Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco Service Control Application for Broadband

Cisco Service Control Application for Broadband User Guide, Rel 3.0.5 (HTML)

SCA BB User Guide

Preface
Document Revision History
Audience
Organization
Related Documentation
Conventions
Obtaining Documentation
World Wide Web
Documentation CD-ROM
Ordering Documentation
Documentation Feedback
Obtaining Technical Assistance
Cisco.com
Technical Assistance Center
1. General Overview
The Cisco Service Control Concept
Service Control for Broadband Service Providers
Cisco Service Control Capabilities
The SCE Platform
Management and Collection
Network Management
Subscriber Management
Service Configuration Management
Data Collection
2. System Overview
System Components
Subscribers and Subscriber Modes
Subscriberless Mode
Anonymous Subscriber Mode
Static Subscriber Mode
Subscriber-Aware Mode
Subscriber Modes: Summary
Service Configuration
The Console
Service Configuration Utility
Service Configuration API
3. Traffic Processing Overview
Traffic Processing
Traffic Classification
Services
Protocols
Initiating Side
Zones
Flavors
Mapping Flow Attributes to Services
Traffic Accounting and Reporting
Usage Accounting
RDRs
Traffic Control
Packages
Unknown Subscriber Traffic
Rules
Bandwidth Management
Quota Management
Other Traffic Processing Features
Service Security
Traffic Filters
Traffic Forwarding to Value Added Services Servers
Service Configurations
Defining Service Configurations in Practice
4. Getting Started
Installing SCA BB
Prerequisites
The SCA BB Installation Package
Installing SCA BB Front Ends
Installing SCA BB Application Components
Upgrading SCA BB
Upgrading from Version 2.5 to Version 3.0.5
Upgrading from Version 3.0.x to Version 3.0.5
Upgrading the SCA BB Service Configuration Utility
Installing Protocol Packs
Protocol Packs
Updating Protocols
Hitless Upgrade of the SLI
Launching the Console
Using the Console
The Network Navigator Tool
The Service Configuration Editor Tool
The Signature Editor Tool
The Subscriber Manager GUI Tool
The Reporter Tool
Accessing Online Help
Quick Start with the Console
5. Using the Network Navigator
The Network Navigator Tool
Managing Sites
Adding a Site to the Site Manager
Adding Devices to a Site
Deleting Sites
Managing Devices
Password Management
Managing SCE Devices
Managing SM Devices
Managing CM Devices
Managing Database Devices
Working with Network Navigator Configuration Files
Exporting a Network Navigator Configuration
Importing a Network Navigator Configuration
Network Settings Requirements
Firewall/NAT Requirements
User Authentication
6. Using the Service Configuration Editor
The Service Configuration Editor Tool
Managing Service Configurations
Adding New Service Configurations
Opening Existing Service Configurations
Saving the Current Service Configuration
Closing Service Configurations
Exporting Service Configuration Data
Importing Service Configuration Data
Applying and Retrieving Service Configurations
7. Using the Service Configuration Editor: Traffic Classification
Managing Services
Service Parameters
Viewing Services
Adding and Defining Services
Editing Services
Deleting Services
Managing Service Elements
Managing Protocols
Viewing Protocols
Adding Protocols
Editing Protocols
Deleting Protocols
Managing Protocol Elements
Managing Zones
Viewing Zones
Adding Zones
Editing Zones
Deleting Zones
Managing Zone Items
Managing Protocol Signatures
Viewing Signatures
Dynamic Signatures
Managing Flavors
Flavor Types and Parameters
Viewing Flavors
Adding Flavors
Editing Flavors
Deleting Flavors
Managing Flavor Items
Managing Content Filtering
Content Filtering Overview
Installing the SurfControl CPA Server
Configuring the Cisco CPA Client
Managing Content Filtering Settings
8. Using the Service Configuration Editor: Traffic Accounting and Reporting
Managing Usage Counters
Managing RDR Settings
Managing Usage RDRs
Managing Transaction RDRs
Managing Quota RDRs
Managing Transaction Usage RDRs
Managing Log RDRs
Managing Real-Time Subscriber Usage RDRs
Managing Real-Time Signaling RDRs
9. Using the Service Configuration Editor: Traffic Control
Managing Packages
Package Parameters
Viewing Packages
Adding Packages
Duplicating Packages
Editing Packages
Deleting Packages
Unknown Subscriber Traffic
Managing Rules
Viewing the Rules of a Package
The Default Service Rule
Rule Hierarchy
Adding Rules to a Package
Editing Rules
Deleting Rules
Displaying the Services Affected by a Rule
Managing Time-Based Rules
Managing Calendars
Managing Bandwidth
Managing Global Bandwidth
Viewing Global Controller Settings
Editing the Total Link Limits
Adding Global Controllers
Setting Maximum Bandwidth of Global Controllers
Deleting Global Controllers
Defining Global Controllers in a Dual-Link System
Managing Subscriber Bandwidth
Managing Bandwidth: a Practical Example
Setting BW Management Prioritization Mode
Managing Quotas
Editing Package Quota Management Settings
Selecting Quota Buckets for Rules
Breach-Handling Parameters
Editing Breach-Handling Parameters for a Rule
10. Using the Service Configuration Editor: Additional Options
The Service Security Dashboard
Viewing the Service Security Dashboard
Worm Detection
Managing Anomaly Detection
Spam Detection
Viewing Malicious Traffic Reports
Filtering the Traffic Flows
Viewing Filter Rules
Adding Filter Rules
Editing Filter Rules
Deleting Filter Rules
Activating and Deactivating Filter Rules
Managing Subscriber Notifications
Subscriber Notification Parameters
Viewing Subscriber Notifications
Adding Subscriber Notifications
Editing Subscriber Notifications
Deleting Subscriber Notifications
Network Attack Notification
Managing the System Settings
Setting the Operational Mode of the System
Setting Redirection Parameters
Managing Advanced Service Configuration Options
Managing VAS Traffic-Forwarding Settings
Enabling VAS Traffic Forwarding
Renaming VAS Server Groups
Viewing VAS Traffic Forwarding Tables
Deleting VAS Traffic-Forwarding Tables
Adding VAS Traffic-Forwarding Tables
Managing VAS Table Parameters
11. Using the Subscriber Manager GUI Tool
The SM GUI Tool
Connecting to an SCMS-SM
Working with Subscriber CSV Files
Importing Subscriber Files
Exporting Subscriber Files
Managing Subscribers
Subscriber Information
Finding and Selecting Subscribers
Adding Subscribers
Editing Subscribers
Deleting Subscribers
12. Using the Signature Editor
Managing DSS Files
DSS File Components
Creating DSS Files
Editing DSS Files
Importing Signatures
The Signature Editor Console
13. Additional Management Tools and Interfaces
The SCA BB Service Configuration Utility
Using the SCA BB Service Configuration Utility
SCA BB Service Configuration Utility Examples
The SCA BB Real-Time Monitoring Configuration Utility
Using the SCA BB Real-Time Monitoring Configuration Utility
SCA BB Real-Time Monitoring Configuration Utility Examples
The User Configuration File
rtmcmd User Configuration File Example
The SCA BB Signature Configuration Utility
Using the SCA BB Signature Configuration Utility
SCA BB Signature Configuration Utility Examples
Installing PQI Files from the Command Line
Installing a SCA BB PQI File on an SCE Platform
Installing a SCA BB PQI File on an SM Device
SNMP, MIB, and Traps: Overview
SNMP
MIB
Traps
Managing Subscribers via Other System Components
Anonymous Subscriber Mode
Selecting Subscribers for Real-Time Usage Monitoring
Subscriber-Aware Mode
Managing CSV Files

