As mentioned here https://forum.sierrawireless.com/t/siwi2way-at-console-behind-nat/5401/1, I wrote some code which allows complete remote control of the modems over tcp/ip, without continuesly polling. As also mentioned, some feature are missing. One of them is some (basic) authentication / encryption mechanism.
I found libtom.org/?page=features&whatfile=crypt, which offers many encryption routines. I have no idea which one to use however. What I am looking for is some reasonable compromise between complexity / required resources and how easy it is to break it. If someone has suggestions, let me know.