SlideShare a Scribd company logo

BandWise Presentation at IP Possibilities 2013

Download as PPTX, PDF
M
Matt Reath

Overview of CCI Systems' BandWise product at IP Possibilities in 2013. I presented to around 100 folks on our subscriber management solution.

Technology
1 of 20
Policy Management with BandWise Matt Reath, Director of Sales Engineering CCIE #27316 (SP) CCI Systems
Agenda • Overview of Policy Management • Policy Control with Cisco ISG/BNG • Introduction to CCI’s BandWise Product
Why do we need policy management? • More and more services are being deployed on converged IP networks • Growing bandwidth consumption by users • Customer experience is high priority • Network must be “session” aware and able to apply custom parameters to each session • Each session tracked in order to apply QoS and security
• Initial drivers – Bandwidth metering and monthly caps – Recoup costs of increasing subscriber data usage – Session/Subscriber identification (MAC, VLAN, Option 82, etc.) • Additional value adds – Network intelligence, reporting – Peak-time bandwidth control – Subscriber self-service – WiFi hotspot portals/credit card authorization – Per subscriber services (QoS, VRF, access control) Policy Management
• Intelligent Services Gateway (ISG) – Cisco ASR1000, Cisco 7200, Cisco 10000 • Broadband Network Gateway (BNG) – Cisco ASR9000 w/Typhoon line cards Cisco Router Support
How does it work? ISG Router Internet RADIUS Server Data sent RADIUS Auth RADIUS Accept Data sent Data received RADIUS Acct RADIUS CoA
Configuration aaa authentication login AUTHEN_LIST group AAA_GROUP aaa authorization network AUTHOR_LIST group AAA_GROUP aaa authorization subscriber-service default local group AAA_GROUP aaa accounting update periodic 1 aaa accounting network ACCNT_LIST start-stop group AAA_GROUP aaa group server radius AAA_GROUP server 192.168.60.202 auth-port 1812 acct-port 1813 RADIUS policy-map type control ISG_CTRL_POLICY class type control IP_UNAUTH_COND event timed-policy-expiry 10 service disconnect ! class type control always event session-start 10 authorize aaa list AUTHOR_LIST password cisco identifier circuit-id 40 set-timer IP_UNAUTH_TIMER 10 100 service disconnect ! class type control always event account-logon 10 authenticate aaa list AUTHEN_LIST ! class type control always event account-logoff 10 service disconnect delay 5 ! class type control always event session-restart 10 authorize aaa list AUTHOR_LIST password cisco identifier circuit-id 40 set-timer IP_UNAUTH_TIMER 10 ! Policy Interface interface GigabitEthernet0/0/1.400 encapsulation dot1Q 400 ip dhcp relay information trusted ip address 192.168.240.1 255.255.255.0 ip helper-address 192.168.60.202 ip nat inside service-policy type control ISG_CTRL_POLICY ip subscriber l2-connected initiator dhcp
• Built upon Cisco’s ISG (ASR1000) and BNG (ASR9000) feature set(s) • Includes: RADIUS, Policy Server, Web management, Reporting, API access, Customizable portals, and notifications (email, SMS, etc.) • Customizable web portals for WiFi/unauthenticated user scenarios – access code, username/password, pay for access (authorize.net) • Managed service – CCI manages the server hardware, provides support, keeps system up-to- date, and provides customization • JSON-based API for further automation tasks CCI Confidential
CCI Confidential BandWise Overview BandWise Policy Engine ISG/BNG Router RADIUS WEB API Billing/OSS Automation Tools Subscriber/PortalSystem Manager/CSR WEB
• Dashboard • Overall system graphs • Links to all management functions • Top talkers widget • Quick access icons CCI Confidential BandWise Dashboard
• Policy Management – Download/upload speeds – Peak time caps – Monthly caps • Bandwidth Caps – Create thresholds and cap periods – Flexible reaction system • Reaction policies • Notifications • Shutoff CCI Confidential Policy Management
• Account creation • View individual bandwidth cap infractions • See overall bandwidth usage for each device on account or aggregate • Assign Group or Policy • Add/remove/edit devices associated with account – MAC Address – Option 82 – VLAN CCI Confidential Account Management
• Client captive portal w/ credit card purchase, subscriber login, and access codes • WiFi Hotspot Applications CCI Confidential Captive Portal
• Syslog, email, SNMP trap, and SMS notifications • SFTP support for scheduled subscriber imports • Full-featured API facilitates billing system integrations CCI Confidential BandWise Administration
CCI Confidential Reporting • Network Bandwidth • Bandwidth Infractions • Top Talkers • Captive Portal Logins • Captive Portal Purchases • Scheduled Reporting
• Provides storage and maintenance advantages – CCI manages updates to the system via push from Cloud – Data is stored locally and in the Cloud; resulting in quicker restoration of data • Calculation, authentication, and enforcement functions operate on local redundant server pair • Web interface, management, update, rep orting, and graphing functions operate in CCI’s cloud service CCI Confidential Cloud Architecture
1 – ISG/BNG router 2 – Redundant Bandwise Servers 3 – Redundant management switches 4 – Single or redundant VPN gateways 5 – Redundant VPN gateway into CCI cloud 6 – Load balancers 7 – Cluster of application servers 8 – Cluster of job servers 9 – Cluster of database servers CCI Confidential Cloud Architecture
• Management Portal – User authentication – Dashboard – Policy management – Account management – Group management – Reports • Import users and profiles from existing SQL, LDAP, or text file sources • Manual entry of account, policy, and group information • Policy enforcement – ISG feature set required – RADIUS – Change of Authorization Phase 1 – Oct ‘12 • Multilevel hierarchy for company/property management • End-user portal – Subscribers can log-in to view statistics and information – Manage devices associated with account • Sign-on portal – For unauthenticated devices/WiFi hotspots – Login to account to add device -or- – Select option and pay via credit card – Credit card authorization handled by web service • Multiple devices per account • Notifications of cap violations Phase 2 – Nov ‘12 • Billing System API – JSON-based web service API – Allows 3rd party development of billing system interface • Data export options – CSV,XML • Export delivery via: – SFTP, manual browser download • Software redundancy Phase 3 – Jan ‘13 CCI Confidential Beta Feb ‘13 – April ‘13 May 2013 GA Release Roadmap
• Anticipated Features (schedule TBD) – Mobile device apps for end-user bandwidth reports and alerts (Andriod and iOS) – CMTS/Cable Network Support (PCMM/IPDR) – Bug fixes – Feature updates – Integration with CCI’s NOC monitoring/managed service packages CCI Confidential Roadmap
Thank You! Visit CCI’s Booth (Booth #307) for a BandWise Demo

