The Cisco® Content Services Gateway (CSG) is the ideal solution for service providers seeking to apply advanced processing of IP flows through dynamic application-layer content examination, subscriber service access control, subscriber account balance enforcement, and content filtering. The Cisco CSG is a specialized line card designed for the Cisco Catalyst® 6500 Series Switch and Cisco 7600 Series Router. It provides the capability for billing, content filtering, service control, traffic analysis, and data mining in a highly scalable, fault-tolerant package.
The Cisco CSG Release 7 introduces capabilities integral to mobile operators' commercial deployment of on-demand services. With voice services in many worldwide wireless markets reaching saturation levels, mobile operators are turning to new applications and services to generate new revenue streams by delivering on the demands of an increasingly data-oriented world. Data services offer mobile operators the ability to differentiate their services in ways that voice services cannot.
Mobile subscriber growth has resulted in large part from the prepaid segment, as high as 80 percent in many markets. "Pay-as-you-go" models, in which the subscriber prepays for the service and recharges the account as demand arises, are especially attractive at a time when mobile data services are still being developed. Content and value-added mobile services are seen as important sources of differentiation and are essential to creating brand value and loyalty. Price has traditionally been the main factor in attracting and retaining prepaid subscribers, but the use of innovative mobile services and billing models targeted at the prepaid market segment can both increase average revenue per user (ARPU) and build consumer loyalty. The coupling of the prepaid subscriber base with mobile data and content services is becoming an essential go-to-market focus for mobile operators.
The Cisco CSG gives service providers the flexibility to create a differentiated billing model through the creation of services-the grouping of URLs, HTTP and Wireless Application Protocol (WAP) header attributes, server IP addresses, and server port numbers-that are individually accounted for on either a postpaid or prepaid basis per subscriber. The Cisco CSG authorizes subscriber service-access attempts with the billing system, reports the detailed service usage, and meters the balance allocation per service for the billing system in the case of prepaid billed services. When a prepaid subscriber's balance is depleted, the Cisco CSG operates in conjunction with the operator's billing system to redirect the subscriber to a replenishment website for a balance recharge. The original service can then be re-accessed, resulting in additional traffic, additional revenues, and an enhanced user experience.
The Cisco CSG enables whitelist and blacklist control for URL traffic, giving providers the ability to dynamically filter content for the protection of "vulnerable" users, offering age-restricted content to user segments and access control for corporations, providing protection from corporate liabilities related to inappropriate usage and content.
As part of the Cisco Mobile Exchange framework, the Cisco CSG brings value to all network access types. Cisco Mobile Exchange is a standards-based framework that links the radio access network (RAN) to IP networks and their value-added services. It comprises numerous components, including packet gateways, mobile services, load balancing, public wireless LAN, security, and network management services delivered on a range of Cisco platforms and application modules. Together, these components successfully address the many challenges that face mobile network operators as they seek profitability from their second-generation (2G), 2.5G, 3G, or next-generation mobile packet infrastructures and their 802.11 public WLAN hotspots. However, the Cisco CSG (Figure 1) works in both wired and wireless IP environments and can support content-billing requirements for operators running multiple access technologies simultaneously.
Figure 1. The Cisco Content Services Gateway
The Cisco CSG provides the following benefits:
• Management of multiple concurrent services per user-logon session-The Cisco CSG architecture differentiates user service access by providing application-aware inspection of the content of the traffic, allowing the operator to offer multiple, simultaneous services to a user, each charged by a different charging scheme. The provisioning of service charging is transparent to the user device and can be introduced easily without inflicting any need for end-device configuration. Cisco CSG service definitions are flexible; they can contain wildcards in the form of URL regular expressions or masks for destination addresses, ports, and protocols.
• Advanced content measurement-The Cisco CSG can be configured to provide application-level billing information. Content matching is deciphered based on the actual object requested. For example, the Cisco CSG will record the URL for HTTP, WAP, Real Time Streaming Protocol (RTSP), HTTP, and e-mail headers, or FTP filename and directory path, as applicable, rather than just the server IP address. Different elements of a URL can have very different meanings in a billing context. Domain names determine that a user has accessed a given site, but directories, filenames, and extensions allow operators to bill for the particular object requested, such as video streams, MP3 files, and PDF files, or files in high-value directories versus budget directories. By differentiating the content requests, the Cisco CSG allows billing applications to charge for the true value of the content. The content measured can be billed on an individual user basis, or billed to the content provider, or even to a third party for some transactions, such as pushed or banner advertisements.
