Guest

Cisco Prime Home

Cisco Prime Home Deployment Overview, 5.0.1

  • Viewing Options

  • PDF (580.7 KB)
  • Feedback
Deployment Overview

Table Of Contents

Cisco Prime Home 5.0.1 Deployment Overview

Overview

Purpose of This Guide

Limitations of This Guide

Deployment Architecture

Prime Home Availability

Hosted Prime Home

Onsite Prime Home

Deployment Variants

Licensing Requirements

Installation Components

Installation Requirements

Prerequisites

System Requirements for Prime Home

System Requirements for the Content Filtering Server

Installation Setup

Network Infrastructure Setup

Configurator Tool Setup

Configuration File Customization

Database Preparation

Content Filtering Service Setup

Getting Started

GUI Access

Overview of the Prime Home GUI

User Privileges

CSR Functions

Administrator Functions

Subscriber Functions

Obtaining Documentation and Submitting a Service Request


Deployment Overview

Cisco Prime Home 5.0.1 Deployment Overview


Revised: August 6, 2012, OL-27646-01

1 Overview

The following topics provide an overview of the goals, limitations, and content of this guide:

Purpose of This Guide

Limitations of This Guide

Purpose of This Guide

This guide briefly describes the Cisco Prime Home 5.0.1 deployment architecture, installation requirements, installation setup, and GUI. Installing Prime Home involves various third-party components. Cisco Advanced Services provides the support you will need to deploy Prime Home in your network.


Note This guide does not replace other available Cisco Prime Home documentation, as it contains the minimum subset of information required to get started. For detailed information on any of the topics in this guide, see the complete Cisco Prime Home 5.0.1 documentation set at http://www.cisco.com/en/US/products/ps12589/tsd_products_support_series_home.html.


Limitations of This Guide

This guide is not intended for large-scale, redundant environments, either at the customer premise equipment (CPE) level or the additionally supported components level.

This guide might not cover the information on all third-party components, and is based on the following limitations and requirements:

This information is for onsite Prime Home solutions only, and might not apply to hosted Prime Home solutions. For information on Prime Home deployment scenarios, see Prime Home Availability.

The network administrator must understand the additional components required to configure Prime Home in the network infrastructure.

This guide does not explain how to install Red Hat Enterprise Linux (RHEL) 6.x. Contact your network administrator to install RHEL 6.x on the Prime Home server, database server, and Content Filtering server.

This guide does not explain how to install and configure the third-party technologies that might be required for your network infrastructure. Contact Cisco Advanced Services to install and configure additional components in your Prime Home network.

This guide does not cover the following:

MySQL database setup and integration

Network customization

High Availability installation

LDAP configuration

External or remote database setup

2 Deployment Architecture

The following topics describe Prime Home availability, deployment variants, licensing requirements, and installation components:

Prime Home Availability

Deployment Variants

Licensing Requirements

Installation Components

Prime Home Availability

Prime Home is available as a hosted solution and an onsite solution.

Hosted Prime Home

The hosted Prime Home solution involves setting up Prime Home in a cloud environment, where users are given access to Prime Home. A dedicated server space is allocated to the user based on the license, and the license governs the number of users who can access Prime Home simultaneously. Service providers can ask Cisco to monitor the performance of Prime Home for their network setup, and provide maintenance support.

Onsite Prime Home

The onsite Prime Home solution involves setting up Prime Home in the service provider's network. The service provider manages all of Prime Home, including database setup and server space management. The number of users who can access Prime Home simultaneously depends on the license acquired by the service provider. The onsite Prime Home solution provides the flexibility to customize third-party components based on Prime Home usage.

Deployment Variants

The Prime Home platform can be deployed as the following variants:

Single node—Single node deployment is recommended for small-scale organizations with fewer than 250,000 devices. For single node deployment, the Prime Home application and database are configured on a single server.

Multiple node—Multiple node deployment is recommended for medium-scale organizations with fewer than 500,000 devices. For multiple node deployment, the Prime Home application and database are configured on separate servers.

