Cisco Service Control Product Overview, SCE 8000, Release 5.2.x
Service Control Value Propositions
Application Granularity Usage Analysis
Content Filtering and Parental Control
Advertising: Behavioral Targeting
Cisco SCE 8000 with Dual Cisco SCE 8000-SCM Modules
Cisco SCE Integration in the Mobile Environment Using Gx or Gy Interfaces
Cisco Service Control Collection Manager
Cisco Service Control Subscriber Manager
Application Granularity Usage Analysis
Content Filtering and Parental Control
Advertising: Behavioral Targeting
The Cisco Service Control Product Overview provides a solution-oriented overview of the Cisco Service Control platform, its functionality, and components. It describes the common value propositions that you can implement with Cisco Service Control and provides the high-level steps to implement these value propositions.
This document is intended for service provider system administrators or network engineers.
The complete Cisco Service Control solution is delivered through a combination of purpose-built hardware and specific software and ecosystem components.
The Cisco Service Control Engine (Cisco SCE) platform supports classification, analysis, and control of Internet or IP traffic; all of which it achieves through the use of deep packet inspection (DPI).
The Cisco Service Control solution enables service providers to create profitable new revenue streams while capitalizing on their existing infrastructure. Using Cisco Service Control, service providers can analyze, charge for, and control IP network traffic at multigigabit and 10-gigabit wire line speeds. The solution also provides the tools needed to identify and target high-margin content-based services and enable their delivery.
Packet inspection technology inspects traffic as it travels past an inspection point. Whereas standard networking equipment looks only at the packet TCP/IP header information, DPI looks at the applications delivered over these packets as they pass the inspection point. DPI aids service providers in a wide range of applications:
– Gain visibility into network activities.
– Optimize network bandwidth and improve network performance.
You can use DPI to create many value propositions service providers may implement by using the Cisco Service Control solution. This section describes some common value propositions. However, many more possible value propositions exist.
Each of these value propositions is a single use-case scenario for the Cisco Service Control solution. For more information on high-level steps to implement each value proposition, see the “Value Proposition Implementations” section.
You can use the Cisco Service Control solution to understand how the network is used at a level that provides information that is more granular than packet-level statistics or general bandwidth statistics.
The Cisco Service Control solution can provide:
The motivation for understanding network use at this level may include:
To implement this value proposition, see the “Application Granularity Usage Analysis” section.
Use the Cisco Service Control solution to manage subscribers and applications such that you implement a fair-use policy for all subscribers and applications. The solution can be used to implement these capacity control scenarios:
The Fair Usage traffic management scheme:
The Fair Usage traffic management scheme enables service providers to:
To implement this value proposition, see the “Capacity Control” section.
The Cisco Service Control solution enables you to offer application-based volume-quota products. Application-based quota products normally apply application-based limits on the volume quotas that a subscriber may consume on a per-application basis or over some period of time.
Application-based volume quota products serves two complementary service provider objectives:
Several business use-cases that are based on application-quota management exist:
To implement this value proposition, see the “Quota Management” section.
This value proposition uses the Cisco Service Control solution to create records at an application granularity level that are sent to a collection or mediation system that then feeds a billing system. This is similar to the Quota Management value proposition, where service providers use service control to enable application-based volume quota products or other quota products that use service control to create billing records for these quota products.
It is also possible to use Service Control only for the creation of these records. The records can include data on bandwidth, volume, duration of application sessions, or instances of use of specific application items.
To implement this value proposition, see the “Application-Based Billing” section.
When browsing the Internet, subscribers are concerned about the content. There are numerous web sites that contain inappropriate information.
Use the Cisco Service Control solution to:
This content filtering is achieved by:
To implement this value proposition, see the “Content Filtering and Parental Control” section.
You can use the Cisco Service Control solution to create tiered subscriber services including turbo buttons, self-provisioning, and other advanced product offerings.
Table 1 lists an example of a possible tiered policy.
