Comcast is committed to providing the best online experience possible for all our customers, using reasonable network management practices that are consistent with industry standards. We invite our Xfinity Internet customers to review the acceptable use policy and customer agreement for residential services. The following is intended to help clarify what we mean by network management.
Why Comcast manages its network
Comcast manages its network with one goal: to deliver the best possible broadband Internet experience to all of our customers. To achieve this goal, Comcast uses reasonable network management practices that are consistent with industry standards.
All Internet service providers need to manage their networks, and Comcast is no different. If we didn't, customers would be subject to the negative effects of, for example, spam, malware, phishing, viruses and other harmful code and content. By engaging in reasonable network management practices, Comcast can deliver the best possible broadband Internet experience.
How Comcast manages its network
Comcast does not discriminate against lawful Internet content, applications, services or non-harmful devices. Comcast uses various tools and techniques to manage its network, deliver its service, and ensure compliance with the acceptable use policy and customer agreement for residential services. These tools and techniques are dynamic and can and do change frequently. Network management activities may include identifying spam and preventing its delivery to customer email accounts, and detecting malicious Internet traffic and preventing the distribution of, or inadvertent access to, malware, phishing, viruses or other harmful code or content.
Comcast currently does not maintain a separate system to assist with managing times of congestion. As our network technologies and usage of the network continue to evolve, we reserve the right to implement a new congestion management system if necessary in the performance of reasonable network management and in order to maintain good broadband Internet access service experience for our customers, and will provide updates here as well as other locations if a new system is implemented.
An overview of Comcast’s network practices with respect to its Xfinity Internet broadband Internet access services is provided in the Xfinity Internet broadband disclosures. Additional information, including detailed technical information, is available in the network management information center.
Changes in network management over time
As the Internet and its related technologies continue to evolve, Comcast's network management tools will also keep pace so we can deliver an excellent, reliable, and safe experience to all of our customers. We will provide updates here as well as other locations if we make significant changes to our network management techniques.
Protection from security threats
Comcast provides its customers with full access to all the lawful content, services, and applications that the Internet has to offer. Comcast does not block or rate-control specific protocols or protocol ports (except to prevent spam, malicious attacks and identity theft), modify protocol fields in ways not prescribed by protocol standards or otherwise inhibit or favor certain applications or classes of applications.
Comcast, however, does employ a number of practices to prevent unwanted communication like spam. We limit the number of login, SMTP, DNS, and DHCP transactions per second (at levels far above ‘normal’ rates) that customers can send to our servers in order to protect them from Denial of Service (DoS) attacks. (We do not disclose exact rate limits in order to maintain the effectiveness of these measures.) Please see email — limitations on sending and what is Comcast doing about reducing spam? to learn more.
In order to further protect our customers, Comcast blocks a limited number of ports that are commonly used to send spam, launch malicious attacks, or steal a customer’s information. Comcast conducts several security initiatives, and offers security tools for our customers at our online security page. For more information, see list of blocked ports.
Attaching devices to our network
Many devices are approved for use on our network. For a cable modem device to be approved for use on the network, it must pass CableLabs certification, UL certification, FCC certification, and Comcast device testing, covering areas like DOCSIS performance and integration with Comcast’s network and systems. From time to time, Comcast may discontinue support for certain cable modem devices or cease permitting those devices to attach to the network for network management and security reasons.