Cisco Service Control and Cisco Service Control Engine Overview
This chapter presents an overview of the Cisco Service Control solution operating with the Cisco Service Control Engine (SCE). The Collection Manager uses the hardware capabilities of the Cisco SCE platform. It identifies the combination of Cisco-specific applications that create the Cisco Service Control solution.
•Cisco Service Control Solution
•Cisco Service Control and Cisco SCE Capabilities
•Cisco SCE Platform Description
•Management and Collection
Cisco Service Control Solution
The Cisco Service Control solution combines hardware and software components. Service providers can use the SCE platform to classify, analyze, and control Internet and IP traffic.
Service Control for Broadband Service Providers
TheCisco SCA BB adds a layer of service intelligence and control to existing networks that can:
•Report and analyze network traffic at subscriber and aggregate level for capacity planning
•Provide customer-intuitive tiered application services and guarantee application service level agreements (SLAs)
•Implement different service levels for different types of customers, content, or applications
•Identify network abusers who are violating the acceptable use policy (AUP)
•Enforce the AUP
•Identify and manage peer-to-peer traffic, NNTP (news) traffic, and spam abusers
•Integrate Service Control solutions easily with existing network elements and business support systems (BSS) and operational support systems (OSS)
Cisco Service Control and Cisco SCE Capabilities
The core capabilities of the SCE platform that supports a wide range of applications for delivering service control solutions, include:
•Subscriber and application awareness—Application-level investigation of IP traffic to understand and control its use down to the subscriber level.
–Subscriber awareness—The ability to map IP flows to a subscriber. The status of each eligible subscriber is maintained. An eligible subscriber transmits traffic through the SCE platform. Subscriber awareness enforces the appropriate policy on subscriber traffic.
The Cisco Service Control solution achieves subscriber awareness through dedicated integrations with subscriber management repositories. (DHCP or RADIUS servers are examples of subscriber management repositories.) The Cisco Service Control solution also achieves subscriber awareness by sniffing RADIUS or DHCP traffic.
–Application awareness—The ability to understand and analyze traffic up to the application protocol layer (Layer 7).
For application protocols implemented using bundled flows, the SCE platform processes and manages the bundling connection between the flows.
•Application-layer, stateful, real-time traffic control—The ability to perform advanced control functions using application-layer, stateful, real-time traffic transaction processing. This processing requires a highly adaptive protocol and an application-level intelligence. Advanced control functions include granular bandwidth metering and shaping, quota management, and redirection.
•Programmability—The ability to add new protocols and to adapt to new services and applications in the service provider environment. Programmability is achieved by using the Cisco Service Modeling Language (SML).
Programmability enables a service provider to deploy new services. Programmability also provides an upgrade path for network, application, or service growth.
•Back-office integration—The ability to integrate with existing third-party systems that are available through the service provider. These systems include provisioning, subscriber repositories, billing systems, and Operations Support Systems (OSS). SCE provides a set of open and documented APIs that support this integration.
•Scalable high-performance service engines—The ability to perform all of the operations described in this section at wire speed.
Cisco SCE Platform Description
The SCE family of programmable network devices performs application-layer stateful-flow inspection of IP traffic, and controls the traffic based on configurable rules. The SCE platform is a network device that uses ASIC components and reduced instruction set computer (RISC) processors to go beyond packet counting and to go into the contents of network traffic. By providing programmable, stateful inspection of bidirectional traffic flows, and mapping these flows with user ownership, SCE platforms perform real-time classification of network use. This classification is the basis of the SCE platform's advanced traffic-control and bandwidth-shaping functionality. Where most bandwidth shaper functionality ends, the SCE platform provides further control and shaping options, including:
•Layer 7 stateful wire-speed packet inspection and classification
•Robust support for more than 600 protocols and applications, including:
–General—HTTP, HTTPS, FTP, Telnet, Network News Transfer Protocol (NNTP), Simple Mail Transfer Protocol (SMTP), Post Office Protocol 3 (POP3), Internet Message Access Protocol (IMAP), Wireless Application Protocol (WAP), and others
–Peer-to-Peer (P2P) file sharing—FastTrack-KazaA, Gnutella, BitTorrent, Winny, Hotline, eDonkey, DirectConnect, Piolet, and others
–P2P VoIP—Skype, Skinny, DingoTel, and others
–Streaming and Multimedia—Real Time Streaming Protocol (RTSP), Session Initiation Protocol (SIP), HTTP streaming, Real Time Protocol (RTP), and Real Time Control Protocol (RTCP), and others
•Programmable system core for flexible reporting and bandwidth control
•Transparent network and Billing System Support (BSS) and OSS integration into existing networks
•Subscriber awareness that relates traffic and usage to specific customers
Figure 1-1 illustrates a common deployment of an SCE platform in a network.
Figure 1-1 SCE Platform in a Network
Management and Collection
The Cisco Service Control solution has a management infrastructure, which includes the following components to manage all aspects of the solution:
•Service Control management
These management interfaces comply with common management standards and integrate with existing OSS infrastructure (Figure 1-2).
Figure 1-2 Cisco Service Control Management Infrastructure
The Cisco Service Control solution provides complete network Fault, Configuration, Accounting, Performance, Security (FCAPS) Management.
Two interfaces provide network management:
•Command-line interface (CLI)—Accessible through the Console port or through a Telnet connection, use the CLI for configuration and security functions.
•SNMP—Provides fault management (through SNMP traps) and performance-monitoring functionalities.
The Cisco Service Control Application for Broadband (SCA BB) enforces policies on different subscribers and tracks usage on an individual subscriber basis. The Cisco Subscriber Manager is middleware used to bridge between the OSS and the SCE platforms. Subscriber information is stored in the Subscriber Manager database. You can distribute subscriber information between multiple platforms according to the actual subscriber placement.
The Subscriber Manager provides subscriber awareness by mapping network IDs to subscriber IDs. It can obtain subscriber information by using dedicated integration modules that integrate with Authentication, Authorization, and Accounting (AAA) devices, such as RADIUS servers or DHCP servers.
You can obtain subscriber information in the following ways:
•Push Mode—The Subscriber Manager pushes subscriber information to the SCE platform automatically when a subscriber logs in.
•Pull Mode—The Subscriber Manager sends subscriber information to the SCE platform in response to a query from the SCE platform.
Service Configuration Management
Service configuration management enables you to configure the general service definitions of a service control application. You create a service configuration file and apply it to an SCE platform. The configuration file contains settings for traffic classification, accounting and reporting, and control.
The SCA BB application provides tools that enable you to automate the distribution of these configuration files to SCE platforms. This standards-based approach enables you to manage multiple devices in a large network.
Service Control provides a GUI for creating and editing configuration files. Service Control also provides a set of APIs for automating the creation of configuration files.
Data collection occurs in the Collection Manager from:
1. All analysis and data processing functions of the SCE platform result in the generation of Raw Data Records (RDRs), which the SCE platform forwards using a simple TCP-based protocol and a RDR protocol.
2. The Collection Manager processes the RDRs.
3. The Collection Manager software is an implementation of a collection system that receives RDRs from one or more SCE platforms. It collects these records and processes them in one of its adapters. Each adapter performs a specific action on the RDR.
RDRs contain various information and statistics, depending on the configuration of the system. Three main categories of RDRs include:
•Transaction RDRs—Records generated for each transaction. A transaction is a single event detected in network traffic. The identification of a transaction depends on the particular application and protocol.
•Subscriber Usage RDRs—Records generated per subscriber, which describe the traffic generated by that subscriber for a defined interval.
•Link RDRs—Records generated per link, which describe the traffic carried on the link for a defined interval.