The tiering of services is defined by the quota used for a given period. For example, when a subscriber uses up the quota allocation, the bandwidth allocation is reduced to dial-up speed. The subscriber can either continue at the reduced speed or upgrade the quota level until the end of the quota period (typically one month).
You can design and implement numerous other tiering plans, depending on your needs. DPI within the SCE enables you to identify many different applications and services and to create custom tiers.
To implement this value proposition, see the “Tiered Subscriber Services” section.
Various types of attacks and malicious traffic that originate from the Internet have increased the need for protection. Denial of Service (DoS) and distributed DoS (DDoS) attacks, worms, viruses, malicious HTTP content, and multiple types of intrusions are common.
Cisco SCE platforms can be deployed inline and are stateful and programmable. Using these features the Cisco SCE platform can detect and mitigate the effect of malicious traffic on service providers and their customers.
The Cisco Service Control solution includes service security functionality comprising anomaly detection, outgoing spam and mass-mailing detection, and signature detection. This functionality enables the Cisco SCE platform to address many of the threats that exist in current networks.
The Cisco Service Control solution uses the mass-mailing activity detection approach to detect and mitigate outgoing spam.
This mechanism is based on monitoring Simple Mail Transfer Protocol (SMTP) session rates. It uses the subscriber-awareness of the Cisco SCE platform and can work in subscriber-aware or anonymous subscribers mode. SMTP is a protocol used for sending e-mails; an excess session rate originating from an individual subscriber is usually indicative of a subscriber creating outgoing spam, which is either deliberate or because of a spam zombie infection.
This detection approach provides operators with several possible courses of action that can be implemented based on their business needs:
To implement this value proposition, see the “Mitigating Outgoing Spam” section.
Online advertising is a growing segment within networks, and ISPs have a large amount of behavioral data from their subscribers.
The Cisco Service Control solution can enable behavioral targeting based on an analysis of subscriber usage patterns. The Cisco SCE mirrors browsing traffic of a user to profiling servers, or it analyzes user browsing sessions, detects the significant events (ClickStream), and generates Raw Data Records (RDRs). To avoid compromising subscriber privacy, the RDRs can be configured to not include any Personally Identifiable Information (PII). The Cisco Service Control solution also supports advanced Opt In and Opt Out functionality that allows subscribers to protect their privacy by preventing their traffic from being analyzed.
ClickStream detection is a fundamental capability of the solution, because it can detect which specific requests (out of the many HTTP requests generated throughout the subscriber web activity) are triggered by the subscriber. This greatly reduces the number of requests to be analyzed, which is necessary to enable a scalable analysis solution.
To implement this value proposition, see the “Advertising: Behavioral Targeting” section.
The Cisco Service Control Application for Broadband (Cisco SCA BB) is the Cisco Service Control solution that enables broadband service providers to gain network-traffic visibility, to control the distribution of network resources, and thereby to optimize traffic in accordance with their business strategies. It enables service providers to reduce network costs, improve network performance and customer experience, and create new service offerings and packages.
The Cisco Service Control solution consists of four main components:
For more information about the installation and operation of the Cisco SCE platform, see these Cisco SCE platform installation and configuration guides:
– Cisco SCE 8000 10GBE Installation and Configuration Guide
– Cisco SCE 8000 GBE Installation and Configuration Guide
For more information about the installation and operation of the Cisco SCA BB, see the Cisco Service Control Application for Broadband User Guide.
– Cisco Insight Reporter—A software component that processes data stored by the Cisco Collection Manager and provides a set of insightful reports from this data.
For more information about the installation and operation of the Cisco Service Control Collection Manager, see the Cisco Service Control Management Suite Collection Manager User Guide.
For more information about the installation and operation of the Cisco Service Control Subscriber Manager, see the Cisco Service Control Management Suite Subscriber Manager User Guide.
– Cisco Service Control Quota Manager—An optional component of the Cisco Service Control Subscriber Manager. It enables the Cisco Service Control solution providers to manage subscriber quota across subscriber sessions with a high degree of flexibility.
