Cisco SCE 1000 Series Service Control Engine

Optimizing Application Traffic with Cisco Service Control Technology

  • Viewing Options

  • PDF (182.4 KB)
  • Feedback

Cisco® Service Control technology offers service providers the ability to classify application traffic and identify subscribers while prioritizing and optimizing network resources. Using stateful deep packet inspection, operators can optimize traffic on their networks, thereby increasing efficient use of network resources, reducing costs, and maximizing capital investment. State-of-the-art bandwidth management can be applied to network traffic on a global, subscriber, or individual flow-level hierarchy, helping ensure that operators can better manage network resource distribution.


For the past several years, service providers have concentrated on tactically reducing their operational costs and capital investment to successfully take advantage of existing network assets to meet or beat competitors' prices for subscriber access. Despite aggressive attempts to outpace competition, prices for network access have become commoditized. More importantly, subscribers have become accustomed to "all-you-can-eat" or flat-fee pricing that offers operators little upside. Further understanding of how subscribers are using network resources is an important step toward being able to align pricing and usage (refer to Enhancing Usage Analysis with Cisco Service Control). However, when service providers understand how subscribers are using network resources, they become empowered to take steps toward optimizing network traffic.
The key to profitability is strategically growing revenue by differentiating application-level service offers. Before this can be accomplished, providers must be able to analyze and optimize network traffic by individual application. The acceptance of premium services such as voice over IP (VoIP), interactive gaming, or video streaming will rely upon the quality of the user experience. Packet loss or delay dramatically affects latency-sensitive applications such as VoIP, and "best-effort" networks cannot meet these rigorous quality-of-service (QoS) requirements. Application awareness and subscriber awareness are necessary to help ensure that the network can correctly classify individual applications by subscriber and guarantee the appropriate level of service. Application performance with QoS differentiates services such as VoIP, interactive gaming, or multimedia streaming. Simultaneously, operating expenses (OpEx) and capital expenditures (CapEx) remain primary concerns for network operators as they test new IP services or pricing models and seek to take advantage of their overall network infrastructure for ongoing competition. Analyzing, classifying, and prioritizing traffic at the application level help ensure that an operator does not needlessly spend investment dollars on unnecessary upgrades or mistakenly overuse costly transit links.
The growing number of broadband Internet subscribers and the emergence of "broadband-aware" or applications needing significant bandwidth such as peer-to-peer (P2P) file sharing or streaming media are affecting the cost and profit equation for service providers. Regardless of the amount of bandwidth operators make available, new applications and growing file sizes make network congestion inevitable. The incremental costs of network upgrades and transit further reduce operators' margins.
P2P applications, such as KaZaA, BitTorent, eDonkey, Win/MX, DirectConnect, or Winny, are examples of the broadband-consumption and link-management issues that IP service providers face. It has been estimated that as much as 70 percent of network traffic can be attributed to P2P file sharing. P2P applications allow users to share large data files directly with other users anywhere on an IP network, and subscribers can download a variety of P2P clients that are not controlled by the network operator for use on a service provider's network. Moreover, P2P protocols are constantly evolving, and some are capable of masking themselves using port-hopping techniques to avoid detection. Provider networks were designed for asymmetrical use, further compounding the emerging P2P issue, because these applications take advantage of a network of peered systems and are constantly uploading information onto a provider network.
Network congestion has a compounding effect on profits because it can result in a poor user experience, whether it is shared upstream capacity in a hybrid fiber-coaxial (HFC) cable network or limitations in the capacity to connect remote cells on a mobile network core. A reduction in user satisfaction could drive subscribers to seek out competitive solutions. Consequently, the issues facing service providers are multidimensional, and they require better ways to analyze and control network operations and expenditures. Operators cannot continue to blindly add additional bandwidth because of cost, increased competition, reduced margins, and the resulting deterioration of return on investment (ROI).
However, as operators begin to take steps, through smart policies, to tame unconstrained broadband consumption, a complex collection of issues remains to profitably develop and launch premium IP services. The network must be able to identify individual subscribers, classify an assortment of service applications, and guarantee a diversity of application-specific service levels while metering and charging for these applications.


The Cisco Service Control solution can classify application-level traffic by individual subscriber while prioritizing and segmenting network resources. Service-level prioritization further facilitates premium service differentiation and delivery. The solution uses stateful deep packet inspection, helping enable operators to optimize traffic on their networks, thereby increasing efficient use of network resources, reducing costs, and maximizing capital investments. Using state-of-the-art bandwidth management applied to network traffic on a global, subscriber, or individual flow-level hierarchy, the solution helps operators dictate how network resources are managed. The Cisco technology helps the operator control distribution of network resources, thereby minimizing operational costs and maximizing user satisfaction.
Cisco Service Control technology comprises both hardware and software integrated into a state-of-the-art, dedicated network device, providing detection and control capabilities. Typically, the Cisco Service Control Engine (SCE) resides "in traffic" behind an IP aggregation point; it can be configured redundantly to meet high-availability requirements. Using the Layer 7 stateful deep packet inspection capability of the platform, the solution can accurately identify application use by individual subscriber.