Preface

This preface describes who should read the Cisco Service Control Application for Broadband User Guide, how it is organized, its document conventions, and how to obtain documentation and technical assistance.

This guide assumes a basic familiarity with the concept of the Service Control solution, the Service Control Engine (SCE) platforms, and related components.

Document Revision History

Cisco Service Control Release

Part Number

Publication Date

Release 3.0.5

OL-7205-04

November, 2006

Description of Changes

Added the following new feature:

Added the following section to the document:

Cisco Service Control Release

Part Number

Publication Date

Release 3.0.3

OL-7205-03

May, 2006

Description of Changes

Added the following new features:

Removed the following deprecated feature:

  • Attack Filtering and Subscriber Notification

Added the following section to the document:

  • Upgrading from Version 3.0.0 to Version 3.0.3

Cisco Service Control Release

Part Number

Publication Date

Release 3.0.0

OL-7205-02

December, 2005

Description of Changes

Document name changed to Cisco Service Control Application for Broadband User Guide.

Both the look-and-feel and the functionality of the Cisco Service Control Application for Broadband (SCA BB) Console were redesigned for version 3.0. Consequently, this document underwent a major rewrite. The major changes in this document are listed below.

  • Appendixes B, C, D of the 2.5.5 release user guide were moved to a new document: the Cisco Service Control Application for Broadband Reference Guide.

  • Chapter 8 and Appendix A of the 2.5.5 release user guide were moved to a new document: the Cisco Service Control Application Suite Reporter User Guide.

  • The Cisco Service Control Application Suite for Broadband Installation Guide was deprecated; it forms the basis for part of the Getting Started chapter.

  • Chapter 5 of the 2.5.5 release user guide (Constructing Service Configurations) was completely rewritten and split into three chapters.

  • New chapters were added for the new tools included in the Console: the Network Navigator tool and the Signature Editor tool.

Release 2.5.5

OL-7205-01

February, 2005

Description of Changes

Created the Cisco Service Control Application Suite for Broadband User Guide.

Audience

This guide is intended for the administrator who is responsible for daily operation of the Cisco Service Control solution and who uses the many features of the Console to gain visibility into, and control over, the distribution of network resources.

Organization

This guide is organized as follows:

Chapter

Title

Description

Chapter 1

General Overview

Provides a general overview of the Cisco Service Control solution.

Chapter 2

System Overview

Provides a functional overview of the Cisco Service Control solution.

Chapter 3

Traffic Processing Overview

Provides a technical overview of the Cisco Service Control solution.

Chapter 4

Getting Started

Guides you through the process of installing or upgrading SCA BB and describes the concept of the Console as a collection of tools.