• Goodput-based charging (billing only for delivered content)-The Cisco CSG has a unique capability to optionally exclude retransmitted TCP packets from volume measurements so that the billing system can exclude them from the accounting report and in user transaction and event details. The Cisco CSG can also provide information indicating the complete status of a transaction or event. These capabilities help ensure consistent charging regardless of user-connection quality or content-access errors, thus helping to increase user willingness and confidence in using an operator's services. The Cisco CSG also extracts application-level completion codes (HTTP error codes and FTP completion codes) to provide the billing system with the additional means to determine if the subscriber received the requested content. For prepaid services, the Cisco CSG can be configured to automatically apply the adjustments for retransmits and failures back to the prepaid billing system, thus simplifying the job of the billing system.
• Enhanced user identification-In many environments, the IP address is not sufficient for properly identifying the user. IP addresses can be dynamically assigned, or hidden by proxies and firewalls. In real time, the Cisco CSG associates the user ID, as captured by the authentication, authorization, and accounting (AAA) server, with each transaction that it reports, allowing for user-based charging in a broader set of environments. Using this ability to reliably associate subscribers with their billing plans, real-time control of subscriber service tiers becomes possible.
• Outstanding price and performance value for large data centers and ISPs-The Cisco CSG features a low connection cost. It slides into a slot in a new or existing Cisco Catalyst 6500 Series Switch or Cisco 7600 Series Router and conserves valuable data center space. Up to six Cisco CSGs and/or content services modules (CSMs) can be installed into each chassis. Cisco CSG supports up to 300,000 connected subscribers per line card, with a maximum throughput of 3 Gbps per CSG.
• Ease of configuration-The Cisco CSG uses the same native Cisco IOS® Software interface used to configure the Cisco Catalyst 6500 Series and Cisco 7600 Series platforms.
The Cisco CSG has several features fundamental to content billing and filtering.
Fine Level of Detail in Content Measurement
The Cisco CSG meters data traffic and generates accounting records at the content level. Unlike traditional billing models that bill for broad classes of traffic, the Cisco CSG enables differentiated billing based on the actual object requested. The detailed accounting records include the user ID, session duration, and bytes uploaded and downloaded. For TCP, the information includes the content transfer size, which is reported without retransmission data. The connection termination type and initiator, as well as any application-layer return codes, are also reported. For protocols where the Cisco CSG provides deep packet inspection (such as HTTP 1.0/1.1, WAP 1.x/2.x, RTSP, FTP, and SMTP/POP3/IMAP for e-mail), the Cisco CSG provides the URL, host name, filename, directory, and headers of the content request, as well as application-level completion code, as applicable. The billing agent uses this information to apply different rates to different services, according to the operator's pricing strategy.
Real-Time Prepaid Billing Support
For prepaid billed services, the Cisco CSG meters subscriber usage so that the subscriber cannot exceed the balance allocated by the billing system. Each service that a subscriber accesses can have a different balance allocation and can be billed at a different rate, including provisions for free services as well as services that provide a credit. A balance allocation can be a specified number of transactions, a specified number of bytes, or service duration. Metering performed by the Cisco CSG can adjust for download failures or retransmits. Balance allocations can have a specified expiration time (duration), which allows for time-of-day rate changes. The billing system can recall existing quota allocations when redistributing existing balance allocations to other services.
In addition, for operators looking to deploy flat-rate prepaid charging models for premium customers, the Cisco CSG can be configured to perform connection time charging. This feature allows the operator to determine the minimum charge for a session (for example, minimum service time is two minutes) and usage increments (for example, usage is rounded up to nearest 30 seconds). Connection time charging models allow an operator to continue to provide value-added services at a premium, and deploy bulk-rate pricing models for nonpremium services.