Application and Subscriber Awareness and Control Through Stateful Deep Packet Inspection

Cisco Service Control solutions have a set of characteristics and architectural attributes, having been designed to perform real-time traffic classification, accounting, and control. In order to undertake stateful deep packet inspection at multigigabit speeds, a purpose-built hardware architecture is required that is capable of maintaining the state of every network conversation, while implementing deep and detailed inspection of every data packet through the application (Layer 7) network layer. The result is a solution that can detect specific protocol signatures and classify all traffic for a given network session and easily integrate with RADIUS and Dynamic Host Configuration Protocol (DHCP) subscriber management systems.
Without the ability to accurately classify applications and subscriber traffic, a service provider is likely to respond by adding uplinks and building overall capacity to meet perceived increases in customer demand. This results in escalating operational costs without any commensurate increase in revenue, especially because P2P applications are designed to consume all available bandwidth. The effect is multiplicative.
By identifying bandwidth-consuming applications such as P2P that cause massive traffic peaks and unexpected strain on networks, providers can avoid:

• Poor customer satisfaction caused by a degraded broadband experience that affects all subscribers

• Upgrading expensive backbone links

• An inability to effectively detect, monitor, or control P2P traffic with conventional equipment

• Increases in monthly transit payments caused by surges in peak bandwidth and total volume

Cisco Service Control technology is designed to address P2P problems and so much more. Its programmable application- and protocol-detection system not only can detect P2P traffic, but also can control any of its variants. As new P2P protocols appear, the programmable nature of the Cisco solution helps providers rapidly respond to new variations. Moreover, the Cisco solution uses a signature mechanism to identify new application streams, which can then be managed and controlled. The Cisco SCE Family of products, in conjunction with the Cisco Service Control Application for Broadband Networks, can analyze and control P2P traffic at multigigabit speeds for up to 100,000 subscribers or 2 million unidirectional flows.
Figure 1 demonstrates how providers have used the Cisco Service Control platform to throttle down P2P traffic and reduce network transport costs while maintaining or enhancing the subscriber experience. Because P2P applications run constantly in the background, all performance on foreground applications was measurably improved for the universe of subscribers.

Figure 1. Reducing P2P Traffic Using Cisco Service Control

Granular Policies for Traffic Management

Cisco Service Control provides a powerful capability to manage network assets, offering a superior level of granularity when creating and deploying traffic-shaping policies. The optimization of application traffic can be done by:

• Determining type of application

• Using time-of-day policies

• Applying aggregated rate limitations

• Applying upstream control limits

• Using destination-based classification

• Establishing subscriber application quotas

• Using dynamic subscriber policies

• Assessing on-net vs. off-net traffic

• Determining local vs. international traffic

• Analyzing number of sessions per user or application

• Using hierarchical bandwidth management

• Classifying according to other policies specified by a provider

Service Differentiation

The Cisco SCE Family is specifically designed to help providers identify, classify, guarantee performance, and charge for an unlimited array of IP- or content-based service offerings running across existing transport. Interactive and delay-sensitive applications such as video streaming, VoIP, gaming, voice chat, and even web browsing can be prioritized without negatively affecting other applications such as e-mail or simple file transfer. The ability to customize access to specific content or services and prioritize it over generic Internet access results in dramatic enhancements to operator management and control. More importantly, allowing the provider to customize performance to meet the needs of individual applications and customize Internet packages to meet individual subscriber needs improves the quality of the overall Internet experience for the greatest majority of users.

Important Steps to Profitability

Customizing application-level QoS helps ensure that operators can value applications differently, create bundles, or customize packages that can be easily adapted to groups or individual users and priced at higher margins than today's basic transport packages. Providers can reduce transit and peering costs or use advanced bandwidth-shifting techniques to move traffic from peak to nonpeak periods for targeted applications. Using Cisco Service Control technology to prioritize, manage, and control application traffic, broadband operators gain full control over network resources, taking advantage of their massive infrastructure investment, reducing costs, and conditioning their network for premium service delivery. Moreover, operators can now effectively value their offerings because they can more efficiently assess usage and offer performance guarantees that were previously unachievable with broadband networks.

Note: Cisco Service Control technology also offers providers ways to further enhance their service security. (Refer to Providing Service Security with Cisco Service Control.)

Business Benefits

Using the Cisco Service Control platform, broadband operators can easily apply a broad set of policies to network traffic; they can:

• Limit maximum bandwidth usage of specific applications and subscribers

• Prioritize delay-sensitive, mission-critical, and premium applications and services

• Help ensure subscribers receive a fair share of network resources and eliminate bandwidth "hogging" caused by aggressive applications in shared transport

• Control policies based on time of day (peak vs. off-peak) and destination (on-net vs. off-net)

• Track subscriber usage and implement policies based on quota consumption

• Develop and trial enhanced pricing models

• Customize and price service offerings to individual needs

Specifically for P2P management, providers can avoid:

• Poor customer satisfaction caused by a degraded broadband experience that negatively affects all subscribers

• Upgrading expensive backbone links

• An inability to effectively detect, monitor, or control P2P applications with conventional equipment

• Increases in monthly transit payments because of surges in peak bandwidth and total volume


Figure 2 shows a network diagram of the Cisco Service Control solution.

Figure 2. Network Diagram of Cisco Service Control Solution

Products Offerings

Cisco offers the following service control applications:

• Cisco SCE 1000 Series Service Control Engine

• Cisco SCE 2000 Series Service Control Engine

• Cisco SCE 8000 Series Service Control Engine

• Cisco Service Control Application for Broadband

• Cisco Service Control Collection Manager

• Cisco Service Control Subscriber Manager

• Cisco Service Control Quota Manager

Why Cisco?

Cisco offers industry-leading service control solutions, providing multigigabit performance and stateful deep packet inspection as well as worldwide technical assistance and support. Cisco is speeding the evolution of networks from generic transport to platforms offering higher-value, higher-margin services. Programmable, scalable, and purpose-built for the communications sector, Cisco Service Control technology accelerates network delivery of advanced IP services. The Cisco Service Control platform adds intelligence, stateful deep packet inspection, and multigigabit analysis to existing network infrastructure and helps carriers identify and charge for dissimilar content applications while simultaneously managing performance requirements of different applications. The Cisco Service Control solution is deployed in more than 450 companies worldwide.

For More Information

For more information about the Cisco Service Control solution, visit: or contact your local Cisco account representative.