In this case study, we supported a yacht requiring a reliable, secure, and well-controlled connectivity architecture for both operational and guest use.
The vessel operates with a hybrid connectivity setup where cellular and Starlink links are used as the primary internet sources, providing high-speed access when near shore or within Starlink coverage areas. A VSAT connection is configured as an emergency backup, ensuring continuous connectivity in case of service degradation or link failure.
At the core of the system, a Kerio Control firewall manages traffic routing, prioritization, and security. Clear rules have been defined to separate different types of onboard traffic:
- Operational traffic, including navigation systems, monitoring services, and remote technical support
- Owner traffic, with prioritized bandwidth and controlled access
- Guest traffic, isolated from critical systems
- Crew traffic, managed with usage policies to prevent congestion
This segmentation ensures that critical services remain protected and operational, regardless of guest or crew internet usage. Automatic failover rules allow the system to switch between cellular, Starlink, and VSAT links without manual intervention.
The result is a resilient and predictable connectivity environment, optimized for both performance and security, and fully aligned with the yacht’s operational requirements.