Specific User-Awareness Capability
For content accounting, the Cisco CSG identifies users by their IP addresses, and correlates this with a user ID that is obtained from AAA RADIUS flows or from an external database using requests based on the industry-standard Extensible Markup Language (XML). The Cisco CSG offers multiple options for RADIUS inspection: Proxy, Transparent Monitoring, or Endpoint. Through its inspection of RADIUS AAA records, the Cisco CSG can record subscriber access information and charging identification that can be provided to the billing system in conjunction with regular charge reporting, thus allowing charge differentiation based on access, and offloading significant correlation load from the billing system. The Cisco CSG provides for dynamic changes in the binding of the user ID and the IP address, so that individual users can be billed for each transaction requested. Because the transaction information is measured on a per-object basis, the rating and billing engines can also determine if a different party should be charged or not, as in the case of push advertising.
Ease of User-Profile Configuration
The destinations for which the Cisco CSG will generate billing records on a per-user basis can be specified with command-line interface (CLI) commands. Destinations are specified by domains, ports, and protocols, and can also be specified using wildcards. Policies can be used to apply URL and header maps. For prepaid or managed subscribers, these content rules can be grouped logically into services that can be included or excluded from user billing plans.
Open Interface with Multiple Billing Agents
The Cisco CSG collects content information and feeds it to a billing agent. The billing agent aggregates all of the information about a data session and formats it to be used by the rating and billing engines. The base protocols used to communicate with the billing mediation or billing devices are standard and open, and provide facilities for reliable transmission and failover in the event that one of the billing systems becomes unavailable. This enables the Cisco CSG to interface with whatever billing agent the customer chooses and to provide robust reporting, after this protocol is implemented.
Use of Content for Data Mining
Cisco CSG capabilities are not restricted to billing applications. Service providers can now gather subscriber network, service, and content usage data across their networks. An operator can apply business intelligence to the collected information to better understand user transaction behaviors and apply that knowledge to marketing and partnership strategies. Traffic patterns can also be analyzed for use in quality-of-service (QoS) plans. Popular sites can be identified and approached with real data to justify opportunities for content-delivery hosting.
In conjunction with Cisco partners, the Cisco CSG provide support for dynamic content filtering. Service providers can provide personal filtering based upon blacklists and whitelists, allowing access to content deemed appropriate or on a paid-for basis.
NEW FEATURES IN CISCO CSG RELEASE 7
HTTP IP Byte Count Reporting
The Cisco CSG will report the total number of IP bytes of each HTTP transaction transferred between a client and a server. Bytes that can be associated with a particular transaction will be charged to the matching service (content or policy). For the remaining subset that could not be associated with any particular transaction, the intention is to allow the billing system to tally the unassociated byte volumes provided by the CSG and charge that to "network overhead" if the customer chooses to do so. The Cisco CSG does not itself implement a network overhead service.
Known User Table Entry Timeout
In order to ensure subscriber entries are removed from the known user table (KUT), the Cisco CSG now allows the idle timer for a user entry to start when all the user's sessions have terminated. When the idle timer expires, a Packet of Disconnect (PoD) message will be sent if it is specified and configured. If a PoD is not sent, the KUT entry is deleted. If a PoD is sent, the KUT entry is deleted when the PoD message is ACKed (message type 41), NAKed (message type 42), or when all retries have been sent; the RADIUS Stop message does not have to be received by the Cisco CSG.
RTSP Pause Support
The Cisco CSG allows for the monitoring of the RTSP control session between the RTSP client and server, and scans for PAUSE and PLAY methods. When a PAUSE method is detected, it initiates an event to inform the prepaid service to stop charging for duration billing. Subsequently, when a PLAY method is detected, it initiates an event to inform the prepaid service to resume the charging for duration billing.
Obscure X-Forwarded-For Header (HTTP)
When an HTTP request passes through one or more proxies before reaching the server, the IP address of the client may be present in the X-Forwarded-For header of the HTTP request packet. In some instances, this may be a private address that should not be available outside of a provider's network. To support that requirement, the Cisco CSG can replace the IP address in the X-Forwarded-For header with blanks, effectively obscuring the client's IP address.
RADIUS VSA Subattribute Parsing
The RADIUS report attribute and RADIUS pod attribute commands are changed to support subattributes. This allows for a more efficient RADIUS attribute reporting implementation.
SMTP CDR Header Removal
Simple Mail Transport Protocol (SMTP) call detail records (CDRs) can be very large-they include a report attribute for each SMTP header embedded at the beginning of a message. These specific headers can be eliminated from the CDR, leaving only the SMTP envelope headers and the size attribute in the report. These are reported as X-CSG-MAIL, X-CSG-RCPT, and X-CSG-SIZE.
