Q. What is Cisco® Subscriber Edge Services Manager?
A. Cisco SESM is a set of software applications for delivering on-demand subscriber services across any Cisco Service Selection Gateway-enabled network. Cisco SESM integrates with operations support system (OSS) and business support system (BSS) applications for a complete service-control and service-management solution applicable to all access types including private wireless LAN (PWLAN), mobile, DSL, and cable.
Together with Cisco Service Selection Gateway, Cisco SESM allows service providers to deliver value-added, billable services; customize the user experience; enable on-demand services; and deploy new services rapidly.
Q. What is Cisco Service Selection Gateway?
A. Cisco Service Selection Gateway (SSG) is a Cisco IOS® Software feature module that provides on-demand service control for the Cisco Powered Network. Cisco SSG and Cisco SESM provide a solution encompassing TCP/IP redirection and user/subscriber portals, user authentication, dynamic service authorization and activation, accounting and billing support, and self-care.
Q. What is an example application of Cisco SESM and SSG?
A. Cisco SESM and SSG are widely deployed for PWLAN. In PWLAN deployments, Cisco SESM and SSG are used to control the user experience and determine how services are made available to users. Free services may be defined that are available to all users and tiered service offerings may be made available for subscription. When a user subscribes to service, Cisco SESM and SSG help enable the authentication and service connection and help ensure that proper accounting and billing information is maintained. Cisco SESM and SSG can be similarly deployed for other access types and Cisco SESM provides a great deal of flexibility in defining service offerings for specific deployments.
PRODUCT DETAILS
Q. What features does Cisco SESM provide?
A. Cisco SESM features include:
• Location Awareness-Cisco SESM obtains location information from Cisco SSG and can use this information to determine branding, available services, and access policies for a session. Location attributes that may be used include client IP address, client subnet, virtual path identifier/virtual channel identifier (VPI/VCI), Cisco SSG subinterface, and MSISDN
• Captive Portal-Cisco SESM captive portal is the gateway for TCP redirections coming from Cisco SSG and determines what action should be taken next, such as redirecting a connection to a Cisco SESM or external Web portal. Cisco SSG supports unauthenticated user, initial logon, unauthorized service, and advertising redirection.
• User/Subscriber Web Portals-Cisco SESM Web portals are reference implementations that can be customized and extended for specific deployments. They support session logon and logoff, personalized service lists, service connection and disconnection, session status messages, and advertising.
• User/Subscriber and Service Profile Management-Cisco SESM provides a Web-based facility for creating and maintaining user, service, and policy information used by Cisco SESM and SSG. This feature is available when Cisco SESM is deployed with a Lightweight Directory Access Protocol (LDAP) directory and the Cisco Security Policy Engine (SPE) component.
• Self-Care-Cisco SESM supports self-registration, account self-management, service self-subscription, subaccount management, and personal firewall provisioning. These features are available when Cisco SESM is deployed with an LDAP directory and the Cisco SPE component.
• Compatibility-Cisco SESM provides support for PWLAN users regardless of their Web proxy and DNS settings.
• Web Services Gateway (WSG)-Cisco SESM provides a Simple Object Access Protocol (SOAP) and Extensible Markup Language (XML) interface for third-party or customer portal applications and subscriber management systems to access service-activation functions.
• Software Development Kit-Cisco SESM provides a set of Java class libraries and supporting documentation that can be used to customize or build new software components for a Cisco SESM application.
Q. What is new in Cisco SESM?
A. The following features are new in Cisco SESM 3.3:
• Location-Specific Free Services-Cisco SESM location-awareness features have been enhanced to support the provisioning of free services ("white lists") based on attributes such as client IP address, client subnet, MAC address, VPI/VCI, Cisco SSG subinterface, and ISDN. Cisco SESM 3.3 also supports the update of location and white-list configurations dynamically.
• iPass Client Support-iPass offers mobile users access to the world's largest virtual network. Cisco SESM supports authentication for iPass customers using the iPassConnect universal client or logging in through the Cisco SESM Web portal.
• Trusted ID Support-Cisco Access Registrar and Cisco SESM support implicit authentication based on the Cisco SSG Transparent Auto Logon (TAL) feature. The trusted ID may be a MAC or IP address. This provides an "always-on" subscriber experience after initial authentication.
Q. How does Cisco SESM store subscriber and service information?
A. Cisco SESM accesses a RADIUS server or LDAP-compliant directory for subscriber and service profile information. The customer must provide the RADIUS server or LDAP server.
When integrated with RADIUS, Cisco SESM works with any RADIUS-based server that accepts vendor-specific attributes such as Cisco Access Registrar. When integrated with an LDAP directory, the Cisco Subscriber Policy Engine (SPE) component of Cisco SESM provides the necessary libraries and directory schema extensions. An SPE deployment supports subscriber self-care activities and role-based access control (RBAC).
Q. How does Cisco SESM integrate with subscriber management systems?
A. The Cisco SESM and SSG solution architecture supports integration with third-party or customer subscriber-management systems that provide RADIUS or LDAP interfaces. Cisco Systems® publishes the vendor-specific attributes and the directory schema required to allow a subscriber-management system to manage Cisco SESM and SSG subscriber and service profile information.
Q. How does Cisco SESM with billing systems?
A. Cisco SSG interfaces with billing systems using standard RADIUS accounting. Additionally, the Cisco SSG prepaid feature allows integration with a prepaid billing server to allow access to a service based on time (seconds) or volume (bytes).
PRODUCT SUPPORT AND AVAILABILITY
Q. How is Cisco SESM supported?
A. Cisco offers Software Application Support (SAS). The Cisco Technical Assistance Center (TAC) supports Cisco SESM as shipped, and assists with installation configuration and troubleshooting issues.
Q. How is Cisco SESM customized?
A. Cisco SESM supports interface customization without extensive JavaServer Pages (JSP) or Java programming. Further customization is available by modifying the JSP or by using the Cisco SESM platform software development kit to extend Cisco SESM capabilities.
A. Cisco SESM applications run on any platform that supports the Java Runtime Environment (JRE). Table 1 lists the verified platforms. See the Cisco SESM release notes for additional system requirements.
Table 1. System Requirements
Platform
Specifications
Solaris
Solaris Version 8 or 9
Windows
Windows 2000 Service Pack 4 or later
Linux
Red Hat Enterprise Linux ES/AS Version 3
Q. What Cisco SSG devices does Cisco SESM support?
A. Cisco SESM currently works with the following devices running Cisco IOS Software Release 12.2.(4)B or later with Cisco SSG enabled:
Consult Cisco for current device support. Certain Cisco SESM and SSG features require specific Cisco IOS Software releases. See the product release notes for additional information.
Q. Is Cisco SESM available for evaluation?
A. Yes. The Cisco SESM software is available for evaluation. Cisco SESM also supports a demo mode that can demonstrate the Cisco SESM Web portal without requiring Cisco SSG, a RADIUS server, or LDAP directory.