Chapter 5

Using the Network Navigator

Explains how to use the Network Navigator to create a model of all devices that are part of the Cisco Service Control solution and how to manage the devices remotely.

Chapter 6

Using the Service Configuration Editor

Explains how to use the Service Configuration Editor to manage service configurations.

Chapter 7

Using the Service Configuration Editor: Traffic Classification

Explains how to configure service configurations to perform traffic classification.

Chapter 8

Using the Service Configuration Editor: Traffic Accounting and Reporting

Explains how to configure service configurations to perform traffic reporting.

Chapter 9

Using the Service Configuration Editor: Traffic Control

Explains how to configure service configurations to perform traffic control.

Chapter 10

Using the Service Configuration Editor: Additional Options

Documents additional, advanced options available in the Service Configuration Editor.

Chapter 11

Using the Subscriber Manager GUI Tool

Explains how to use the SM GUI tool to configure subscribers on the SCMS-SM database.

Chapter 12

Using the Signature Editor

Documents the Signature Editor tool, which can create files for updating protocols in SCA BB.

Chapter 13

Additional Management Tools and Interfaces

Documents and explains other tools that are available for use with SCA BB.

Related Documentation

The following publications are available for theCisco Service Control Application for Broadband:

  • Cisco Service Control Application for Broadband Reference Guide

  • Cisco Service Control Application for Broadband Service Configuration API Programmer Guide

  • Cisco Service Control Management Suite Collection Manager User Guide

  • Cisco Service Control Management Suite Subscriber Manager User Guide

  • Cisco Service Control Application Reporter User Guide

  • The SCE platform installation and configuration guides:

    • Cisco SCE 1000 2xGBE Installation and Configuration Guide

    • Cisco SCE 2000 4xGBE Installation and Configuration Guide

    • Cisco SCE 2000 4/8xFE Installation and Configuration Guide

  • Cisco Service Control Engine (SCE) CLI Command Reference

  • Cisco Service Control Engine (SCE) Software Configuration Guide

Conventions

This document uses the following conventions:

Convention

Description

boldface font

Commands and keywords are in boldface.

italic font

Arguments for which you supply values are in italics.

[ ]

Elements in square brackets are optional.

{x | y | z}

Alternative keywords are grouped in braces and separated by vertical bars.

[x | y | z]

Optional alternative keywords are grouped in brackets and separated by vertical bars.

string

A nonquoted set of characters. Do not use quotation marks around the string, or the string will include the quotation marks.

screen font

Terminal sessions and information that the system displays are in screen font.

boldface screen font

Information you must enter is in boldface screen font.

italic screen font

Arguments for which you supply values are in italic screen font.

< >

Nonprinting characters, such as passwords, are in angle brackets.

[ ]

Default responses to system prompts are in square brackets.

!, #

An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line.

Note

Means reader take note. Notes contain helpful suggestions or references to materials not covered in this manual.

Caution

Means reader be careful. In this situation, you might do something that could result in loss of data.

Obtaining Documentation

The following sections provide sources for obtaining documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at the following sites:

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package that ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.

Ordering Documentation

Cisco documentation is available in the following ways:

  • Registered Cisco Direct Customers can order Cisco Product documentation from the networking Products MarketPlace:

    http://www.cisco.com/public/ordsum.html

  • Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

    http://www.cisco.com/pcgi-bin/marketplace/welcome.pl

  • Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, in North America, by calling 800 553-NETS(6387).

Documentation Feedback

If you are reading Cisco product documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.

You can e-mail your comments to bug-doc@cisco.com.

To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:

Attn Document Resource Connection Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For Cisco.com registered users, additional troubleshooting tools are available from the TAC website.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at any time, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.

Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online technical support, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.

Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.

To access Cisco.com, go to http://www.cisco.com.

Technical Assistance Center

The Cisco Technical Assistance Center (TAC) website is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.

Contacting TAC by Using the Cisco TAC Website

If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to the TAC website http://www.cisco.com/tac.

P3 and P4 level problems are defined as follows:

  • P3—Your network is degraded. Network functionality is noticeably impaired, but most business operations continue.

  • P4—You need information or assistance on Cisco product capabilities, product installation, or basic product configuration.

In each of the above cases, use the Cisco TAC website to quickly find answers to your questions.

To register for Cisco.com, go to http://tools.cisco.com/RPF/register/register.do.

If you cannot resolve your technical issue by using the TAC online resources, Cisco.com registered users can open a case online by using the TAC Case Open tool at http://www.cisco.com/tac/caseopen.

Contacting TAC by Telephone

If you have a priority level 1 (P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml.

P1 and P2 level problems are defined as follows:

  • P1—Your production network is down, causing a critical impact to business operations if service is not restored quickly. No workaround is available.

  • P2—Your production network is severely degraded, affecting significant aspects of your business operations. No workaround is available.

Chapter 1. General Overview

This chapter provides a general overview of the Cisco Service Control solution. It introduces the Cisco Service Control concept and the Service Control capabilities. It also briefly describes the hardware capabilities of the Service Control Engine (SCE) platform and the Cisco specific applications that together compose the total Cisco Service Control solution.