High Availability—High Availability deployment is recommended for large-scale organizations with more than 500,000 devices. For High Availability deployment, a load-balanced failover system is set up with replicated system components.

Licensing Requirements

The license determines the maximum number of Prime Home sessions allowed, and which Prime Home features are available. For more information on Prime Home licensing, see the Cisco Prime Home 5.0.1 User Guide at http://www.cisco.com/en/US/products/ps12589/products_user_guide_list.html.

Installation Components

Prime Home installation requires setting up the Automated Configuration Service (ACS) node. The ACS node facilitates provisioning and configuring the CPE. When the CPE boots up, it communicates with the ACS node to get the initial configuration. The ACS node provisions the CPE based on the firmware rules defined in the applicable firmware version.

Table 1 describes the network components required to set up an onsite Prime Home solution.

Table 1 Installation Components 

Component
Description

Apache ActiveMQ

Open source messaging platform that facilitates sending Java messages and acts as a message queue for Prime Home. Multiple instances of ActiveMQ can be set for Prime Home to serve the ACS GUI. For more information on Apache ActiveMQ, see http://activemq.apache.org/.

Apache Solr

Document repository where you store database indexes. Solr allows you to run the Prime Home GUI with rapid access to all of the data. Instead of directly accessing the database, Solr accesses the index manager and retrieves the data in XML format. Solr must be configured in a primary-secondary (master-slave) environment to support Prime Home. For more information on Apache Solr, see http://wiki.apache.org/solr/.

(Optional) Session Traversal Utilities for NAT (STUN)

Allows a server to communicate with devices behind a firewall. STUN is needed only when you do not have a direct network route to the device. In a hosted Prime Home setup, the server is located in a Cisco data center and might not have direct access to your network. With onsite Prime Home, you can set up routing within your network.

Cisco Taze provides STUN functionality and can be deployed in your network with the help of Cisco Advanced Services.

Apache server

Provides standard HTTP services and helps in setting up the Prime Home host in public, private, and secured mode. For more information on the Apache server, see http://httpd.apache.org/docs/2.2/.

Apache Tomcat

Java container platform for Prime Home. Tomcat provides an open-source implementation of the Java servlet and Java server technologies. For more information on Apache Tomcat, see http://tomcat.apache.org/.

ACS CPE

Facilitates configuring and provisioning the CPEs. The ACS CPE component also provides API service, which is used to discover data from CPEs for performance management. The ACS CPE component is used to apply a specific configuration on the CPE.

ACS UI

Enables CPEs to retrieve the initial configuration and firmware rules. When the CPE boots up and contacts the ACS UI, the CPE-responder component sends the initial configuration to the CPE. The ACS UI also provides a simulated view of the subscriber's network from the Prime Home GUI and the Control Panel for subscribers.

Index Manager

Accesses the database and retrieves data. The Index Manager also converts data to XML format. The Solr component uses this XML data to serve the Prime Home GUI.

Content Filtering Service

Provides access control for HTTP requests, based on the selected profile. This component enables you to allow or block HTTP requests received from devices at the CPE level. For more information on the Content Filtering Service, see Content Filtering Service Setup.

Third-Party Categorization Engine

Provides profile-based categorization service for HTTP requests. The Content Filtering Service uses the Categorization Engine to retrieve the allowed and blocked URLs list.

Cloudera Flume

Provides data transport between Prime Home and the data store. For more information on Cloudera Flume, see https://ccp.cloudera.com/display/CDHDOC/Flume+0.9.x+Installation.

MongoDB

Document storage solution for Prime Home. Prime Home supports configuring multiple instances of MongoDB for document storage. For more information on MongoDB, see http://docs.mongodb.org/manual/.


Figure 1 provides an overview of the installation components for Prime Home.

Figure 1 Installation Components for Prime Home

3 Installation Requirements

The following topics provide prerequisites and system requirements for installing Prime Home:

Prerequisites

System Requirements for Prime Home

System Requirements for the Content Filtering Server

Prerequisites

To install Prime Home, you must meet the following prerequisites:

The Prime Home host server must be available.

