Q. What is Cisco Prime
A. The Cisco Prime portfolio of enterprise and service provider management offerings empowers IT organizations to more effectively manage their networks and the services they deliver. Built on a service- centered foundation, the Cisco Prime portfolio of products supports integrated lifecycle management through an intuitive workflow-oriented user experience.
The portfolio of Cisco Prime solutions for service providers provides A-to-Z management for IP next- generation networks, mobility, video, and managed services.
Q. What is the SP Wi-Fi Service Manager for Cisco Prime?
A. The SP Wi-Fi Service Manager for Cisco Prime offers service providers a comprehensive, secure solution for deployment of Wi-Fi networks that complement fixed or cellular networks. The solution also provides a cost-effective option for reducing mobile data traffic congestion by off-loading traffic through the Wi-Fi network. Mobile operators can off-load traffic to Wi-Fi systems to reduce traffic congestion on the main network and to inexpensively increase network capacity in specific locations. Wireline and cable providers can also use Wi-Fi networks to offer off-load services and gain revenue from new categories of applications, at both indoor and outdoor locations.
The SP Wi-Fi Service Manager for Cisco Prime solution provides a unified architecture that is a natural extension of existing fixed and mobile networks. The solution provides centralized management and control of the Wi-Fi network for all uses, including residential, community, and business uses, and services at hot zones and other public venues such as sports stadiums and shopping malls.
The SP Wi-Fi Service Manager for Cisco Prime is carrier-grade policy and subscriber data management software that helps enable service providers to control, monetize, and personalize their Wi-Fi offerings on their networks. The solution also offers a platform for delivering a variety of new services with a growing number of Wi-Fi applications that take unique advantage of intelligent Wi-Fi network attributes, such as location, presence, and mobile devices.
Q. Why does service provider Wi-Fi need policy control?
A. Service providers need to offer personalized, differentiated services in order to attract customers and build loyalty. To stay competitive in today’s fast-moving market, service providers must be able to rapidly develop and roll out new subscriber services. At the same time, they need to capitalize on their subscriber and Wi-Fi network resources.
Q. Why has Cisco partnered with BroadHop for this product?
A. Cisco has partnered with BroadHop, the leader in policy management, in order to offer its customers a policy and subscriber data management software solution that easily integrates with a variety of Cisco
® network management software and hardware, including Cisco Intelligent Services Gateway (ISG) and Cisco Service Control Engine (SCE) platforms. By combining the robust network control, service differentiation, and deep-packet inspection capabilities of the Cisco ISG and SCE platforms with SP Wi-Fi Service Manager for Cisco Prime, service providers are able to optimize their networks by offering a cost-effective method of off-loading large amounts of mobile data traffic.