Recommended

WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2
 
CIS14: PingAccess 101
CIS14: PingAccess 101CIS14: PingAccess 101
CIS14: PingAccess 101
CloudIDSummit
 
AWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security Keynote
Amazon Web Services
 
[WSO2Con EU 2017] WSO2 Unleashed: Full Stack Automation, Pitfalls and Solutions
[WSO2Con EU 2017] WSO2 Unleashed: Full Stack Automation, Pitfalls and Solutions[WSO2Con EU 2017] WSO2 Unleashed: Full Stack Automation, Pitfalls and Solutions
[WSO2Con EU 2017] WSO2 Unleashed: Full Stack Automation, Pitfalls and Solutions
WSO2
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best Practice
Shiu-Fun Poon
 
Real Time API delivering data @ Scale
Real Time API delivering data @ ScaleReal Time API delivering data @ Scale
Real Time API delivering data @ Scale
Akash Mishra
 
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
Amazon Web Services
 
Aruba Networks - Overview ClearPass
Aruba Networks - Overview ClearPassAruba Networks - Overview ClearPass
Aruba Networks - Overview ClearPass
Paulo Eduardo Sibalde
 

Recommended

WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2
 
CIS14: PingAccess 101
CIS14: PingAccess 101CIS14: PingAccess 101
CIS14: PingAccess 101
CloudIDSummit
 
AWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security Keynote
Amazon Web Services
 
[WSO2Con EU 2017] WSO2 Unleashed: Full Stack Automation, Pitfalls and Solutions
[WSO2Con EU 2017] WSO2 Unleashed: Full Stack Automation, Pitfalls and Solutions[WSO2Con EU 2017] WSO2 Unleashed: Full Stack Automation, Pitfalls and Solutions
[WSO2Con EU 2017] WSO2 Unleashed: Full Stack Automation, Pitfalls and Solutions
WSO2
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best Practice
Shiu-Fun Poon
 