The Cisco Service Control Concept

The Cisco Service Control solution is delivered through a combination of purpose-built hardware and specific software solutions that address various service control challenges faced by service providers. The SCE platform is designed to support classification, analysis, and control of Internet/IP traffic.

Service Control enables service providers to create profitable new revenue streams while capitalizing on their existing infrastructure. With the power of Service Control, service providers have the ability to analyze, charge for, and control IP network traffic at multigigabit wire line speeds. The Cisco Service Control solution also gives service providers the tools they need to identify and target high-margin content-based services and to enable their delivery.

As the downturn in the telecommunications industry has shown, IP service providers’ business models need to be reworked to make them profitable. Having spent billions of dollars to build ever larger data links, providers have incurred massive debts and faced rising costs. At the same time, access and bandwidth have become commodities where prices continually fall and profits disappear. Service providers have realized that they must offer value-added services to derive more revenue from the traffic and services running on their networks. However, capturing real profits from IP services requires more than simply running those services over data links; it requires detailed monitoring and precise, real-time control and awareness of services as they are delivered. Cisco provides Service Control solutions that allow the service provider to bridge this gap.

Service Control for Broadband Service Providers

Service providers of any access technology (DSL, cable, mobile, and so on) targeting residential and business consumers must find new ways to get maximum leverage from their existing infrastructure, while differentiating their offerings with enhanced IP services.

The Cisco Service Control Application for Broadband adds a new layer of service intelligence and control to existing networks that can:

  • Report and analyze network traffic at subscriber and aggregate level for capacity planning

  • Provide customer-intuitive tiered application services and guarantee application SLAs

  • Implement different service levels for different types of customers, content, or applications

  • Identify network abusers who are violating the Acceptable Use Policy

  • Identify and manage peer-to-peer, NNTP (news) traffic, and spam abusers

  • Enforce the Acceptable Use Policy (AUP)

  • Integrate Service Control solutions easily with existing network elements and BSS/OSS systems

Cisco Service Control Capabilities

The core of the Cisco Service Control solution is the purpose-built network hardware device: the Service Control Engine (SCE). The core capabilities of the SCE platform, which support a wide range of applications for delivering Service Control solutions, include:

  • Subscriber and application awareness—Application-level drilling into IP traffic for real-time understanding and controlling of usage and content at the granularity of a specific subscriber.

    • Subscriber awareness—The ability to map between IP flows and a specific subscriber in order to maintain the state of each subscriber transmitting traffic through the SCE platform and to enforce the appropriate policy on this subscriber’s traffic.

      Subscriber awareness is achieved either through dedicated integrations with subscriber management repositories, such as a DHCP or a Radius server, or via sniffing of Radius or DHCP traffic.

    • Application awareness—The ability to understand and analyze traffic up to the application protocol layer (Layer 7).

      For application protocols implemented using bundled flows (such as FTP, which is implemented using Control and Data flows), the SCE platform understands the bundling connection between the flows and treats them accordingly.

  • Application-layer, stateful, real-time traffic control—The ability to perform advanced control functions, including granular BW metering and shaping, quota management, and redirection, using application-layer stateful real-time traffic transaction processing. This requires highly adaptive protocol and application-level intelligence.

  • Programmability—The ability to quickly add new protocols and easily adapt to new services and applications in the ever-changing service provider environment. Programmability is achieved using the Cisco Service Modeling Language (SML).

    Programmability allows new services to be deployed quickly and provides an easy upgrade path for network, application, or service growth.

  • Robust and flexible back-office integration—The ability to integrate with existing third-party systems at the Service Provider, including provisioning systems, subscriber repositories, billing systems, and OSS systems. The SCE provides a set of open and well-documented APIs that allows a quick and robust integration process.

  • Scalable high-performance service engines—The ability to perform all these operations at wire speed.

The SCE Platform

The SCE family of programmable network devices is capable of performing application-layer stateful-flow inspection of IP traffic, and controlling that traffic based on configurable rules. The SCE platform is a purpose-built network device that uses ASIC components and RISC processors to go beyond packet counting and delve deeper into the contents of network traffic. Providing programmable, stateful inspection of bidirectional traffic flows and mapping these flows with user ownership, the SCE platforms provide real-time classification of network usage. This information provides the basis of the SCE platform advanced traffic-control and bandwidth-shaping functionality. Where most bandwidth shaper functionality ends, the SCE platform provides more control and shaping options, including:

  • Layer 7 stateful wire-speed packet inspection and classification

  • Robust support for over 600 protocols and applications, including:

    • General—HTTP, HTTPS, FTP, TELNET, NNTP, SMTP, POP3, IMAP, WAP, and others

    • P2P file sharing—FastTrack-KazaA, Gnutella, BitTorrent, Winny, Hotline, eDonkey, DirectConnect, Piolet, and others

    • P2P VoIP—Skype, Skinny, DingoTel, and others

    • Streaming and Multimedia—RTSP, SIP, HTTP streaming, RTP/RTCP, and others

  • Programmable system core for flexible reporting and bandwidth control

  • Transparent network and BSS/OSS integration into existing networks

  • Subscriber awareness that relates traffic and usage to specific customers

The following diagram illustrates a common deployment of an SCE platform in a network.