Q. What use cases does the SP Wi-Fi Service Manager for Cisco Prime support?
A. The◦SP Wi-Fi Service Manager for Cisco Prime supports the following use cases:
● Subscriber authentication and authorization
- RADIUS and Diameter authentication protocols
- Wireless Internet Service Provider roaming (WISPr) protocol 1.0
- Transparent Automatic Logon (TAL) helping enable end users to maintain an always-on connection without the need to authenticate each time they connect
- 3GPP-compliant Policy and Charging Rules Function (PCRF)
● Subscriber service web portal: Self-branded web portal for subscriber access control
- Standard Wi-Fi portal login pages: Click and Go, Username/Password, Voucher/Code, Roaming Partner, Browser Cookie
- Service provisioning pages: Time-based passes, quality of service (QoS) tiers, and promotional and ad‑sponsored access (allowing service providers the ability to offer free access to Wi-Fi for a limited time)
- Subscriber management pages: Username/password creation, contact information, service provisioning
- Credit card purchase page: Provides end users the ability to enter credit card information for purchase of Wi-Fi access or upsold features
- Content management pages: Provides the ability to manage images, text, and Cascading Style Sheets (CSS)
● Tiered services
- Apply policy rules based on the service plan, such as bandwidth speed, usage limits, number of logins, and more, on a per tier basis
- Segment a service provider’s subscriber base by offering differentiated services and pricing. For example, a service provider may target premium, high-speed access services at business users and gamers and target basic access speeds for email and browsing users
● Quota and usage control
- Create time or usage-limited passes, for example, hour, day, week, and month-long passes
- Track and apply daily, weekly, and monthly billing cycle usage limits
- Apply pay as you go (PAYG) top-ups and/or downgrades when subscribers exceed usage limits
- Control roaming overages and reduce customer bill shock, which also helps enable compliance with European Union roaming regulations
● 3GPP mobile data off-load: A cost-effective option for reducing mobile data traffic congestion by off-loading traffic through the Wi-Fi network
- 3G Mobile/LTE integration with Gateway GPRS Support Node/Packet Data Serving Node (GGSN/PDSN) technology, including the Cisco ASR 5000 Evolved Packet Core (EPC)
- Diameter/RADIUS Extensible Authentication Protocol (EAP) authentication
- Seamless authentication services of mobile devices using SIM cards
- Diameter Gx/Gy Policy and Charging Control (PCC) for 3GPP LTE architecture functionality
Q. What is MAC-based Transparent Automatic Logon (TAL)?
A. MAC-based TAL is the ability for the SP Wi-Fi Service Manager for Cisco Prime to recognize a device based on hardware ID (MAC address), transparently associate that MAC address with the subscriber, select services, and authorize access to the network without requiring the subscriber to log in, for example, using username and password through a captive portal. Typically, the SP Wi-Fi Service Manager for Cisco Prime automatically learns the MAC address associated with the user following an initial portal login. As MAC addresses may be spoofed, the system can be configured to periodically require subscribers to reauthenticate their credentials.
Q. What is (optional) ASR 5000 Integration?
A. The Cisco ASR 5000 IP Services Gateway provides managed services/session management for subscriber flows. The ASR 5000 acts as an aggregation point for Wi-Fi subscribers and can be connected to the end subscriber at Layer 3 or Layer 2. Before creating a session, the ASR 5000 interacts with the SP Wi-Fi Service Manager for Cisco Prime over the Gx interface to retrieve the policy that needs to be applied on the session. This functionality is available in the SP Wi-Fi Service Manager for Cisco Prime Base Package; however, an add-on license is required to enable the ASR 5000 integration functionality.
Q. What is (optional) Wi-Fi Federation?
A. Wi-Fi users often travel with their devices, whether laptops, tablets, or smartphones. Service providers can facilitate roaming users gaining access to their network while traveling by allowing roamers to log in using their home operator credentials and subscription information without requiring users to register a new account or enter payment information. The SP Wi-Fi Service Manager for Cisco Prime Subscriber Services Portal helps enable the user to select his or her home service provider from a pull-down list of partners during initial login to the visited network. SP Wi-Fi Service Manager then proxies the login request to the home service provider. Once successfully authenticated, SP Wi-Fi Service Manager can cache the roaming user for a predetermined time for subsequent automatic login to the network based on visited service provider policies. Accounting records may also be captured and proxied to the home service provider for roaming settlement. This functionality is available in the SP Wi-Fi Service Manager for Cisco Prime Base Package; however, an add-on license is required to enable it.
Q. Does the SP Wi-Fi Service Manager for Cisco Prime include a customer-facing portal?
A. Yes, a portal is included as part of the SP Wi-Fi Service Manager for Cisco Prime.
Q. To what extent can the portal be customized?
A. The portal includes a content management system through which service providers can change the font, colors, and logo as well as select a predefined layout template to create a custom look and feel to fit their branding. Portal pages may be customized for both the service provider and/or for individual venues.