Real Time API delivering data @ Scale
Real Time API delivering data @ ScaleReal Time API delivering data @ Scale
Real Time API delivering data @ Scale
Akash Mishra
 
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
Amazon Web Services
 
Aruba Networks - Overview ClearPass
Aruba Networks - Overview ClearPassAruba Networks - Overview ClearPass
Aruba Networks - Overview ClearPass
Paulo Eduardo Sibalde
 
Extended & Reliable WI-FI at Congresium International Convention & Exhibition...
Extended & Reliable WI-FI at Congresium International Convention & Exhibition...Extended & Reliable WI-FI at Congresium International Convention & Exhibition...
Extended & Reliable WI-FI at Congresium International Convention & Exhibition...
4ipnet
 
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance CenterWSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
WSO2
 
Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring
WSO2
 
Wi-Fi Security Fundamentals
Wi-Fi Security FundamentalsWi-Fi Security Fundamentals
Wi-Fi Security Fundamentals
Aruba, a Hewlett Packard Enterprise company
 
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
WSO2
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
Aruba, a Hewlett Packard Enterprise company
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)
Sectricity
 
CIS14: PingAccess in Action
CIS14: PingAccess in ActionCIS14: PingAccess in Action
CIS14: PingAccess in Action
CloudIDSummit
 
Basic security and Barracuda VRS
Basic security and Barracuda VRSBasic security and Barracuda VRS
Basic security and Barracuda VRS
Aravindan A
 
Aruba ClearPass Exchange Deep Dive
Aruba ClearPass Exchange Deep DiveAruba ClearPass Exchange Deep Dive
Aruba ClearPass Exchange Deep Dive
Aruba, a Hewlett Packard Enterprise company
 
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case StudyCisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
nicholas njoroge
 
Поддержка, конфигурирование и мониторинг сети с помощью HP IMC
Поддержка, конфигурирование и мониторинг сети с помощью HP IMCПоддержка, конфигурирование и мониторинг сети с помощью HP IMC
Поддержка, конфигурирование и мониторинг сети с помощью HP IMC
TechExpert
 
Radiojungle AAA RADIUS introduction
Radiojungle AAA RADIUS introductionRadiojungle AAA RADIUS introduction
Radiojungle AAA RADIUS introduction
smoscato
 
WebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewWebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overview
Sarah Duffy
 
WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...
WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...
WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...
WSO2
 
Hardening a SQL Server 2008 Implementation
Hardening a SQL Server 2008 Implementation Hardening a SQL Server 2008 Implementation
Hardening a SQL Server 2008 Implementation
Mark Ginnebaugh
 
CIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST APICIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST API
CloudIDSummit
 
Addressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy StoreAddressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy Store
WSO2
 
SSO with the WSO2 Identity Server
SSO with the WSO2 Identity ServerSSO with the WSO2 Identity Server
SSO with the WSO2 Identity Server
WSO2
 
Governance and Security Solution Patterns
Governance and Security Solution Patterns Governance and Security Solution Patterns
Governance and Security Solution Patterns
WSO2
 
EMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the CloudEMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the Cloud
Aruba, a Hewlett Packard Enterprise company
 
[오픈소스컨설팅] 서비스 메쉬(Service mesh)
[오픈소스컨설팅] 서비스 메쉬(Service mesh)[오픈소스컨설팅] 서비스 메쉬(Service mesh)
[오픈소스컨설팅] 서비스 메쉬(Service mesh)
Open Source Consulting
 

More Related Content

What's hot

Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring
WSO2
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)
Sectricity
 
WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...
WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...
WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...
WSO2
 
Addressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy StoreAddressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy Store
WSO2
 
SSO with the WSO2 Identity Server
SSO with the WSO2 Identity ServerSSO with the WSO2 Identity Server
SSO with the WSO2 Identity Server
WSO2
 
Governance and Security Solution Patterns
Governance and Security Solution Patterns Governance and Security Solution Patterns
Governance and Security Solution Patterns
WSO2
 

What's hot (20)

Extended & Reliable WI-FI at Congresium International Convention & Exhibition...
Extended & Reliable WI-FI at Congresium International Convention & Exhibition...Extended & Reliable WI-FI at Congresium International Convention & Exhibition...
Extended & Reliable WI-FI at Congresium International Convention & Exhibition...
 