Figure 1.1. SCE Platform in the Network

SCE Platform in the Network

Management and Collection

The Cisco Service Control solution includes a complete management infrastructure that provides the following management components to manage all aspects of the solution:

  • Network management

  • Subscriber management

  • Service Control management

These management interfaces are designed to comply with common management standards and to integrate easily with existing OSS infrastructure.

Figure 1.2. Service Control Management Infrastructure

Service Control Management Infrastructure

Network Management

Cisco provides complete network FCAPS (Fault, Configuration, Accounting, Performance, Security) Management.

Two interfaces are provided for network management:

  • Command-line interface (CLI)—Accessible through the Console port or through a Telnet connection, the CLI is used for configuration and security functions.

  • SNMP—Provides fault management (via SNMP traps) and performance monitoring functionality.

Subscriber Management

Where the Cisco Service Control Application for Broadband (SCA BB) enforces different policies on different subscribers and tracks usage on an individual subscriber basis, the Cisco Service Control Management Suite (SCMS) Subscriber Manager (SM) may be used as middleware software for bridging between the OSS and the SCE platforms. Subscriber information is stored in the SM database and can be distributed between multiple platforms according to actual subscriber placement.

The SM provides subscriber awareness by mapping network IDs to subscriber IDs. It can obtain subscriber information using dedicated integration modules that integrate with AAA devices, such as Radius or DHCP servers.

Subscriber information may be obtained in one of two ways:

  • Push Mode—The SM pushes subscriber information to the SCE platform automatically upon logon of a subscriber.

  • Pull Mode—The SM sends subscriber information to the SCE platform in response to a query from the SCE platform.

Service Configuration Management

Service configuration management is the ability to configure the general service definitions of a service control application. A service configuration file containing settings for traffic classification, accounting and reporting, and control is created and applied to an SCE platform. SCA BB provides tools to automate the distribution of these configuration files to SCE platforms. This simple, standards-based approach makes it easy to manage multiple devices in a large network.

Service Control provides an easy-to-use GUI to edit and create these files and a complete set of APIs to automate their creation.

Data Collection

The Cisco Service Control solution generates usage data and statistics from the SCE platform and forwards them as Raw Data Records (RDRs), using a simple TCP-based protocol (RDR-Protocol). The Cisco Service Control Management Suite (SCMS) Collection Manager (CM) software implements the collection system, listening in on RDRs from one or more SCE platforms and processing them on the local machine. The data is then stored for analysis and reporting functions, and for the collection and presentation of data to additional OSS systems such as billing.

Chapter 2. System Overview

The Cisco Service Control Application for Broadband (SCA BB) is the Cisco Service Control solution that allows broadband service providers to gain network-traffic visibility, to control the distribution of network resources, and thereby to optimize traffic in accordance with their business strategies. It enables service providers to reduce network costs, improve network performance and customer experience, and create new service offerings and packages.

System Components

The Cisco Service Control solution consists of four main components:

  • The Service Control Engine (SCE) platform—A flexible and powerful dedicated network-usage monitor that is purpose-built to analyze and report on network transactions at the application level.

    For complete information regarding the installation and operation of the SCE platform, see the Cisco SCE Platform Installation and Configuration Guides.

  • The Service Control Management Suite (SCMS) Subscriber Manager (SM)—A middleware software component used where dynamic binding of subscriber information and policies is required. The SM manages subscriber information and provisions it in real time to multiple SCE platforms. The SM can store subscriber policy information internally, and act as a stateful bridge between the AAA system (such as Radius and DHCP) and the SCE platforms.

    For complete information regarding the installation and operation of the SM, see theCisco Service Control Management Suite Subscriber Manager User Guide.

    The Quota Manager (QM) is an optional component of the Subscriber Manager. It enables Service Control solution providers to manage subscriber quota across subscriber sessions with a high degree of flexibility.

    For complete information regarding the installation and operation of the QM, see the Cisco Service Control Management Suite Quota Manager Solution Guide.

  • The Service Control Management Suite (SCMS) Collection Manager (CM)—An implementation of a collection system that receives Raw Data Records (RDRs) from one or more SCE platforms. It collects usage information and statistics, and stores them in a database. The CM also converts subscriber usage information and statistics into simple text-based files for further processing and collection by external systems.

    For complete information regarding the installation and operation of the CM, see theCisco Service Control Management Suite Collection Manager User Guide.

  • The Service Control Application (SCA) Reporter—A software component that processes data stored by the CM and provides a set of insightful reports from this data. The SCA Reporter can run as a standalone or as an integrated part of the Console.

Together, the SCE platform, the SCMS-CM, the SCMS-SM, and the SCA Reporter are designed to support detailed classification, analysis, reporting, and control of IP network traffic. The SCMS-CM, the SCA Reporter, and the SCMS-SM are optional components; not all deployments of the Cisco Service Control solution require them. Sites that employ third-party collection and reporting applications, those that do not require dynamic subscriber-aware processing, and those that use a Radius or DHCP sniffing option may not require all of these components.

The following figure illustrates the flow of information in the Cisco Service Control solution.

  • Horizontal flow—Represents traffic between subscribers and an IP network.

    The SCE platform monitors traffic flow.