Q. Can different portal pages be presented based on location? How is location determined?
A. Yes, different portal pages may be displayed based on the user’s location such as a sports stadium or shopping mall. Location is typically determined based on the subnet where the user’s IP address is assigned, the Cisco ISG NAS IP address or realm, as available to the SP Wi-Fi Service Manager for Cisco Prime. The Enhanced Location add-on module introduced in SP Wi-Fi Service Manager for Cisco Prime 1.1 would expand the capabilities of this feature by identifying the location of the subscriber by services set identifier (SSID) and access point MAC address used for Wi-Fi services.
Q. Since the SP Wi-Fi Service Manager for Cisco Prime handles credit card transactions, is the solution Payment Card Industry (PCI) compliant?
A. The SP Wi-Fi Service Manager for Cisco Prime interacts with payment gateway companies that handle the credit card transactions. The SP Wi-Fi Service Manager for Cisco Prime does not have a requirement to be PCI compliant.
Q. How does the SP Wi-Fi Service Manager for Cisco Prime scale?
A. The SP Wi-Fi Service Manager for Cisco Prime is based on an enhanced blade architecture designed to scale with the needs of the network. As a network grows, the SP Wi-Fi Service Manager for Cisco Prime keeps pace through the addition of blades as needed to support policy transactions. Each blade in a Service Manager cluster functions as part of an integrated policy solution. The SP Wi-Fi Service Manager for Cisco Prime runs on Cisco Unified Computing System
™ (Cisco UCS
™) and other blade servers. A minimum of four blades is required.
Q. Is the SP Wi-Fi Service Manager for Cisco Prime carrier grade?
A. Yes, the SP Wi-Fi Service Manager for Cisco Prime utilizes an innovative, three-tier virtual architecture that has been designed for scalability, system resilience, and robustness to achieve 99.999 percent carrier-grade system availability. Each module runs multiple virtual instances spread across multiple hardware blades for performance and resiliency.
Q. Does the SP Wi-Fi Service Manager for Cisco Prime support geographic redundancy?
A. Yes, the SP Wi-Fi Service Manager for Cisco Prime may optionally be deployed in multiple sites for geographic redundancy and disaster recovery. In this case, both of the following products are required: the SP Wi-Fi Service Manager for Cisco Prime Base Package (along with the required number of subscriber licenses) and the SP Wi-Fi Service Manager for Cisco Prime Geographic High Availability (Geo HA Base Package. The SP Wi-Fi Service Manager for Cisco Prime may be deployed in either active/passive or active/active configurations across sites. The SP Wi-Fi Service Manager for Cisco Prime GEO HA Base Package comes with a license to support 50,000 subscribers.
Q. What is the difference between high availability (HA) and geographic high availability (GEO HA) with respect to the SP Wi-Fi Service Manager for Cisco Prime?
A. The SP Wi-Fi Service Manager for Cisco Prime Base Package, installed in a single data center on a multiple blade chassis is highly available both at the application level and the server cluster level. A minimum of four blade servers are required to install the SP Wi-Fi Service Manager for Cisco Prime components to support local redundancy.
Optional GEO HA extends that availability across multiple sites. Thus a service provider could have one site that is HA internally, or multiple sites that are GEO HA together. The service provider could also have two sites that are GEO HA together, in an active/active manner, while a third site is GEO HA in an active/passive manner (for disaster recovery) and would be turned up if one of the two other sites failed.