The MySQL database server must be available.

A Content Filtering server must be available.

The media for the Prime Home software package must be available. Cisco provides the media for Prime Home, which consist of two zipped tar files:

Configuration file or distribution file—Use this file to customize Prime Home based on your network infrastructure. See Configuration File Customization.

Configurator tool—Use this tool to retrieve the Prime Home configuration from the configuration file on the Prime Home host server. See Configurator Tool Setup.

System Requirements for Prime Home

Table 2 lists the minimum system requirements to install Prime Home. These requirements are for planning purposes only, and might vary based on your network infrastructure.

Table 2 System Requirements for Prime Home 

Prime Home Deployment
Load Balancer
Server
System Requirements

Single node

None

One ACS server—For the Prime Home host and MySQL database

ACS server:

Operating system—RHEL v6.1

Processor—6 to 8 cores

RAM (DIMMs)—16 GB

Fiber disk—10,000 RPM

Database storage—300 GB

Multiple node

None

One ACS server—For the Prime Home Host

One database server—For the MySQL database

ACS server:

Operating system—RHEL v6.1

Processor—6 to 8 cores

RAM (DIMMs)—16 GB

Fiber disk—10,000 RPM

Database storage—300 GB

Database server:

Operating system—RHEL v6.1

Processor—6 to 8 cores

RAM (DIMMs)—32 GB or 48 GB in production

Database storage—300 GB

Fiber disk—10,000 RPM

High Availability

Two load balancers

Two ACS servers—For the Prime Home host

Two database servers—For the MySQL database

ACS server:

Operating system—RHEL v6.1

Processor—Either of the following with speed above 2.5 GHz:

8 Intel CPU cores

12 AMD CPU cores

RAM (DIMMs)—Minimum 24 GB (over 32 GB preferred)

RAID controller with 1 GB battery-backed, write-through cache

Networking—Two NICs:

NIC 1—Dedicated external connectivity

NIC 2—Dedicated intraserver connectivity

Database storage—300 GB

Database server:

Operating system—RHEL v6.1

Processor—Either of the following with speed above 2.5 GHz:

8 Intel CPU cores

12 AMD CPU cores

RAM (DIMMs)—Minimum 24 GB (over 32 GB preferred)

RAID controller with 1 GB battery-backed, write-through cache

Networking—Two NICs:

NIC 1—Dedicated external connectivity

NIC 2—Dedicated intraserver connectivity

Database storage—Above 500 GB

Load balancer:

HTTP transactions/sec (TPS)—1,000

Maximum SSL TPS—500


System Requirements for the Content Filtering Server

You can enable Content Filtering Service for all Prime Home variants. The Content Filtering server must be available in the network infrastructure before you enable Content Filtering Service.

Table 3 lists the minimum system requirements for the Content Filtering server.

Table 3 System Requirements for the Content Filtering Server

Prime Home Deployment
System Requirements for the Content Filtering Server

Single node

Multiple node

High Availability

Operating system—RHEL v6.1

Processor—Either of the following with speed above 2.5 GHz:

8 Intel CPU cores

12 AMD CPU cores

RAM (DIMMs)—16 GB

Networking—Two NICs:

NIC 1—Dedicated external connectivity

NIC 2—Dedicated intraserver connectivity


4 Installation Setup

The following topics describe the setup required to install Prime Home:

Network Infrastructure Setup

Configurator Tool Setup

Configuration File Customization

Database Preparation

Content Filtering Service Setup

Network Infrastructure Setup

Prime Home deployment depends on the network infrastructure, and may vary based on the components available in the network.

When you are ready to set up the network infrastructure for installing Prime Home, contact Cisco Advanced Services to configure the following components:

RHEL 6.x on the Prime Home host server, the MySQL database server, and the Content Filtering server. For information on RHEL6.1, see https://access.redhat.com/knowledge/.

MySQL database application on the database server, and creating the required database instance for Prime Home. For information on preparing the database, see Database Preparation.