  • Vertical flow—Represents transmission of the Raw Data Records (RDRs) from the SCE platform to the CM.

    The SM may be added to the control flow to provide subscriber data. This allows SCA BB to conduct subscriber-level analysis and control.

Figure 2.1. Flow of Information in the Cisco Service Control Application for Broadband

Flow of Information in the Cisco Service Control Application for Broadband

Subscribers and Subscriber Modes

One of the fundamental entities in the Cisco Service Control solution is a subscriber. A subscriber is the most granular entity on which SCA BB can individually monitor, account, and enforce a policy. In the most granular instance of the SCA BB system a subscriber, is an actual customer of the service provider on whom an individual policy is implemented. However, you can also to use SCA BB to monitor and control traffic at a higher granularity, such as when monitoring or controlling traffic by subnets or aggregation devices.

One of the most important decisions to be made when designing a service control solution is what subscribers in the system represent. This determines which subscriber mode will be used, which in turn determines what (if any) integrations are required and what policies to define. The following sections describe the different subscriber modes supported and, for each mode, the functions supported, any prerequisites, and the components needed.

SCA BB supports the following four subscriber modes:

  • Subscriberless mode—No subscribers are defined. Control and link-level analysis functions are provided at a global platform resolution.

  • Anonymous subscriber mode—IP addresses are controlled and monitored individually. The SCE platform automatically identifies IP addresses as they are used and assigns them to a package.

  • Static subscriber mode—Incoming IP addresses are bound and grouped statically into “subscribers” as configured by the system operator.

  • Subscriber-aware mode—Subscriber information is dynamically bound to the IP address currently in use by the subscriber. This can be achieved by integrating with the system (Radius, DHCP) that assigns IP addresses to subscribers, or by sniffing this information. Policy information is either administered to SCA BB directly or provisioned dynamically via an integration.

Subscriberless Mode

Subscriberless mode is the choice for sites where control and analysis functions are required only at a global platform resolution. It can be used, for example, to monitor and control the total P2P traffic over the link.

Subscriberless mode requires no integration; hence the SCMS-SM is not required.

Note

Subscriberless mode is not influenced by the number of subscribers or inbound IP addresses Thus the total number of subscribers using the monitored link is unlimited from the perspective of the SCE platform.

Anonymous Subscriber Mode

Anonymous subscriber mode provides the means to analyze and control network traffic at subscriber-inbound IP address granularity. Use this mode when you do not require subscriber-differentiated control or subscriber-level quota tracking, when analysis on an IP level is sufficient, or when offline IP-address/subscriber binding can be performed. For example, you can identify which subscribers generate the most P2P traffic by identifying the top IP addresses and correlating them to individual subscribers using Radius or DHCP logs. The total bandwidth of P2P traffic allowed for each subscriber can also be limited.

Anonymous subscriber mode requires no integration or static configuration of the IP addresses used, so the SCMS-SM is not required. Rather, ranges of IP addresses are configured directly on the SCE platform, for which the system dynamically creates “anonymous” subscribers, using the IP address as the subscriber name.

Note

The total number of concurrently active anonymous subscribers supported by the SCE platform is the same as the total number of concurrently active subscribers.

Static Subscriber Mode

Static subscriber mode binds incoming IP addresses together into groups, so that traffic from and to defined subscribers can be controlled as a group. For example, you can define all traffic from and to a particular network subnet (used by multiple subscribers concurrently) as a (virtual) “subscriber” and controlled or viewed as a group.

Static subscriber mode supports cases in which the entity controlled by the Cisco Service Control solution uses a constant IP address or address range that does not change dynamically, such as:

  • Environments where the subscriber IP addresses do not change dynamically via, for example, DHCP or Radius

  • Deployments in which a group of subscribers using a common pool of IP addresses (such as all those served by a particular aggregation device) will be managed together to provide a shared bandwidth to the entire group

The system supports the definition of static subscribers directly on an SCE platform; it does not require external management software (such as the SCMS-SM). Use the SCE platform CLI to define the list of subscribers, their IP addresses, and the associated package.

Subscriber-Aware Mode

In subscriber-aware mode, the SCE is populated by subscriber information (OSS ID and policy) that is dynamically bound to the (IP) address currently in use by the subscribers. Regardless of the IP address in use, this provides differentiated and dynamic control per subscriber and subscriber-level analysis. Use this mode to control and analyze traffic on a subscriber level, to monitor subscriber usage, and to assign and enforce different control policies (packages) for different subscribers.

In this mode, the SCMS-SM may provision the SCE platform with subscriber information.

Subscriber Modes: Summary

The following table summarizes the different subscriber modes supported by the system.

Table 2.1. Summary of Subscriber Modes

Mode

Features Supported

Main Advantages

Use for ...

Subscriberless mode

  • Global (platform-level) analysis and control

No subscriber configuration required.

Global control solution or subscriber-level analysis.

Examples:

  • Control P2P uploads at peering points.

  • Limit total bandwidth of P2P to a specified percentage.

Anonymous subscriber mode

  • Global analysis and control

  • Individual IP address-level analysis and control

  • No subscriber-configuration required; only define subscriber IP address ranges used.

  • Provide subscriber-level control without integration.