For more information about the installation and operation of the Cisco Service Control Quota Manager, see the Cisco Service Control Management Suite Quota Manager User Guide.
Together, the Cisco SCE platform, the Cisco SCA BB Console, the Cisco Service Control Collection Manager, and the Cisco Service Control Subscriber Manager are designed to support detailed classification, analysis, reporting, and control of IP network traffic. The Cisco Service Control Collection Manager and the Cisco Service Control Subscriber Manager are optional components; not all deployments of the Cisco Service Control solution require them.
The Cisco SCE platform, which is the hardware component of the Cisco Service Control solution, is designed to support observation, analysis, and control of Internet or IP traffic. Table 2 summarizes model information for the Cisco SCE 8000 platform.
The Cisco SCE platform offers a number of basic implementation options that enables you to tailor the Cisco SCE platform to fit the needs of a particular installation. An understanding of the various issues and options is crucial to designing, deploying, and configuring the topology that best meets the requirements of the individual system.
There are several issues that must be considered to derive an optimum configuration of the topology-related parameters:
These issues determine three important aspects of system deployment and configuration:
The Cisco SCE can serve one of two general functions:
To perform control functions, the Cisco SCE must be physically installed as an inline installation and the connection mode must be inline.
Either an inline installation or an optical splitter installation may be used. In the latter scenario, connection mode must be receive-only.
The Cisco SCE can be deployed in a single GBE, two GBE, single 10 GBE, or two 10 GBE links. The two-link topology may implement load-sharing and the Cisco SCE in this case is able to process both directions of a bidirectional flow even if they split to both links.
The bandwidth capacity of the Cisco SCE has a finite limit that varies depending on the configuration. When installing the Cisco SCE, you must ensure that the bandwidth capacity of the links that connect to the SCE does not exceed the bandwidth capacity of the Cisco SCE.
When a high degree of reliability is desired, a second Cisco SCE platform should be installed to provide backup capabilities. The combination of two Cisco SCEs guarantees uninterrupted functioning in case of a failure of one of the platforms. The two Cisco SCEs are cascaded so that, although all processing is performed only in the active Cisco SCE, the standby Cisco SCE is constantly updated with all necessary information so that it can instantly take over processing the traffic on the data links, should the active Cisco SCE fail.
If only preservation of the network links is required, and uninterrupted functionality of the Cisco SCE is not required, one Cisco Cisco SCE is sufficient.
The bypass mechanism of the Cisco SCE allows traffic to continue to flow, if desired, even if the device is not functioning.
Note that when the Cisco SCE is connected to the network through an optical splitter, a failure of the Cisco SCE does not affect the traffic flow, as the traffic continues to flow through the optical splitter.
The Cisco SCE 8000 supports two Cisco SCE 8000-SCM processor modules. The Cisco SCE 8000-SCM modules are installed in slots 1 and 2 of the Cisco SCE 8000 chassis.
The Cisco SCE 8000-SCM in slot 1 performs both processing and management functions. The Cisco SCE 8000-SCM in slot 2 serves only DPI and traffic processing purposes, doubling the performance and capacity of the Cisco SCE 8000. Although the two modules are identical (with the same ports and LEDs), the second Cisco SCM module does not run chassis management or control software.
The Cisco SCA-BB 3.8.x supports the Gx reference point for policy provisioning as described in Third Generation Partnership Project (3GPP) TS 29.210 and the Ro reference point (Gy interface) for online charging as described in 3GPP TS 32.299.
The Gx interface is used to connect between the Policy and Charging Rules Function (PCRF) server and the Cisco SCE. Subscriber parameters, both Cisco SCE-specific (for example, package id), and non-Cisco SCE-specific parameters, known as RADIUS vendor specific attributes (VSAs), can be configured to the Cisco SCE through the Gx interface. The subscriber parameter update can be triggered both by Cisco SCE events, such as login and logout, and by PCRF external events.
The Gx interface can also be used as an additional subscriber integration method. When using the Gx interface as a subscriber integration method, the PCRF provides the subscriber name in addition to the subscriber parameters.
