Cisco CNS Subscriber Edge Services Manager Troubleshooting Guide, 3.2
Introduction to SESM Solutions
Downloads: This chapterpdf (PDF - 219.0 KB) | Feedback

Introduction to SESM Solutions

Table Of Contents

Introduction to SESM Solutions

SESM Installation Images

Subscriber and Service Profiles

SESM Reference Network Diagram

SESM Application Management

SESM Documentation Map

Introduction to SESM Solutions

This chapter provides introductory information about the Cisco Subscriber Edge Services Manager (SESM) solution. Topics are:

SESM Installation Images

Subscriber and Service Profiles

SESM Reference Network Diagram

SESM Application Management

SESM Documentation Map

SESM Installation Images

The installation images for SESM are available from the product CD-ROM or from the Cisco web site. SESM images are available for the Sun Solaris, Linux, and Windows platforms.

Table 1-1 shows the names of the compressed and executable files (Note that "x.x.x" is used to denote version number).

Table 1-1 Installation Image Filenames

Compressed Filename
Executable Installation Filename









The procedures for obtaining the installation images are detailed in the Cisco Subscriber Edge Services Manager Installation Guide.

Subscriber and Service Profiles

SESM solutions require detailed data about subscribers and the services they are authorized to use. We refer to this data as profiles:

Subscriber profiles—Define authentication information, subscribed services, and information about connection and service options and preferences for each subscriber.

Service profiles—Define Connection information for the services that subscribers can subscribe and connect to.

The SESM solution integrates with any one or a combination of the following options to obtain subscriber and service data:

An AAA database managed and accessed by a RADIUS server.

An SPE database (an LDAP directory or RDBMS) accessed through the Cisco SPE application programming interface (API). In SESM deployments, the Cisco Distributed Administration Tool (CDAT) manages the subscriber and service profiles in the database.

A flat file in Merit format, accessed by an appropriately configured RDP application or SESM portals running in Demo mode.

SESM Reference Network Diagram

The following figure shows SESM applications in a hypothetical deployment. Actual deployments might not use all of the components shown.

Figure 1-1 SESM Network Diagram


Subscriber access media—SESM applications and solutions are independent of the access media.


Service Selection Gateway (SSG)— Most SESM solutions work with and require a Cisco gateway such as the SSG. The SSG is a feature in the Cisco IOS software running on a Cisco device. The SSG provides authentication, service connection, connection management, and SESM session capabilities. The SESM portals provide the subscriber's interface to SSG for those services.

Content Services Gateway (CSG)—An optional gateway that provides content billing services to the SESM solution.


Open garden—The open garden is an SSG feature that allows subscriber access to preconfigured networks without authentication. Packets destined for open garden networks are not accounted for nor subject to access control by the SSG.


Default network—The SESM applications must run on systems on the SSG default network. The default network (and open gardens, if configured) are always accessible to subscribers.


SESM web portals—Subscribers access the SESM portal using a web browser. The portal provides the following features: subscriber interface to SSG; one-stop access to services; location-based branding; firewall provisioning; access to the Cisco Subscriber Policy Engine (SPE) self-care features such as registration, service subscription, account maintenance, and subaccount management. The access provider (the SESM deployer) presents these features on personalized browser pages shaped by dimensions such as access device, language preference, and location. The SESM packages include a number of sample web portal applications. In addition, the captive portal applications are also SESM web portals.


Captive portals—Captive portal applications are specialized SESM web portals that work with the SSG and other SESM web portals to capture, analyze, and redirect packets for various purposes, including messaging, advertising, or displaying logon pages in response to unauthenticated access attempts and unconnected service requests.


Profiles—SESM solutions are based on subscriber and service data stored in RADIUS or SPE databases.


SESM RADIUS Data Proxy (RDP)—The RDP application is a RADIUS server compliant with RFC 2865 and is the required RADIUS server for SESM SPE-mode deployments. RDP provides access to profiles on the SPE database. Deployers can configure RDP to proxy requests to other RADIUS servers or flat files. Domain-based proxying forwards requests to multiple RADIUS servers based on the IP domain in subscriber and service names.


Cisco Distributed Administration Tool (CDAT)—CDAT is a web-based GUI tool for managing the SPE extensions in an LDAP directory. CDAT provides the means for creating and maintaining user (subscriber) and service profiles, user groups, service groups, roles, and policy rules for the RBAC model.