IP-level analysis or control that is not differentiated per subscriber, and where offline IP-address/subscriber binding is sufficient.

Examples:

  • Limit P2P bandwidth per subscriber.

  • Identify top subscribers by identifying top IP addresses and correlating them with Radius or DHCP logs.

Static subscriber mode

  • Global analysis and control

  • Control based on individual or group IP addresses as configured statically to the SCE platform

  • On-time static subscriber configuration, with no integration requirements.

  • Manage subscriber traffic in logical groups.

Control of traffic of groups of subscribers.

Example:

  • Assign a bandwidth limit for P2P traffic for each group of subscribers using a single CMTS device.

Subscriber-aware mode

  • Full system functionality

  • Differentiated and dynamic control per subscriber.

  • Subscriber-level analysis, regardless of IP address in use.

Control and analysis of traffic on a subscriber level.

Examples:

  • Monitor subscriber-usage, regardless of IP addresses.

  • Assign different control policies (packages) to different subscribers, and change packages dynamically.

Service Configuration

Service configuration defines the way the SCE platform analyses and controls traffic. In very general terms, service configuration defines the following:

  • Protocol and service classification

  • Packages and policies

  • Bandwidth controllers

  • Global controllers

Figure 2.2. Service Configuration

Service Configuration

Service configuration is accomplished using one of the following:

  • The Console

  • The SCA BB Service Configuration Utility

  • The Service Configuration API

The Console

The Console is a set of GUI tools that are used to manage, configure, and monitor the solution components.

The Console is fully documented in the remainder of this guide.

Service Configuration Utility

The SCA BB Service Configuration Utility (servconf) is a simple command-line utility that you can use to apply PQB configuration files onto SCE platforms or to retrieve the current configuration from an SCE platform and save it as a PQB file. The utility configures SCE platforms with the service configuration defined in a PQB file. You can install and execute it in a Windows or Solaris environment

For full documentation of servconf, see The SCA BB Service Configuration Utility.

Service Configuration API

The Service Configuration API is a set of Java classes used to:

  • Program and manage service configurations

  • Apply service configurations to the SCE platforms

  • Integrated applications with third-party systems

This allows service providers to automate and simplify management and operational tasks.

The Service Configuration API is documented in the Cisco SCA BB Service Configuration API Programmer’s Guide.

Chapter 3. Traffic Processing Overview

This chapter describes how the Cisco Service Control Application for Broadband (SCA BB) installed on a Service Control Engine (SCE) platform processes traffic.

The chapter also defines the main elements (service configuration entities) of the SCA BB system and explains how they relate to each other.

Traffic Processing

There are three stages of traffic processing:

  • Traffic classification—SCA BB analyses traffic flows and determines their type (for example, browsing, e-mail, file sharing, or voice).

  • Traffic accounting and reporting—SCA BB performs bookkeeping and generates Raw Data Records (RDRs) that let you analyze and monitor the network.

  • Traffic control—SCA BB limits and prioritizes traffic flows according to their service, subscriber-package, subscriber quota state, and so on.

These three stages are described in the following sections.

You control how classification, reporting, and control are performed by editing service configurations and applying them to the SCE platform.

Traffic Classification

Traffic processing starts with traffic classification, which categorizes network sessions into services.

For each commercial service that a provider offers to its subscribers, a corresponding service is defined in the Cisco Service Control solution. You can use this service to classify and identify the traffic, report on its usage, and control it.

Services

In the traffic classification process, SCA BB categorizes network sessions intoservices.

Services are the building blocks for:

  • Service configurations (because SCA BB can enforce different rules on different services)

  • Aggregated usage reporting

From a provider’s perspective, a service is a network product sold to a subscriber. The service is usually a network application—such as browsing, e-mail, file sharing, or voice—that the subscriber uses. From a technical perspective, a service consists of one or more service elements, each of which enables a decision about the service associated with a network traffic flow type.

A number of services are predefined in the default service configuration (these services are listed in the “Default Service Configuration Reference Tables” chapter of the Cisco Service Control Application for Broadband Reference Guide). You can modify these services and add additional services to a service configuration.

A service configuration can contain up to 500 services.

The classification process occurs when a session starts. The process examines the first few packets of the session and decides to which service the session belongs. The session is then assigned a service ID that remains the same during the session’s life cycle.

Traffic is classified and mapped to services on the basis of some or all of the following service elements:

  • Protocol—The protocol used. This allows, for example, the mapping of browsing flows and e-mail flows to separate services.

  • Initiating side—Whether the subscriber side or the network side generated the flow. This allows, for example, the mapping of subscriber-initiated and network-initiated peer-to-peer traffic to separate services.

  • Zone—Lists of IP addresses of the network-side host of the flow. This allows, for example, the mapping of all voice flows going to a specified server to a specific service.

  • Flavor—Specific Layer 7 properties such as host names of the network-side host of the flow. This allows, for example, the mapping of all HTTP flows where the URL matches a certain pattern to a specific service.

SCA BB uses these flow mappings to map each network connection passing through it to a service. You define rules for the different services to implement control policies. The classification rules can contain Layer 3 and Layer 4 parameters (such as port numbers and IP addresses), and also Layer 7 parameters (such as host name and user agent for HTTP connections).