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance CenterWSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
 
Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring
 
Wi-Fi Security Fundamentals
Wi-Fi Security FundamentalsWi-Fi Security Fundamentals
Wi-Fi Security Fundamentals
 
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)
 
CIS14: PingAccess in Action
CIS14: PingAccess in ActionCIS14: PingAccess in Action
CIS14: PingAccess in Action
 
Basic security and Barracuda VRS
Basic security and Barracuda VRSBasic security and Barracuda VRS
Basic security and Barracuda VRS
 
Aruba ClearPass Exchange Deep Dive
Aruba ClearPass Exchange Deep DiveAruba ClearPass Exchange Deep Dive
Aruba ClearPass Exchange Deep Dive
 
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case StudyCisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
 
Поддержка, конфигурирование и мониторинг сети с помощью HP IMC
Поддержка, конфигурирование и мониторинг сети с помощью HP IMCПоддержка, конфигурирование и мониторинг сети с помощью HP IMC
Поддержка, конфигурирование и мониторинг сети с помощью HP IMC
 
Radiojungle AAA RADIUS introduction
Radiojungle AAA RADIUS introductionRadiojungle AAA RADIUS introduction
Radiojungle AAA RADIUS introduction
 
WebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewWebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overview
 
WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...
WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...
WSO2Con ASIA 2016: Event Driven Architecture: Managing Business Dynamics for ...
 
Hardening a SQL Server 2008 Implementation
Hardening a SQL Server 2008 Implementation Hardening a SQL Server 2008 Implementation
Hardening a SQL Server 2008 Implementation
 
CIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST APICIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST API
 
Addressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy StoreAddressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy Store
 
SSO with the WSO2 Identity Server
SSO with the WSO2 Identity ServerSSO with the WSO2 Identity Server
SSO with the WSO2 Identity Server
 
Governance and Security Solution Patterns
Governance and Security Solution Patterns Governance and Security Solution Patterns
Governance and Security Solution Patterns
 

Similar to BandWise Presentation at IP Possibilities 2013

[오픈소스컨설팅] 서비스 메쉬(Service mesh)
[오픈소스컨설팅] 서비스 메쉬(Service mesh)[오픈소스컨설팅] 서비스 메쉬(Service mesh)
[오픈소스컨설팅] 서비스 메쉬(Service mesh)
Open Source Consulting
 
24online for ISP’/Hotspots/Education/Enterprises
24online for ISP’/Hotspots/Education/Enterprises24online for ISP’/Hotspots/Education/Enterprises
24online for ISP’/Hotspots/Education/Enterprises
Nitin Mittal
 
Summer School Delivering On-Demand Shared Middleware Services
Summer School Delivering On-Demand Shared Middleware ServicesSummer School Delivering On-Demand Shared Middleware Services
Summer School Delivering On-Demand Shared Middleware Services
WSO2
 

Similar to BandWise Presentation at IP Possibilities 2013 (20)

EMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the CloudEMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the Cloud
 
[오픈소스컨설팅] 서비스 메쉬(Service mesh)
[오픈소스컨설팅] 서비스 메쉬(Service mesh)[오픈소스컨설팅] 서비스 메쉬(Service mesh)
[오픈소스컨설팅] 서비스 메쉬(Service mesh)
 
Cloud computing and innovations
Cloud computing and innovationsCloud computing and innovations
Cloud computing and innovations
 
F5 TMOS v13.0
F5 TMOS v13.0F5 TMOS v13.0
F5 TMOS v13.0
 
24online ISP presentation
24online ISP presentation24online ISP presentation
24online ISP presentation
 
24online for ISP’/Hotspots/Education/Enterprises
24online for ISP’/Hotspots/Education/Enterprises24online for ISP’/Hotspots/Education/Enterprises
24online for ISP’/Hotspots/Education/Enterprises
 
11 palo alto user-id concepts
11 palo alto user-id concepts11 palo alto user-id concepts
11 palo alto user-id concepts
 
ISE_Pub
ISE_PubISE_Pub
ISE_Pub
 
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking ManagementWebinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
 
ICC Data and Device management
ICC Data and Device managementICC Data and Device management
ICC Data and Device management
 
Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CX
 
Presentation cisco intelligent automation for cloud
Presentation cisco intelligent automation for cloudPresentation cisco intelligent automation for cloud
Presentation cisco intelligent automation for cloud
 