IP Fragment Support for E-Mail Protocols
IP fragmentation support is added for Post Office Protocol 3 (POP3), SMTP, and Internet Mail Access Protocol (IMAP). This includes support for out-of-order fragments.
Support for Out-of-Order Packets for E-Mail and HTTP
Packets received out of order will be buffered and processed in the proper order. This does not guarantee that they will transmit in any specific order, only that the Cisco CSG will tolerate them arriving out of order. This allows two Cisco CSGs to be deployed back-to-back. As an example, the first CSG could be used for content-filtering functions and the second CSG could be used for content billing.
Service-Level Reporting for WAP 1.x, RTSP, and FTP
The Service Usage CDR is generated after a configured volume or time is reached. The record contains no transaction-level information about the session. Support for WAP 1.x, RTSP, and FTP is now supported.
HTTP Multipart Support
The Cisco CSG supports HTTP encapsulation of several body parts into one message. Multipart types may be returned on the condition that the client has indicated acceptability (using Accept:) of the multipart type for HTTP sessions. The Cisco CSG will parse the data for the delimiter specified in the header and will bill at Layer 7, rather than downgrading to Layer 4 as was done in prior releases.
WAP Segmentation and Reassembly Support
This feature allows the Cisco CSG to apply the appropriate policy to a WAP transaction containing a URL spanning multiple WAP segmented packets.
WAP 1.x Performance Improvement
Internal processing improvements have been implemented that provide an incremental performance improvement to the WAP 1.x protocol processing. In many cases, depending on protocol mix, this results in as much as a 25-percent improvement for WAP 1.x processing.
Increased Number of Service Definitions and Service Rules
The maximum number of service definitions is now 1024; in prior releases, the limit was 255. The maximum number of service rules is now 4096; in prior releases, the limit was 1024.
Layer 2 Enhancements
The Cisco CSG will dynamically use Address Resolution Protocol (ARP) for the IP address of a directly attached client if the MAC address is unknown. This removes the need for configuring a placeholder route for the client.
SERVICE MANAGER SUPPORT
With Cisco CSG Release 7, Cisco also announces the availability of Cisco CSG Service Manager Release 4.1. The Cisco CSG Service Manager is part of the Mobile Wireless Center for the Cisco Mobile Exchange suite of applications, which complements the CiscoWorks LAN Management Solution (LMS) and Cisco Mobile Wireless Fault Mediator to provide end-to-end management of Cisco Mobile Exchange (Figure 2). The Mobile Wireless Center for Cisco Mobile Exchange addresses the element-management requirements of mobile operators and provides fault management, configuration management and troubleshooting.
Figure 2. Cisco CSG Service Manager Console for Configuration Discrepancy Analysis
Integrated with the CiscoWorks LMS desktop, the Cisco CSG Service Manager provides an intuitive interface that allows the user to easily navigate through the different configuration and troubleshooting tasks in a familiar environment.
The Cisco CSG is part of the Cisco Mobile Exchange framework, contributing to the delivery of content-differentiated, value-added services to the end-user. In addition, Cisco's strong partnerships with top billing and mediation vendors provide an end-to-end billing solution.
CISCO SERVICE AND SUPPORT
Cisco is unmatched in the breadth and depth of its access to resources, shared intellectual capital, and leading data and telecommunications products and expertise. This combination enables Cisco to provide the highest quality available in carrier-class support, solutions, and vision for its service provider customers. Cisco service and support solutions enhance the value of a network infrastructure investment, resulting in an overall reduced cost of doing business. Service providers can now deliver fully on the promise of internetworking technology, with the backing of world-class service and support.
CISCO CSG CONFIGURATION LIMITS
• 256 total virtual LANs (client and server)
• 4000 content definitions
• 1024 services
• 16,000 access control list (ACL) items
• Up to six Cisco CSGs and/or CSMs can be installed in a Cisco Catalyst 6500 Series or Cisco 7600 Series chassis
• 1,000,000 concurrent TCP connections
• 300,000 connected subscribers per card
• 3 Gbps total maximum combined throughput, including user traffic and Cisco CSG control messages and CDRs
CISCO CATALYST 6500 SERIES AND CISCO 7600 SERIES PLATFORM REQUIREMENTS
• Cisco CSG Release 7 features are supported in Cisco IOS Software Release 12.2(18)SXF1 and later.