Application Manager—The Application Manager is a web-based GUI for remotely managing SESM applications in a distributed deployment. The managed applications can be SESM web portals, captive portals, RDP, CDAT, WSG, and the Application Manager itself. Administrators use the Application Manager to access the configuration attributes in the Java Management Extensions (JMX) MBeans used by these SESM applications.


Web Services Gateways (WSG)—The SESM WSG applications provide a Simple Objects Access Protocol (SOAP)-based interface enabling third-party web portals and subscriber management systems to integrate with the SESM and SSG solution. Any client application can interface with SSG through a WSG using SOAP over HTTP communication.


Billing server—A third-party billing server is required if the SSG Prepaid feature is included in the solution.


Services—SESM applications work in conjunction with the Cisco gateway components to provide a one-stop interface for activating multiple services. SESM can provide the activation interface for any service type supported by the gateway component. Service information exists in the service profiles.

SESM Application Management

SESM uses the Java Management Extensions (JMX) specification and its related JMX MBean standards for application configuration. For descriptions of these standards, go to:

A brief introduction to JMX terminology and its relationship to SESM application management follows:

JMX manageable resources—Java objects instrumented to allow spontaneous management by any JMX compliant agent. Each SESM application contains JMX manageable resources.

JMX agent— A management entity implemented in accordance with the JMX Agent Specification. For SESM, the agent is the Cisco ConfigAgent.

Managed beans (MBeans)—Java objects that represent a JMX manageable resource. MBeans for each SESM application are specified in XML files installed in the application's config directory under the SESM installation directory.

JMX server ( also called the MBean server)—A registry for objects that are exposed to management operations by an agent. Any object that is registered with the JMX server becomes visible to the agent. In SESM applications, MBeans are registered by the ConfigAgent or by other MBeans.

Administrators can change SESM application configuration by changing the attribute values in MBeans. In this release of SESM, use any of these ways to change MBean attribute values:

Use the Application Manager, a web-based GUI tool. This is the preferred way to manage running SESM applications. The tool includes:

Operational scenarios that present the most-used attributes for quick access and adjustments.

Advanced screens that present all attributes.

A bulk upload feature for importing large mappings of subscriber subnets to SSGs.

Manually edit the XML files associated with the application. XML files are located in the application's config directory (for example, nwsp/config/nwsp.xml). If you use this method, you must stop and restart the application before the changes take effect.

Use the SESM Agent View, a web-based view of managed resources and associated MBeans. The Agent View is an adaptation of the Management Console provided by the HTML adaptor server, which is included with the Sun example JMX server. The Cisco adaptations add persistence features to the server.

Note The Application Manager replaces the SESM Agent View. The Agent View is included in this release of SESM to provide convenience and continuity during migrations from previous releases.

SESM Documentation Map

Table 1-2 can help you to locate information in the SESM documentation set. Go to the following URL to access the online version of the SESM documentation:

Table 1-2 SESM Documentation Map

To Learn About

SESM Features

Cisco Subscriber Edge Services Manager Solutions Guide

Cisco Subscriber Edge Services Manager Web Portal Guide

Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide

Cisco Subscriber Edge Services Manager Captive Portal Guide

SESM Deployment

Cisco Subscriber Edge Services Manager Quick Start Guide

Cisco Subscriber Edge Services Manager Installation Guide

Cisco Subscriber Edge Services Manager Deployment Guide

SESM Application Management and Configuration

Cisco Subscriber Edge Services Manager Application Management Guide

Cisco Subscriber Edge Services Manager Web Portal Guide

Cisco Subscriber Edge Services Manager RADIUS Data Proxy Guide

Cisco Subscriber Edge Services Manager Captive Portal Guide

Profile Management RADIUS

Cisco Subscriber Edge Services Manager Deployment Guide

Profile Management SPE

Cisco Distributed Administration Tool Guide

SPE Role Based Access Control (RBAC)

Cisco Distributed Administration Tool Guide


Release Notes for the Cisco Subscriber Edge Services Manager, Release 3.2

Cisco Subscriber Edge Services Manager Troubleshooting Guide

SESM Portal Development

Cisco Subscriber Edge Services Manager Web Developer Guide

JavaDoc (included with the software distribution)

Web Services Gateway

Cisco Subscriber Edge Services Manager Web Services Gateways Guide

SESM Platform SDK

Cisco Subscriber Edge Services Manager SDK Platform Programmer Guide

Plug and Play Connectivity

Cisco Subscriber Edge Services Manager Plug and Play Guide