Apache server, Apache ActiveMQ, Apache Solr, Apache Tomcat, ACS core, Cloudera Flume, and MongoDB. For more information on these network components, see Installation Components.

Content Filtering server. For information on the Content Filtering Service, see Content Filtering Service Setup.

Configurator Tool Setup

The Configurator tool is provided with the Prime Home installation package, and is used to retrieve the Prime Home configuration, from the database server to the host server. The Configurator tool is installed on the Prime Home host server.

The Prime Home configuration for a specific network is defined using the configuration file. The configuration file is customized based on the network infrastructure and placed on the database server. See Configuration File Customization.

For installing Prime Home, the Configurator tool facilitates running the customized configuration file on the host server.

When you are ready to set up the Configurator tool on the Prime Home host server, contact Cisco Advanced Services.

Configuration File Customization

You can customize the configuration file based on the components available in the network infrastructure. If the configuration file is not customized correctly, the Prime Home installation might fail.

The configuration file consists of various fields that are updated based on the third-party technologies available in the network. Once the configuration file is updated, place it at the required database instance on the database server.

The following is a sample configuration file:

{
    "_id": {
        "$oid": "4e8deedf30042dc3e3e1b3a1"
    }, 
    "clusterId": "app-svr-01", 
    "configTemplates": {}, 
    "distribution": "", 
    "licenseFile": "", 
    "loadBalancers": [
        {
            "hostname": "192.168.25.244", 
            "location": "/home/clearvision/cv/lb", 
            "nodeIds": [
                "aa", 
                "bb"
            ], 
            "type": "apache", 
            "url": "app-svr.yourserver.com", 
            "user": "clearvision"
        }
    ], 
    "nodes": [
        {
            "hostname": "192.168.25.244", 
            "location": "/home/clearvision/cv/server-aa", 
            "nodeId": "aa", 
            "properties": {
                "log4j_logFile": "/home/clearvision/ph/logs/acs-a.log", 
                "ports_tc_ajp_external": "8092", 
                "ports_tc_ajp_internal": "8093", 
                "ports_tc_http_external": "8090", 
                "ports_tc_http_internal": "8091", 
                "ports_tc_shutdown": "8094", 
                "rrd_directory": "/home/clearvision/ph/logs/rrd-a", 
                "tc_route": "aa"
            }, 
            "user": "clearvision"
        }, 
        {
            "hostname": "192.168.25.244", 
            "location": "/home/clearvision/cv/server-bb", 
            "nodeId": "bb", 
            "properties": {
                "log4j_logFile": "/home/clearvision/ph/logs/acs-b.log", 
                "ports_tc_ajp_external": "8042", 
                "ports_tc_ajp_internal": "8043", 
                "ports_tc_http_external": "8040", 
                "ports_tc_http_internal": "8041", 
                "ports_tc_shutdown": "8044", 
                "rrd_directory": "/home/clearvision/ph/logs/rrd-b", 
                "tc_route": "bb"
            }, 
            "user": "clearvision"
        }
    ], 
    "properties": {
        "clientId": "app-svr-01", 
        "db_password": "acs", 
        "db_schema": "app-svr-01", 
        "db_url": "jdbc:mysql://192.168.25.191/app-svr-01", 
        "db_username": "acs", 
        "jms_brokerUrl": "tcp://192.168.25.244:61616?wireFormat.maxInactivityDuration=0", 
        "smtp_host": "exampletel.clearvision.com", 
        "solr_url": "", 
        "url_user_internal_root": ""
    }
}
 
   

Table 4 provides field descriptions for the configuration file.

Table 4 Configuration File Field Descriptions 

Field
Description

clusterId

Enter the ID for the Prime Home ACS cluster. The clusterId field acts as the identifier for the entire Prime Home package. For example, the cluster ID can be specified as production, QA, development, and so on. A cluster can have up to 10 Prime Home instances.

distribution

Enter the location of the updated configuration file on the Prime Home host server. The configuration file is placed at this location in zipped tar format. The filename contains a version number and a time stamp.

licenseFile

Enter the location for the license file. The license file provides the information on the license acquired, available features, and the number of allowed sessions for Prime Home.

loadbalancers

Enter the information for the load balancer setup. Instances of nodes in the load balancer setup help to determine access points for Prime Home. The access points can be for public, private, and secured access to Prime Home.

hostnameEnter the name of the host on which the load balancer is available.

