bandwise presentation at ip possibilities 2013
DESCRIPTION
Overview of CCI Systems' BandWise product at IP Possibilities in 2013. I presented to around 100 folks on our subscriber management solution.TRANSCRIPT
Policy Management with BandWise
Matt Reath, Director of Sales EngineeringCCIE #27316 (SP)
CCI Systems
Agenda
• Overview of Policy Management• Policy Control with Cisco ISG/BNG• Introduction to CCI’s BandWise Product
Why do we need policy management?
• More and more services are being deployed on converged IP networks
• Growing bandwidth consumption by users• Customer experience is high priority• Network must be “session” aware and able to
apply custom parameters to each session• Each session tracked in order to apply QoS and
security
• Initial drivers– Bandwidth metering and monthly caps– Recoup costs of increasing subscriber data usage– Session/Subscriber identification (MAC, VLAN, Option 82,
etc.)• Additional value adds– Network intelligence, reporting– Peak-time bandwidth control– Subscriber self-service– WiFi hotspot portals/credit card authorization– Per subscriber services (QoS, VRF, access control)
Policy Management
• Intelligent Services Gateway (ISG)– Cisco ASR1000, Cisco 7200, Cisco 10000
• Broadband Network Gateway (BNG)– Cisco ASR9000 w/Typhoon line cards
Cisco Router Support
How does it work?
ISG Router
Internet
RADIUS Server
Data sent
RADIUS Auth
RADIUS Accept
Data sent
Data received
RADIUS Acct
RADIUS CoA
Configuration
aaa authentication login AUTHEN_LIST group AAA_GROUPaaa authorization network AUTHOR_LIST group AAA_GROUP aaa authorization subscriber-service default local group AAA_GROUP aaa accounting update periodic 1aaa accounting network ACCNT_LIST start-stop group AAA_GROUP
aaa group server radius AAA_GROUP server 192.168.60.202 auth-port 1812 acct-port 1813
RADIUS
policy-map type control ISG_CTRL_POLICY class type control IP_UNAUTH_COND event timed-policy-expiry 10 service disconnect ! class type control always event session-start 10 authorize aaa list AUTHOR_LIST password cisco identifier circuit-id 40 set-timer IP_UNAUTH_TIMER 10 100 service disconnect ! class type control always event account-logon 10 authenticate aaa list AUTHEN_LIST ! class type control always event account-logoff 10 service disconnect delay 5 ! class type control always event session-restart 10 authorize aaa list AUTHOR_LIST password cisco identifier circuit-id 40 set-timer IP_UNAUTH_TIMER 10 !
Policy
Interfaceinterface GigabitEthernet0/0/1.400 encapsulation dot1Q 400 ip dhcp relay information trusted ip address 192.168.240.1 255.255.255.0 ip helper-address 192.168.60.202 ip nat inside service-policy type control ISG_CTRL_POLICY ip subscriber l2-connected initiator dhcp
CCI Confidential
• Built upon Cisco’s ISG (ASR1000) and BNG (ASR9000) feature set(s)
• Includes: RADIUS, Policy Server, Web management, Reporting, API access, Customizable portals, and notifications (email, SMS, etc.)
• Customizable web portals for WiFi/unauthenticated user scenarios – access code, username/password, pay for access (authorize.net)
• Managed service – CCI manages the server hardware, provides support, keeps system up-to-date, and provides customization
• JSON-based API for further automation tasks
CCI Confidential
BandWise Overview
BandWisePolicyEngine
ISG/BNG Router
RADIUS
WEB
API
Billing/OSSAutomation Tools
Subscriber/PortalSystem Manager/CSR
WEB
CCI Confidential
• Dashboard
• Overall system graphs
• Links to all management functions
• Top talkers widget
• Quick access icons
BandWise Dashboard
CCI Confidential
• Policy Management
– Download/upload speeds
– Peak time caps
– Monthly caps
• Bandwidth Caps
– Create thresholds and cap periods
– Flexible reaction system
• Reaction policies
• Notifications
• Shutoff
Policy Management
CCI Confidential
• Account creation
• View individual bandwidth cap infractions
• See overall bandwidth usage for each device on account or aggregate
• Assign Group or Policy
• Add/remove/edit devices associated with account
– MAC Address
– Option 82
– VLAN
Account Management
CCI Confidential
• Client captive portal w/ credit card purchase, subscriber login, and access codes
• WiFi Hotspot Applications
Captive Portal
CCI Confidential
• Syslog, email, SNMP trap, and SMS notifications
• SFTP support for scheduled subscriber imports
• Full-featured API facilitates billing system integrations
BandWise Administration
CCI Confidential
Reporting
• Network Bandwidth
• Bandwidth Infractions
• Top Talkers
• Captive Portal Logins
• Captive Portal Purchases
• Scheduled Reporting
CCI Confidential
• Provides storage and maintenance advantages
– CCI manages updates to the system via push from Cloud
– Data is stored locally and in the Cloud; resulting in quicker restoration of data
• Calculation, authentication, and enforcement functions operate on local redundant server pair
• Web interface, management, update, reporting, and graphing functions operate in CCI’s cloud service
Cloud Architecture
CCI Confidential
1 – ISG/BNG router
2 – Redundant Bandwise Servers
3 – Redundant management switches
4 – Single or redundant VPN gateways
5 – Redundant VPN gateway into CCI cloud
6 – Load balancers
7 – Cluster of application servers
8 – Cluster of job servers
9 – Cluster of database servers
Cloud Architecture
CCI Confidential
• Management Portal– User authentication
– Dashboard
– Policy management
– Account management
– Group management
– Reports
• Import users and profiles from existing SQL, LDAP, or text file sources
• Manual entry of account, policy, and group information
• Policy enforcement– ISG feature set required
– RADIUS
– Change of Authorization
Phase 1 – Oct ‘12
• Multilevel hierarchy for company/property management
• End-user portal– Subscribers can log-in to
view statistics and information
– Manage devices associated with account
• Sign-on portal– For unauthenticated
devices/WiFi hotspots
– Login to account to add device-or-
– Select option and pay via credit card
– Credit card authorization handled by web service
• Multiple devices per account
• Notifications of cap violations
Phase 2 – Nov ‘12
• Billing System API– JSON-based web service API
– Allows 3rd party development of billing system interface
• Data export options– CSV,XML
• Export delivery via:– SFTP, manual browser
download
• Software redundancy
Phase 3 – Jan ‘13
Beta Feb ‘13 – April ‘13
May 2013 GA Release
Roadmap
CCI Confidential
• Anticipated Features (schedule TBD)
– Mobile device apps for end-user bandwidth reports and alerts (Andriod and iOS)
– CMTS/Cable Network Support (PCMM/IPDR)
– Bug fixes
– Feature updates
– Integration with CCI’s NOC monitoring/managed service packages
Roadmap
Thank You!
Visit CCI’s Booth (Booth #307) fora BandWise Demo