that since there is only just under 4.3 billion possible IPV4 IP addresses in circulation they are running out quickly which means they trade at a premium price. And this problem is only ever going to get worse. On 25 November 2019 for Ripe NCC, the RIR (Regional Internet Registry) responsible for allocating IP address blocks to ISPs across Europe, Middle East and Central Asia, exhausted the last of their available IP address blocks. All other RIRs exhausted their supplies in the years previous to that. In other words the ISPs run out of available IPv4 addresses in their allocations, that is it!

    There is certainly a need to have public fixed IP addresses available and we do offer them, but where possible we encourage you to consider our other solutions which can provide remote access to the device containing the SIM securely, without leaving it vulnerable to cyber attack or data fees for anything other than genuine data transmissions.

  • Private Fixed IP

    We can assign private fixed IP addresses to your SIM cards, and then provide you with secure remote access to those fixed IP addresses by utilising our KeySecure functionality.

    The advantage of this is that your SIMs cannot be hit directly from the public internet which makes it considerably more secure than allocating public IP’s. You can even turn the remote router configuration on if you wish as only the people you grant access to your SIMs on KeySecure have access to your devices. This is something you would avoid doing with a public IP address as it would allow hackers access to your routers configuration interface.

    Private fixed IP addresses are considerably more secure than public IP’s, avoid additional software or programming and are a lot more cost effective.

    On this basis our team believe you should use private fixed IP’s where possible. For private IP networking options please visit our KeySecure article.