LocationEnter the location of the home directory in which the load balancer is installed.

nodeIds—Enter the node IDs. The node IDs are the names of the ACS nodes, and act as identifiers for the node.

TypeEnter the load balancer type; for example, Apache.

URL—Enter the URL for the load balancer setup.

User—Enter the username for accessing the load balancer setup.

nodes

Enter the information to configure nodes in the Prime Home ACS cluster:

hostname—Enter the name of the host on which the ACS node is available.

Location—Enter the location of the home directory in which the node is installed.

nodeId—Enter the node ID. The node ID is the name of the node, and acts as an identifier for the node.

log4j_logFile—Enter the location of the log file for the ACS node.

Ports—Enter the port information for the AJP and HTTP facilities. Prime Home and the Apache server use these ports to communicate. If Apache and Prime Home are on separate servers, set up firewall rules for communication between them.

rrd_directoryEnter the location of the Round Robin Database (RRD) directory for the ACS node. The RRD directory is used to store the network monitoring data, and helps to display the monitoring results.

ClientId—Enter the client ID that identifies the entire cluster. You can enter the client ID based on your network infrastructure; for example, app-svr-01.

db_username—Enter the name of the user who accesses the MySQL database for modification. The db_username can also be a load balancer host in a high availability installation.

db_passwordEnter the password that is used to access the database to make changes.

db_schema—Enter the schema for the database.

db_URL—Enter the MySQL database connection string and the location of the database.

Jms_brokerURL—Enter the URL of the ActiveMQ that is the messaging system. In a high availability installation, enter the URL for the load balancer.

Smtp_hostEnter the SMTP host details. This field is used to set the SMTP host for sending and receiving e-mails. This field is set only if Prime Home is to be configured with an e-mail facility. The SMTP host can be an e-mail server or the local host.

Solr_URL—Enter the location of Solr in terms of hostname, port, and client ID.

URL_user_internal_root—Enter the URL for Prime Home internal communication. This URL is constructed using the ACS cluster node, which is specified for private connection.


Database Preparation

The MySQL database setup depends on the size of the network and the type of Prime Home deployment. Prime Home can be deployed in single node, multiple node, or High Availability setup.

Contact your local MySQL database administrator to create the database. For information on the MySQL database, see http://www.mysql.com/downloads/.

The MySQL database must be functioning normally before you configure the Prime Home MySQL instance. Cisco Advanced Services can help you to configure the database instance for Prime Home.

Content Filtering Service Setup

The Content Filtering Service enables subscribers to restrict access for specific websites, at the CPE level. The content filtering settings can be applied to all devices in the subscriber's network. Content filtering is based on a third-party database that filters the websites based on age criteria.

A separate server is required to host the Content Filtering Service. Cisco Advanced Services can help you to set up the Content Filtering Service for Prime Home.

5 Getting Started

The following topics describe how to get started with Prime Home:

GUI Access

Overview of the Prime Home GUI

User Privileges

CSR Functions

Administrator Functions

Subscriber Functions

GUI Access

Prime Home functionalities are available based on the privileges assigned to the user. You can create a custom user and map privileges to the user account based on your staffing model. When the user logs into Prime Home with the appropriate username and password, Prime Home runs with the functionalities mapped to the user account.

For information on how to log into Prime Home, see the Cisco Prime Home 5.0.1 User Guide at http://www.cisco.com/en/US/products/ps12589/products_user_guide_list.html.

Overview of the Prime Home GUI

The Customer Service Representative (CSR) and administrator can use the Prime Home GUI to perform various network monitoring and configuration tasks. The Prime Home GUI also provides a simulated view of the subscriber's home network.

