• Efficiently serving an increasingly diverse mix of access technologies (and corresponding authentication protocols), users, and roaming partners
• Rapidly delivering new subscriber services for competitive advantage (for example, a new prepaid service)
• Efficiently managing resources like IP addresses or session limits
• Keeping up with scalability, performance, and stability demands
Figure 1. Cisco Prime Access Registrar Provides Scalable, Flexible, Intelligent AAA Services
Features and Benefits
• Supports a broad range of wireline and wireless access technologies like Service Provider Wi-Fi (SP Wi-Fi), femtocell, LTE, DSL, Code Division Multiple Access (CDMA), General Packet Radio Service (GPRS), Universal Mobile Telecommunications Service (UMTS), wireless LAN (WLAN), iDen, WiMAX, dialup, Connected Grid, and others. By helping to enable standardization on a common 3GPP-compliant AAA server platform, the solution delivers operational and capital expense savings while providing flexibility to the service provider regarding choice in AAA.
• Provides support for a wide variety of authentication protocols, such as Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Extensible Authentication Protocols (EAP), including EAP-SIM, EAP-AKA, and EAP-AKA-PRIME (EAP-AKA') over M3UA/SIGTRAN and SWx, EAP-TLS, EAP-TTLS, EAP-MSCHAPv2, EAP-GTC, PEAPv0, PEAPv1, LEAP, EAP-FAST, with the ability to extend to others such as POP3 through custom services for meeting unique requirements.
• Provides extensive subscriber data store support including an internal database and integration with existing external databases including Oracle, MySQL, Microsoft Active Directory (AD), and Open Lightweight Directory Access Protocol (OpenLDAP) through the use of connectivity mechanisms such as Open Database Connectivity (ODBC), Lightweight Directory Access Protocol (LDAP), Oracle Call Interface (OCI), and Java Database Connectivity (JDBC). This integration support is schema independent, simplifying deployment and day-to-day operations, providing OpEx savings by using existing infrastructure, and helping to support networks with tens of millions of subscribers.
• Provides scalability to support large service deployments. An external session manager allows tens of millions of simultaneous active sessions. Additionally, the multithreaded architecture provides performance that scales with additional CPUs.
• Efficiently manages resource use with real-time session management to track user sessions and dynamically allocate resources like IP addresses (to support centralized IP address assignment) or user/group session limits (to support enforcement across access devices, access technologies, and multiple servers). The session manager also facilitates new revenue streams by helping to enable service enhancements such as reduced sign-on, personalization, and enhanced video delivery through consolidation of subscriber and network state data into one common session data store.
• Gives service providers an off-the-shelf, standards-based RADIUS/Diameter server that offers the flexibility and extensibility previously available only by maintaining internally built versions of public-domain RADIUS/Diameter software. With extension point scripting (EPS), the solution can be customized to meet unique business, regulatory, and technical requirements. EPS allows users to interact with request processing and communicate with Cisco Prime Access Registrar at numerous API points to develop and deploy custom logic for user authentication, authorization, or accounting.
• Provides broad integration support: Reduces operational costs and speeds service rollout by supporting integration with provisioning, billing, and other service-management components. A billing interface allows billing vendors to integrate their systems into Cisco Prime Access Registrar for prepaid functionality, such that service providers may offer prepaid data or usage-based premium services while reusing their existing billing system and protecting their investments.
• Industry-leading RADIUS performance/transaction rate to handle the busiest networks
• Replication of the internal database, allowing multiple servers to be similarly configured for centralized management and ease of use
• Support for virtualization technologies: Oracle VM Server for SPARC (previously called Logical Domains, LDoms) and VMware ESXi.5.0, improving scale and availability and helping to enable server footprint reduction and efficient use of resources
• IPv4 and IPv6 support
• Option for end-to-end Cisco solution including software, Cisco Unified Computing System™ (Cisco UCS™) hardware, and professional services
• Resilience and reliability through server, remote system, and process system redundancy; automatic server restart; and Veritas and Sun clustering for high availability
• Support for SP Wi-Fi/hotspot markets and wireless data offload, including authentication for data access against the newer generation subscriber database Home Subscriber Service (HSS) and the ability to interface directly with the Home Location Register through M3UA/SIGTRAN
• High performance AAA support for authenticating smart meters on a Connected Grid network
• Translation of incoming RADIUS requests and responses to Diameter and vice versa, which allows integration of RADIUS-only clients with a Diameter based network
About Cisco Prime
For More Information