The Cisco SCA BB works with the Gy protocol interface in addition to working with Cisco SCE-propriety protocol for external quota management. The external quota management support is based on the current Quota Manager support.
For more information about the Cisco SCE integration in mobile environment using the Gx or Gy interfaces, see the Cisco Service Control Mobile Solution Guide.
The Cisco SCA BB Console is a GUI application to edit and distribute traffic management policies to Cisco SCE devices.
Using the GUI, you control how classification, reporting, and control are performed by editing service configurations and applying them to the Cisco SCE platform.
There are three stages of traffic processing:
The Cisco SCA BB Console also includes the following tools:
A service configuration defines the way the Cisco SCE platform analyses and controls traffic. In general terms, service configuration defines the following:
The service configuration is contained in a file with a.pqb extension. Service configuration files are commonly referred to as PQB files.
Figure 1 illustrates the service configuration.
Figure 1 Service Configuration
Service configuration is accomplished by using one of these:
The Cisco SCA BB Service Configuration Utility (servconf) is a command-line utility that you can use to apply PQB configuration files onto Cisco SCE platforms or to retrieve the current configuration from a Cisco SCE platform and save it as a PQB file. The utility configures Cisco SCE platforms with the service configuration defined in a PQB file. You can install and execute it in a Windows or Solaris environment.
The Service Configuration API is a set of Java classes that communicate with the Cisco SCE platform and can be used to:
This allows service providers to automate and simplify management and operational tasks.
The Service Configuration API is documented in the Cisco SCA BB Service Configuration API Programmer Guide.
The Cisco Service Control Collection Manager software package performs these functions:
The Cisco Service Control Collection Manager can use either a bundled database or an external database (Oracle, MySQL, or Sybase) to store RDRs supplied by the Cisco SCE platforms of the system. The Cisco Service Control Collection Manager bundled database is the Sybase Adaptive Server Enterprise database, which supports transaction-intensive enterprise applications. The database enables you to store and retrieve information online and can warehouse information as needed.
The Cisco Service Control Collection Manager uses adapters (software modules) to transform RDRs to match the target system requirements and to distribute the RDRs upon request. The Cisco Service Control Collection Manager contains the following adapters:
Some of the adapters send data to the database or write it to CSV files. The structures of the database tables, and the location and structures of the CSV files are described in Cisco Service Control Application for Broadband Reference Guide.
When the Cisco Service Control Collection Manager is used in the Cisco Service Control solution, the Cisco Insight queries the Collection Manager database to create charts and graphs of the subscriber network use.
The Cisco Service Control Collection Manager is an optional component. You can create a solution with the Collection Manager, without the Collection Manager, or with a third-party collection manager implementation.
The Cisco Service Control Subscriber Manager is a middleware software component that supplies subscriber information for multiple SCE platforms in deployments where dynamic subscriber awareness is required. It does this in one of two ways:
The Cisco SCE platforms use subscriber information to provide subscriber-aware functionality, per-subscriber reporting, and policy enforcement.
To implement a subscriber-aware solution, you must include a Cisco Service Control Subscriber Manager. You can install the Cisco Service Control Subscriber Manager, or you can create your own subscriber management module and use the Cisco SCE Subscriber API to integrate with the Cisco SCE platform. For further information, see the Cisco SCMS SCE Subscriber API Programmer Guide.
Some Cisco Service Control solutions can also operate without subscriber awareness:
In these three modes, the SCE platform handles all subscriber-related functionality without a Subscriber Manager.
The Cisco Service Control Subscriber Manager addresses the following issues in allowing dynamic subscriber awareness:
The Cisco Service Control Subscriber Manager uses a relational database optimized for high performance and with a background persistency scheme. The In-Memory Database efficiently stores and retrieves subscriber records.
The Cisco Service Control Subscriber Manager database can function in one of two ways:
This chapter provides an overview of how to implement the value propositions that are offered by the Cisco Service Control solution within your network. Each implementation points to the relevant documentation on how to install additional components (if required), how to configure the system, and how to monitor the system.