Table 5 describes the Prime Home GUI tabs.

Table 5 Prime Home GUI Tabs Description 

GUI Tab
Description

CUSTOMER SUPPORT

CSRs use this tab to monitor and manage the subscriber's home network.

DASHBOARD

Administrators use this tab to get a summary of recent activities; for example, network updates about device connections and subscriber labels.

ADMINISTRATION

Administrators use this tab for configuration and firmware management.

AUDIT

Administrators use this tab to view the network changes performed:

On a set of devices during a bulk operation activity.

On a single device.

On a Prime Home user's account.

By a Prime Home user. Prime Home user can be a CSR, administrator, subscriber, or a custom user. For more information on Prime Home users, see User Privileges.

BULK OPERATIONS

Administrators use this tab to configure and provision multiple devices simultaneously. This tab also enables administrators to run a particular operation on a set of devices; set the date and time to run the operation; and name the bulk operation activity.

REPORTS

Administrators use this tab to extract reports for the subscriber's home network, based on criteria specified for the subscriber and device. Administrators use these reports to enhance security utilities and observe the subscriber's network performance.

UTILITIES

Administrators use this tab to import the subscriptions in Prime Home and troubleshoot the subscriber's network. This tab enables administrators to directly access the integration API and perform the required actions.


Figure 2 shows the Prime Home GUI.

Figure 2 Prime Home GUI

For information on how to use the functions available in Prime Home, see the Cisco Prime Home 5.0.1 User Guide at http://www.cisco.com/en/US/products/ps12589/products_user_guide_list.html.

User Privileges

The Prime Home GUI provides functions based on the privileges assigned to the user. Prime Home users can be categorized as follows:

CSR—The privileges assigned to the CSR are limited to accessing the subscriber's network and troubleshooting the CPEs remotely. The Prime Home functions available to the CSR may vary based on the network infrastructure. For example, if the SMTP service is configured in Prime Home, the CSR is allowed to send e-mails to the subscriber.

AdministratorAll privileges are available to the administrator. In addition to having access to all CSR functions, administrators can also configure the Prime Home platform using various functions such as adding users, adding custom labels, running reports and activity audits, managing CPE firmware updates, and so on.

SubscriberThe privileges assigned to subscribers are limited to parental controls only. Subscribers have access to a Control Panel, which is used for profile-based content filtering, Internet blocking, and managing wireless devices connected to the modem.

Custom user—The Prime Home platform allows you to configure user privileges based on your staffing model. Custom users can be configured in Prime Home with access to features that you choose. Contact Cisco Advanced Services to configure custom users with additional roles.

CSR Functions

CSRs have complete access to the Customer Support tab in Prime Home and can perform the following operations:

Retrieve subscriber details

View a subscriber's home network

Access the local GUI (router GUI)

Monitor bandwidth for a subscriber network

Queue scripts

Queue firmware versions

Replace devices

For information on how to perform these operations, see the Cisco Prime Home 5.0.1 User Guide at http://www.cisco.com/en/US/products/ps12589/products_user_guide_list.html.

Administrator Functions

Administrators have complete access to Prime Home and can perform the following operations:

Create and modify labels

Add customized scripts for events

Add firmware versions

Add labels to device types

Add device types

Map scripts with events

Perform bulk operations

Enable and disable services

Provide local GUI access

Perform audits of device changes and data modified by CSRs

Generate reports

For information on how to perform these operations, see the Cisco Prime Home 5.0.1 User Guide at http://www.cisco.com/en/US/products/ps12589/products_user_guide_list.html.

Subscriber Functions

Subscribers have complete access to the Control Panel in Prime Home and can perform the following operations:

View, add, and remove wireless devices in a subscriber's network

Configure Internet time blocking

Configure profile-based content filtering

For information on how to perform these operations, see the Cisco Prime Home 5.0.1 User Guide at http://www.cisco.com/en/US/products/ps12589/products_user_guide_list.html.

6 Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service. Cisco currently supports RSS Version 2.0.