CISCO: Accelerating Small Cell Deployments in the Enterprise
CISCO: Accelerating Small Cell Deployments in the EnterpriseCISCO: Accelerating Small Cell Deployments in the Enterprise
CISCO: Accelerating Small Cell Deployments in the Enterprise
 
SHARE 2015 SeattleShare cics ts 52 technical overview
SHARE 2015 SeattleShare cics ts 52 technical overviewSHARE 2015 SeattleShare cics ts 52 technical overview
SHARE 2015 SeattleShare cics ts 52 technical overview
 
From Cisco ACS to ISE
From Cisco ACS to ISE From Cisco ACS to ISE
From Cisco ACS to ISE
 
vBNG-for-Partners
vBNG-for-PartnersvBNG-for-Partners
vBNG-for-Partners
 
Blueprint for creating a Secure IoT Product
Blueprint for creating a Secure IoT ProductBlueprint for creating a Secure IoT Product
Blueprint for creating a Secure IoT Product
 
Summer School Delivering On-Demand Shared Middleware Services
Summer School Delivering On-Demand Shared Middleware ServicesSummer School Delivering On-Demand Shared Middleware Services
Summer School Delivering On-Demand Shared Middleware Services
 
ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep Dive
 
20190404 Blockchain GIG #2 Oracle Mark発表資料
20190404 Blockchain GIG #2 Oracle Mark発表資料 20190404 Blockchain GIG #2 Oracle Mark発表資料
20190404 Blockchain GIG #2 Oracle Mark発表資料
 

Recently uploaded

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
panagenda
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
DianaGray10
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Skynet Technologies
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 

Recently uploaded (20)

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxCyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
How to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in PakistanHow to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in Pakistan
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 