• The Cisco CSG/Hybrid runs with Cisco IOS Software Release 12.1(13)E or later and Cisco Catalyst OS 7.6.1 or later.
– Cisco Catalyst 6500 Series/Cisco 7600 Series Supervisor Engine 720-3BXL
• The Cisco CSG is not switch-fabric-enabled.
• Occupies any slot in the Cisco Catalyst 6500 Series or Cisco 7600 Series chassis
• Dimensions (H x W x D): 1.2 x 14.4 x 16 in. (3.0 x 35.6 x 40.6 cm)
• Weight: 5 lb (2.27 kg)
• Operating temperature: 32 to 104.5ºF (0 to 40ºC)
• Nonoperating temperature: -40 to 158ºF (-40 to 70ºC)
• Operating relative humidity: 10 to 90 percent (noncondensing)
• Nonoperating relative humidity: 5 to 95 percent (noncondensing)
• Operating and nonoperating altitude: Sea level to 10,000 ft (3050 m)
MEAN TIME BETWEEN FAILURES
• 63,524 hours
• Emissions: FCC Part 15 (CFR 47) Class A, ICES-003 Class A
• EN55022 Class A, CISPR22 Class A, AS/NZS 3548 Class A
• Safety: CE marking according to UL 1950, CSA 22.2 No. 950
• EN 60950, IEC 60950, TS 001, and AS/NZS 3260
Table 1 lists the product codes for the Cisco CSG line card, base software, and licenses.
Note: Prior releases of the CSG used a subscriber licensing model where the base license provided up to 10,000 concurrent sessions, with "top-up" licenses for up to 50,000 concurrent sessions and unlimited sessions. With Cisco CSG Release 7, the license model has changed from a concurrent session basis to a function basis. The base license now provides an unlimited number of subscribers, limited by hardware resource capacity and traffic mix. The Cisco CSG Release 7 license model is a three-tiered model based on functions used:
• Basic: Provides Layer 3 or Layer 4 content inspection and billing. In addition, lab trials or other noncommercial full function uses are provided by the BASIC license.
• Premium: Provides Layer 7 content inspection and billing and content filtering. This license does not include use of Advise of Charge (AOC) or RTSP features.
• Enhanced Premium: Provides full use of Cisco CSG functions, including the AOC and RTSP advanced product features.
Table 1. Cisco CSG Ordering Information
Cisco Content Services Gateway (CSG) Hardware
Cisco CSG Basic Layer 3/Layer 4 and Noncommercial Billing Support Software Release 7
Cisco CSG Premium Layer 7 Billing and Filtering Support Software Release 7
Cisco CSG Basic Software Upgrade from Release 6 to 7
Cisco CSG Premium Software Upgrade from Release 6 to 7
Cisco CSG Premium to Enhanced Premium Software Upgrade from Release 6 to 7
Cisco CSG Basic to Premium Software Upgrade
Cisco CSG Premium to Enhanced Premium Software Upgrade
Cisco CSG Basic to Enhanced Premium Software Upgrade
Table 2. Mobile Wireless Center for Cisco Mobile Exchange Ordering Information
Cisco CSG Service Manager 4.1 Software License. One software license is required for each Sun Solaris server.
Cisco CSG Service Manager 4.1 New Right-To-Use (RTU) License. One new RTU license is required for each Cisco CSG card running on Cisco CSG Software Release 6 or Release 7. Customers wanting to order additional RTU licenses without software should use product ordering number MWCX-CSG-4.1-RTU=.
Cisco CSG Service Manager 4.1 Device Upgrade Right-To-Use License. One device upgrade RTU license is required for each Cisco CSG card upgraded from Cisco CSG Software Release 6 to Release 7. Customers wanting to order additional RTU licenses without software should use product ordering number MWCX-CSUP-4.1-RTU=.
Cisco Mobile Wireless Fault Mediator 4.1 Solaris License
CiscoWorks LMS 2.5.1 Large Enterprise for Windows and Solaris, with unrestricted device license and one server-installation license
SERVICE AND SUPPORT
Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco Services, see Cisco Technical Support Services or Cisco Advanced Services.