Q. How is the SP Wi-Fi Service Manager licensed?
A. The SP Wi-Fi Service Manager for Cisco Prime is licensed based on subscriber count. See Table 1 for details.
Table 1. Subscriber License Modules for SP Wi-Fi Service Manager for Cisco Prime
Subscriber License Module
SP Wi-Fi Service Manager for Cisco Prime Base Package
Does not include subscriber/session license
Provides the functions for authentication, session management, mobile off-load, and service portal. Supports up to 1 million subscribers
Base Package – 10,000 subscriber/2000 session license
10,000 subscriber license for the SP Wi-Fi Service Manager for Cisco Prime Base Package
Base Package – 50,000 subscriber license
50,000 subscriber license for the SP Wi-Fi Service Manager for Cisco Prime Base Package
SP Wi-Fi Service Manager for Cisco Prime Geographic High Availability Add-on (Optional)
Includes 50,000 subscriber/10,000 session license
Helps enable geographic redundancy or multiple chassis high Availability
GEO HA License – 10,000 subscriber license add-on
Based on the total number of subscriber licenses for the SP Wi-Fi Service Manager for Cisco Prime Base Package
GEO HA License – 50,000 subscriber license add-on
Based on the total number of subscriber licenses for the SP Wi-Fi Service Manager for Cisco Prime Base Package
Q. How is a “subscriber” defined with respect to the licensing model for SP Wi-Fi Service Manager for Cisco Prime?
The SP Wi-Fi Service Manager for Cisco Prime uses a subscriber licensing model based on subscribers that use the service (and not a busy period). The subscriber license model tracks the total number of unique subscribers authorized on the network for the previous 30 days. Subscribers with multiple devices or unique logins are counted once for each device authorized on the network. The solution sends alarms as the number of unique users approaches the licensed threshold, for example, 10,000 subscribers. The SP Wi-Fi Service Manager for Cisco Prime Base Package can scale to handle 1 million subscribers. Subscriber licenses are not included in the base package and must be ordered separately.
Q. How is a session lifecycle managed?
When a subscriber logs in to a Wi-Fi network, a session is initiated in the policy manager for the SP Wi-Fi Service Manager for Cisco Prime. This session is active as long as the subscriber is connected to the network. This session is terminated once the subscriber logs off. In the case of a failure condition in which SP Wi-Fi Service Manager for Cisco Prime does not receive the session logoff, for example, a RADIUS Accounting Stop or Gx CCR(T) message, the subscriber’s session is cleared after a configurable session timeout period.
Q. What are the new features available in the SP Wi-Fi Service Manager for Cisco Prime Release 1.1?
A. The SP Wi-Fi Service Manager for Cisco Prime Release 1.1 introduces three new features:
● Enhanced Location optional add-on
● Subscriber Intelligence optional add-on
● Mobile Authentication Gateway (EAP-SIM) optional add-on
Q. What is the (optional) Enhanced Location module?
A. The Enhanced Location feature expands the capabilities of the SP Wi-Fi Service Manager to include a RADIUS accounting feed from the Cisco Wireless LAN Controller (WLC) to gather information regarding the SSID and access point currently used by a subscriber to access a Wi-Fi network.
This additional information helps enable the SP Wi-Fi Service Manager to provide a customized subscriber portal based on the connection details for a particular subscriber. This level of configuration helps enable the platform to provide branding and additional location-specific redirection.
This functionality is available in the SP Wi-Fi Service Manager for Cisco Prime Base Package; however, an add-on license is required to enable the Enhanced Location functionality. The add-on license provide enhanced location functionality support for up to 100,000 unique monthly subscribers.
Q. What are the benefits of the Enhanced Location module?
A. With the SP Wi-Fi Service Manager for Cisco Prime Enhanced Location module, service providers can:
● Provide specific and unique subscriber portals based on SSID to which the subscriber is connected
● Provide specific and unique subscriber portals based on the access point MAC addresses to which the subscriber is connected
Q. Does location awareness come along with the base package? If yes, why should I order the Enhanced Location add-on module?
A. With the base package, the subscriber location is determined by the subnet of the subscriber’s IP address. With the Enhanced Location add-on module, a RADIUS accounting feed from the Cisco WLC gathers information regarding the SSID and access point used by the subscriber. This provides the service provider with a higher level of subscriber location awareness granularity.
Q. What is the (optional) Subscriber Intelligence add-on module?
A. The Subscriber Intelligence module provides service providers with concise analysis and reporting against the vast amount of subscriber usage data generated through day-to-day policy operations. The Subscriber Intelligence module also provides the flexibility to create ad hoc reports.
