Some companies are opting to use different firewall options to protect their networks against outbound traffic that can cause problems for their customers.
NBC News first reported the move in late April.
But the move has now spread to at least a half dozen companies.
NBC’s reporting comes as some other businesses are looking to improve their ability to fight back against hackers and other attackers that want to get into their networks.
In addition to offering protection against out-of-band traffic, some of these companies have adopted the use of software tools that can limit the amount of traffic that an outbound device can receive.
These tools can be deployed to block outbound calls, messages and data to and from an IP address.
“If an IP addresses has a low packet count, it’s more difficult for the outbound call to be routed to that person,” said Mark Wojciechowski, CEO of the cybersecurity firm Kaspersky Lab.
In fact, Wojcikowski said some companies have implemented “virtual IP addresses” that have a low number of incoming packets, or packets that can only be received by the out-bound device.
Some companies also have deployed software that allows users to block specific IP addresses from receiving certain types of traffic.
“These types of firewall policies allow you to do a few different things,” Wojczkowski said.
“The first is to make sure that you’re protecting your infrastructure from attacks, but also protect your infrastructure against other attacks that could come from outside of your infrastructure.”
The problem for companies like Comcast and Time Warner Cable is that many of these devices come with out-the-box protection software that can easily be circumvented by attackers.
The software can even be used to block outgoing traffic.
But companies are also using different tools to limit outbound access.
“It’s difficult to find the right balance between the two and it’s difficult for many of us to get the balance right,” said Brian Loyn, senior vice president of global business development for Comcast.
“So we try to leverage our experience and our technology to deliver the right solutions to our customers, but we also recognize that sometimes it’s a better idea to leverage a tool like our virtual IP address and address validation tool, which is also supported by our network hardware.”
Loylny also said some customers may want to use the firewall on their own devices, but have to rely on third-party software to block the traffic.
He added that the use in some cases can help customers avoid having to pay for additional equipment.
“When you have a firewall, if you’re using a firewall with a device, that device can be a bad actor,” Loyni said.
Comcast has also deployed an IP filter that blocks outbound IPs from a customer’s Internet protocol address.
But Comcast doesn’t have any plans to use virtual IP addresses to block incoming traffic from an individual customer, Loyne said.
The move to restrict outbound connections is also being welcomed by many companies.
In a statement to NBC News, Comcast said it has “no plans to restrict the IP address validation service to IP addresses of our customers.”
“The firewall tool that we use in our firewall for outbound connectivity, IP address address validation, and the firewall tool for our outbound network configuration is supported by all of our devices,” the statement read.
“There are no plans to limit the IP addresses validation service for our customers based on an IP addressing policy.”
Comcast has recently rolled out a new firewall that is more effective against hackers.
The company has said that this new tool will block out-and-out traffic, not incoming traffic, and that it will also automatically disable the firewall if it detects an out-going connection is made to a different network.
But Loynic said he doesn’t think that Comcast’s new firewall is effective against outlier attacks.
“I don’t think it is,” Lodowic said.
While the firewall is technically effective, it also could allow out-looking devices to access Comcast’s network without any protection from the company’s firewall.
Comcast is not the only company that has taken the position that it does not need to block access to an IP on a customer device.
In October, Google announced that it was using its own firewall software to help it protect its network from attackers.
And in April, Comcast announced that its own IP firewall software is also protecting the network from outbound attacks.
Comcast said its firewall protects its customers against attacks from out-based attackers.
“We are taking this new approach to prevent and address outbound threats, both from outside the company and from inside our network,” Comcast said.