Passive optical network

What is a passive optical network?

A passive optical network (PON) is a fiber-based architecture that delivers broadband connectivity to multiple subscribers via shared optical infrastructure. Instead of running a dedicated fiber line to every customer, providers use passive splitters to divide optical signals, distributing connectivity to many endpoints.

Splitters distribute light signals using physical optics rather than electronic switching. This allows a single central provider device, known as an optical line terminal (OLT), to serve many subscribers via connected optical network terminals (ONTs) or optical network units (ONUs).

How does a passive optical network work?

A PON distributes traffic using a point-to-multipoint fiber architecture.

At the provider’s central facility, the OLT sends downstream data across a single feeder fiber. The signal travels through the access network until it reaches a passive optical splitter. The splitter divides the optical signal into multiple paths that lead to the homes or offices of individual subscribers.

Because the downstream signal is broadcast across the shared medium, every ONT connected to the splitter receives the entire optical data stream. Each device processes only the frames addressed to its subscriber and ignores the rest.

Upstream traffic follows a different mechanism. To prevent collisions, coordinated scheduling determines when a given device can send data. In many PON systems, this is implemented using time-division multiple access (TDMA). In Ethernet PON (EPON), the Institute of Electrical and Electronics Engineers (IEEE) 802.3 standard uses Multipoint Control Protocol (MPCP) to coordinate upstream transmissions between the OLT and ONUs.

Many PON standards include security features, but the details vary by PON type. For example, Gigabit PON (GPON) standards include encryption to protect downstream payload traffic over the shared fiber, while other PON variants may use different security mechanisms or deployment choices. That said, deployment and key management practices vary by operator.

Types of passive optical networks

Although the architecture is similar across deployments, PONs operate differently depending on the standard they use. Common protocols include:

• Gigabit PON (GPON): A widely deployed ITU-T standard for residential broadband networks that supports 2.488Gbps downstream and 1.244Gbps upstream nominal line rates.
• Ethernet PON (EPON): An IEEE Ethernet-based standard that integrates directly with Ethernet infrastructure. 1G-EPON uses a nominal 1.25Gbps symmetric line rate, delivering about 1Gbps effective capacity in each direction.
• 10-Gigabit-capable PON (XG-PON): A next-generation standard supporting 10Gbps downstream and 2.5Gbps upstream nominal line rates.
• 10-Gigabit-capable symmetrical PON (XGS-PON): A symmetrical standard providing 10Gbps nominal line rates in both directions.
• Next-generation PON 2 (NG-PON2): A multi-wavelength standard that uses several optical channels to support a nominal aggregate capacity of 40Gbps downstream and 10Gbps upstream.

Where is it used?

PONs are used to provide connectivity in a variety of settings.

Residential broadband services rely heavily on PON for fiber-to-the-home and fiber-to-the-premises infrastructure. A single optical interface can serve dozens of homes through passive splitting.

Multi-dwelling buildings and campus environments also benefit from this architecture. Businesses sometimes receive internet connectivity through PON-based fiber access networks as well. In mobile networks, PON may also be used to support mobile backhaul in some deployments.

Municipal broadband and smart city projects may also use fiber access infrastructure to support public connectivity and connected systems across urban areas.

Benefits of using a passive optical network

PONs offer several operational advantages compared with traditional access technologies. These include:

• High throughput over long distances: Fiber enables gigabit-scale connectivity of up to 12 miles (19 kilometers) in standard PON deployments.
• Reduced field equipment: Passive splitters eliminate the need for powered distribution equipment in many parts of the network.
• Lower energy consumption: Most active hardware remains inside provider facilities rather than outdoor cabinets.
• Efficient subscriber distribution: A single optical interface can serve multiple users via passive splitters, with the exact split ratio determined by the PON standard and optical budget.

Risks and privacy concerns

Advantages aside, PONs do introduce security considerations. Common risks and privacy concerns include:

• Misconfigured virtual local area network (VLAN) segmentation: Subscriber isolation often depends on proper VLAN tagging and ONU/OLT service configuration; misconfigurations can expose traffic or services to the wrong users.
• Weak management interfaces: Poorly secured ONT or provider management systems may allow unauthorized administrative access.
• Rogue or unauthorized ONTs: Improperly authenticated, misbehaving, or malicious ONTs can interfere with shared upstream operation or bypass access controls if operator protections are weak.
• Fiber tapping: Intercepting optical traffic is technically complex but possible with physical access to fiber infrastructure.
• Network-level metadata visibility: Even when payload data is encrypted, providers may still observe connection timing and destination patterns.

Because of these factors, privacy protections often extend beyond the access network itself. Router security, encrypted Domain Name System (DNS), and virtual private network (VPN) tunneling can reduce the risk of sensitive data being exposed.

Further reading

• Types of internet connections explained
• Network connections: Everything you need to know
• How to check your internet connection
• What is a VLAN? A complete guide to virtual LANs
• 5 ways to hide your browsing history from ISPs