To implement any of the value propositions, it is necessary to install these Service Control components:
Note Although the Cisco Service Control Collection Manager is an optional component, implementing Cisco Service Control Collection Manager can bring in value propositions.
The system should be set up such that:
For further information about installing and setting up your system, see Cisco Service Control Product Installation Guide.
Figure 2 shows the topology of the solution when it is installed and set up.
Figure 2 Service Control Solution Set up
For a description of this value proposition, see the “Application Granularity Usage Analysis” section.
The main functionality for this value proposition is contained in the Cisco Insight. The Cisco Insight can be installed as a standalone application.
For a description of this value proposition, see the “Capacity Control” section.
The capacity control value proposition requires only the Cisco SCE and the Cisco SCA BB Console and can be provisioned in two ways:
For a description of this value proposition, see the “Quota Management” section. You can implement this value proposition with the Cisco SCE API or with the Quota Manager component of the Cisco Service Control Subscriber Manager. The following implementation uses the Quota Manager component:
1. To install the Cisco Service Control Subscriber Manager, see the Installing and Upgrading chapter of the Cisco Service Control Management Suite Subscriber Manager User Guide.
2. To configure the Cisco Service Control Subscriber Manager and the Cisco SCA BB to use the Quota Manager for quota management, perform the configuration described in the Configuring the Quota Manager chapter of the Cisco Service Control Management Suite Quota Manager User Guide.
The Cisco Service Control Management Suite Quota Manager User Guide also contains a number of scenarios in which the Quota Manager helps when initially deploying a quota management system.
To implement quota management that uses the SCE internal quota functionality with the Cisco SCA BB, see the “Managing Quotas” section in the “Using the Service Configuration Editor: Traffic Control” chapter of the Cisco Service Control Application for Broadband User Guide.
For a description of this value proposition, see the “Application-Based Billing” section.
A solution that provides application-based billing requires a billing system that is connected to the Cisco Service Control solution:
1. Integrate a billing system with the Cisco Service Control Collection Manager database.
2. Retrieve the Subscriber Usage RDRs from the TA adapter CSV files. The format of the CSV files is described in the “CSV File Formats” chapter of Cisco Service Control Application for Broadband Reference Guide.
For details on managing and using RDRs, see the:
For a description of this value proposition, see the “Content Filtering and Parental Control” section.
You can implement the content filtering and parental control value proposition in three ways:
For a description of this value proposition, see the “Tiered Subscriber Services” section.
This value proposition requires the Cisco Service Control Subscriber Manager module.
1. To install the SM, see the Installing and Upgrading chapter of the Cisco Service Control Management Suite Subscriber Manager User Guide.
2. To create tiered subscriber services, see the “Example: Creating Tiered Subscriber Services” section in the “Using the Service Configuration Editor: Traffic Control” chapter of the Cisco Service Control Application for Broadband User Guide.
For a description of this value proposition, see the “Mitigating Outgoing Spam” section.
To mitigate outgoing spam, it is first necessary to determine that you have an outgoing spam problem. After you identify the problem, you can use the Cisco SCE and the Cisco SCA BB Console to mitigate the outgoing spam.
1. To monitor mass-mailing activity, you should create a Top Subscribers by Sessions report, which can be used to identify the IDs of subscribers most likely to be involved in mass-mailing activity.
2. To mitigate outgoing spam, perform the configuration described in the “Mass-Mailing Based Threats” chapter of Cisco Service Control Service Security: Outgoing Spam Mitigation Solution Guide.
3. After configuring the system to mitigate outgoing spam, you can create a second Top Subscribers by Sessions report, which indicates whether the mitigation actions were successful.
For a description of this value proposition, see the “Advertising: Behavioral Targeting” section.
Cisco SCE and the Cisco SCA BB Console implement targeting advertising based on the behavior of subscribers.
Note To implement behavioral advertising, you must also integrate the system with an advertising vendor.
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation as an RSS feed and delivers content directly to your desktop using a reader application. The RSS feeds are a free service.