BandWise Presentation at IP Possibilities 2013

  • 1. Policy Management with BandWise Matt Reath, Director of Sales Engineering CCIE #27316 (SP) CCI Systems
  • 2. Agenda • Overview of Policy Management • Policy Control with Cisco ISG/BNG • Introduction to CCI’s BandWise Product
  • 3. Why do we need policy management? • More and more services are being deployed on converged IP networks • Growing bandwidth consumption by users • Customer experience is high priority • Network must be “session” aware and able to apply custom parameters to each session • Each session tracked in order to apply QoS and security
  • 4. • Initial drivers – Bandwidth metering and monthly caps – Recoup costs of increasing subscriber data usage – Session/Subscriber identification (MAC, VLAN, Option 82, etc.) • Additional value adds – Network intelligence, reporting – Peak-time bandwidth control – Subscriber self-service – WiFi hotspot portals/credit card authorization – Per subscriber services (QoS, VRF, access control) Policy Management
  • 5. • Intelligent Services Gateway (ISG) – Cisco ASR1000, Cisco 7200, Cisco 10000 • Broadband Network Gateway (BNG) – Cisco ASR9000 w/Typhoon line cards Cisco Router Support
  • 6. How does it work? ISG Router Internet RADIUS Server Data sent RADIUS Auth RADIUS Accept Data sent Data received RADIUS Acct RADIUS CoA
  • 7. Configuration aaa authentication login AUTHEN_LIST group AAA_GROUP aaa authorization network AUTHOR_LIST group AAA_GROUP aaa authorization subscriber-service default local group AAA_GROUP aaa accounting update periodic 1 aaa accounting network ACCNT_LIST start-stop group AAA_GROUP aaa group server radius AAA_GROUP server 192.168.60.202 auth-port 1812 acct-port 1813 RADIUS policy-map type control ISG_CTRL_POLICY class type control IP_UNAUTH_COND event timed-policy-expiry 10 service disconnect ! class type control always event session-start 10 authorize aaa list AUTHOR_LIST password cisco identifier circuit-id 40 set-timer IP_UNAUTH_TIMER 10 100 service disconnect ! class type control always event account-logon 10 authenticate aaa list AUTHEN_LIST ! class type control always event account-logoff 10 service disconnect delay 5 ! class type control always event session-restart 10 authorize aaa list AUTHOR_LIST password cisco identifier circuit-id 40 set-timer IP_UNAUTH_TIMER 10 ! Policy Interface interface GigabitEthernet0/0/1.400 encapsulation dot1Q 400 ip dhcp relay information trusted ip address 192.168.240.1 255.255.255.0 ip helper-address 192.168.60.202 ip nat inside service-policy type control ISG_CTRL_POLICY ip subscriber l2-connected initiator dhcp
  • 8. • Built upon Cisco’s ISG (ASR1000) and BNG (ASR9000) feature set(s) • Includes: RADIUS, Policy Server, Web management, Reporting, API access, Customizable portals, and notifications (email, SMS, etc.) • Customizable web portals for WiFi/unauthenticated user scenarios – access code, username/password, pay for access (authorize.net) • Managed service – CCI manages the server hardware, provides support, keeps system up-to- date, and provides customization • JSON-based API for further automation tasks CCI Confidential
  • 9. CCI Confidential BandWise Overview BandWise Policy Engine ISG/BNG Router RADIUS WEB API Billing/OSS Automation Tools Subscriber/PortalSystem Manager/CSR WEB
  • 10. • Dashboard • Overall system graphs • Links to all management functions • Top talkers widget • Quick access icons CCI Confidential BandWise Dashboard
  • 11. • Policy Management – Download/upload speeds – Peak time caps – Monthly caps • Bandwidth Caps – Create thresholds and cap periods – Flexible reaction system • Reaction policies • Notifications • Shutoff CCI Confidential Policy Management
  • 12. • Account creation • View individual bandwidth cap infractions • See overall bandwidth usage for each device on account or aggregate • Assign Group or Policy • Add/remove/edit devices associated with account – MAC Address – Option 82 – VLAN CCI Confidential Account Management
  • 13. • Client captive portal w/ credit card purchase, subscriber login, and access codes • WiFi Hotspot Applications CCI Confidential Captive Portal
  • 14. • Syslog, email, SNMP trap, and SMS notifications • SFTP support for scheduled subscriber imports • Full-featured API facilitates billing system integrations CCI Confidential BandWise Administration
  • 15. CCI Confidential Reporting • Network Bandwidth • Bandwidth Infractions • Top Talkers • Captive Portal Logins • Captive Portal Purchases • Scheduled Reporting
  • 16. • Provides storage and maintenance advantages – CCI manages updates to the system via push from Cloud – Data is stored locally and in the Cloud; resulting in quicker restoration of data • Calculation, authentication, and enforcement functions operate on local redundant server pair • Web interface, management, update, rep orting, and graphing functions operate in CCI’s cloud service CCI Confidential Cloud Architecture
  • 17. 1 – ISG/BNG router 2 – Redundant Bandwise Servers 3 – Redundant management switches 4 – Single or redundant VPN gateways 5 – Redundant VPN gateway into CCI cloud 6 – Load balancers 7 – Cluster of application servers 8 – Cluster of job servers 9 – Cluster of database servers CCI Confidential Cloud Architecture
  • 18. • Management Portal – User authentication – Dashboard – Policy management – Account management – Group management – Reports • Import users and profiles from existing SQL, LDAP, or text file sources • Manual entry of account, policy, and group information • Policy enforcement – ISG feature set required – RADIUS – Change of Authorization Phase 1 – Oct ‘12 • Multilevel hierarchy for company/property management • End-user portal – Subscribers can log-in to view statistics and information – Manage devices associated with account • Sign-on portal – For unauthenticated devices/WiFi hotspots – Login to account to add device -or- – Select option and pay via credit card – Credit card authorization handled by web service • Multiple devices per account • Notifications of cap violations Phase 2 – Nov ‘12 • Billing System API – JSON-based web service API – Allows 3rd party development of billing system interface • Data export options – CSV,XML • Export delivery via: – SFTP, manual browser download • Software redundancy Phase 3 – Jan ‘13 CCI Confidential Beta Feb ‘13 – April ‘13 May 2013 GA Release Roadmap
  • 19. • Anticipated Features (schedule TBD) – Mobile device apps for end-user bandwidth reports and alerts (Andriod and iOS) – CMTS/Cable Network Support (PCMM/IPDR) – Bug fixes – Feature updates – Integration with CCI’s NOC monitoring/managed service packages CCI Confidential Roadmap
  • 20. Thank You! Visit CCI’s Booth (Booth #307) for a BandWise Demo

Editor's Notes

  1. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]
  2. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]
  3. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]
  4. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]
  5. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]
  6. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]
  7. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]
  8. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]
  9. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]
  10. What do we do? You could say we make the Internet and telephones and TV work for individuals and businesses.We’ve been leaders in the communications industry for more than 50 years and have customers all over the country.[If desired, customize second bullet to include customers similar to prospect]