The predefined reports include:
● System usage in Mb by hour, day, week, month, and year
● Session counts (accepted/rejected) by hour, day, week, month, and year
● Average session duration by hour, day, week, month, and year
● Session counts by time bucket (5, 10, 30, 60 minutes)
● Average usage for all quotas
● Average usage for one quota by day (spanning)
● Consumption ranges by quota by day
● Consumption ranges by quota by day (spanning)
● Individual subscriber lookup
● Maxed-out users
● Subscriber list with percentage of quota and remaining days
● Subscriber list within a set range
● Top “X” subscribers by data consumption
Reports may be scheduled to run at predetermined intervals with the output delivered by email or exported in various formats including, CSC, PDF, Excel, or Flash animation.
Q. Does the Subscriber Intelligence reporting engine induce a toll on the performance of the policy and session manager while querying for reports?
A. Subscriber Intelligence integrates tightly with the core SP Wi-Fi Service Manager for Cisco Prime policy engine, allowing existing operational support staff to administer the reporting engine with the same toolset used to develop and administer policies. Subscriber Intelligence uses a dedicated SQL database to store usage data, providing service providers with the option to access the data with the provided reporting front end. The Subscriber Intelligence module replicates the session manager data to a reporting database running on a separate virtual machine; hence it does not influence the performance of the policy or session manager of the SP Wi-Fi Service Manager for Cisco Prime.
The SP Wi-Fi Subscriber Intelligence engine can run on a dedicated virtual machine within the existing SP Wi-Fi Service Manager for Cisco Prime blade architecture (Control Center blades 01 or 02), or it can run on an independent blade dedicated exclusively to reporting. If the deployment is done on a separate blade, then the minimum hardware requirements would be:
● Intel XEON x5260 CPU
● 2 GB RAM
● 10 GB HD for base install plus 25 MB/day storage per 100,000 subscribers
Q. What is the (optional) Mobile Authentication Gatewayadd-on module?
A. The explosive growth of smartphone users has significantly increased the demand for mobile data. As mobile networks have become more congested, service providers are increasingly looking to offload traffic from their 3G mobile data networks onto lower cost Wi-Fi networks. For mobile off-load to be successful, service providers must maintain the user experience that subscribers have come to take for granted when accessing the mobile network, making it easy for subscribers to move from either network to the other without the hassle of entering cumbersome login credentials. Without the ability to effortlessly move between mobile and Wi-Fi networks, few subscribers will move to Wi-Fi, thus negating the off-load business case.
The SP Wi-Fi Service Manager Mobile Authentication Gateway addresses this issue by bridging Wi-Fi network authentication with the mobile network. With the Mobile Authentication Gateway, service providers can:
● Validate a subscriber's identity seamlessly and securely on to the Wi-Fi network using his or her credentials as stored in the mobile network Home Location Register (HLR).
● Allow immediate access to personalized Wi-Fi services, tracking usage, matching to policy-driven or personalized thresholds, and billing.
● Establish revenue-generating partnerships with mobile and Wi-Fi service providers for mobile off-load/Wi-Fi on-load.
When a mobile device comes within range and associates with an 802.1x-enabled Wi-Fi hotspot, the Extensible Authentication Protocol (EAP)-client on the device attempts to authenticate with the network. TheWi-Fi access point securely encrypts the exchange of authentication data over the air and forwards the authentication request to the SP Wi-Fi Service Manager for Cisco Prime using EAP. The SP Wi Fi Service Manager for Cisco Prime then retrieves Global System for Mobile Communications (GSM) authentication vectors from the subscriber’s HLR/Home Subscriber Service (HLR/HSS) to authenticate the subscriber. Theoptional add-on license supports EAP-SIM authentication for up to 500,000 subscribers.
Q. What support is available with the SP Wi-Fi Service Manager for Cisco Prime?
A. Cisco Advanced Services support and maintenance services are available for the SP Wi-Fi Service Manager for Cisco Prime. Cisco Software Application Support (SAS) is not available for the SP Wi-Fi Service Manager for Cisco Prime.