Service Elements

A service consists of one or more service elements; different network traffic flow types are mapped to different service elements.

A service element maps a specific protocol, initiating side, zone, and flavor to the selected service. Some or all of these parameters can take wild-card values.

A traffic flow is mapped to a specific service if it meets all four of the following criteria:

  • The flow uses the specified protocol of the service element.

  • The flow matches the initiating side specified for the service element.

  • The destination of the flow is an address that belongs to the specified zone of the service element.

  • The flow matches the specified flavor of the service element.

Note

If a flow matches two service elements and one is more specific than the other, the flow will be mapped to the more specific of the two.

For example: Service A is defined for browsing and Service B is defined for browsing to a specific list of URLs. A browsing flow to a URL on Service B’s list matches both services, but will be mapped to Service B.

If a flow matches one parameter of one service element and a different parameter of another service element, precedence will be given first to matching flavors, then to protocols, then to zones, and finally to the initiating side.

For example: Service A is defined for e-mail and Service B is defined for all traffic to a specific network zone. An e-mail flow to the specific network zone matches both services, but will be mapped to Service A.

Examples of Services

The following table contains examples of services and their network parameters.

Table 3.1. Examples of Services and Service Parameters

Service Name

Protocol

Initiating Side

Zone

Flavor

Web Browsing

HTTP HTTPS

Subscriber-initiated

*

*

Web Hosting (network-initiated browsing)

HTTP HTTPS

Network-initiated

*

*

Local SMTP

SMTP

*

Local-mail servers (215.53.64.0/24)

*

Protocols

One of the main classifications of a flow is the protocol of a session (that is, of the network application that generated the session).

A protocol, as defined in the SCA BB system, is a combination of one or more signatures, one or more port numbers, and a transport type. The protocol of the network flow is identified according to these parameters. For example, if the port number is 80, the transport type is TCP, and content matches the HTTP signature, SCA BB maps the flow to the HTTP protocol.

The default service configuration contains a long list of predefined protocols. You can add additional protocols.

When a TCP or UDP flow does not match a specific protocol definition, SCA BB maps the flow to the Generic TCP or Generic UDP protocol.

When a non-TCP/UDP flow does not match a specific protocol definition, SCA BB maps the flow to the Generic IP protocol.

Protocol Elements

A protocol is a collection of protocol elements.

A protocol element maps a specific signature, IP protocol, and port range to the selected protocol. Some or all of these parameters can take wild-card values; port numbers can take range values.

A traffic flow is mapped to a specific protocol if it meets all three of the following criteria:

  • The flow matches the specified signature of the protocol element.

  • The flow protocol matches the IP Protocol of the protocol element.

  • The flow matches the specified port range of the protocol element.

Note

If a flow matches two protocol elements and one is more specific than the other, the flow will be mapped to the more specific of the two.

For example: Protocol A is defined for flows that match the FTP signature and Protocol B is defined for flows that match the FTP signature on TCP port 21. An FTP flow on port 21 matches both protocols, but will be mapped to Protocol B.

If a flow matches the signature of one protocol element and the port of another protocol element, it will be mapped to the matching signature.

For example: Protocol A is defined for flows that match the FTP signature and Protocol B is defined for flows on TCP port 21. An FTP flow on port 21 matches both protocols, but will be mapped to Protocol A.

Signatures

SCA BB examines traffic flows using the SCE platform’s deep-packet-inspection capabilities, and compares each flow with an installed set of protocol signatures to identify the network application that generated the flow.

SCA BB comes with a set of predefined signatures for common network applications and protocols, such as browsing, e-mail, file sharing, and VoIP.

Cisco periodically publishes protocol packs containing new signatures and updates to existing signatures. You can use these protocol packs to update the set of signatures installed on SCA BB, enhancing its classification capabilities.

Dynamic Signatures

Most signatures used by SCA BB are predefined and hard-coded. SCA BB also allows you to add dynamic signatures, which can be user-defined.

You can create and edit dynamic signatures in the Signature Editor tool. The Dynamic Signature Script (DSS) engine in SCA BB carries out the classification using these user-defined signatures in addition to the predefined signatures.

Initiating Side

The SCE platform is usually located between the provider’s subscribers and the network. Subscriber-initiated flows are initiated by the subscriber toward the network; network-initiated flows are initiated from the network toward the subscriber.

You can limit some flow-types to one initiating side. For example, with HTTP you can restrict the direction of the flow to subscriber-initiated, because HTTP is always subscriber-initiated when the subscriber ventures outward to surf the Internet. If the direction of the HTTP flow is network-initiated, this probably means that a web server is open on the subscriber’s local machine for receiving incoming HTTP traffic. The provider can block network-initiated HTTP.

Zones

A zone is a collection of network-side IP addresses.

Zones are configured by the user who arranges IP addresses in groups connected by a common purpose. A subscriber’s network flow mapped to a service may be applied to a zone. In practice, zones often define geographical areas.

Zones are used to classify network sessions; each network session can be assigned to a service element based on its destination IP address.

Examples of zones:

  • A “walled garden”—A range of IP addresses of a server farm with premium video content, for which the provider would like to limit access to specific subscribers and to assure traffic priority.

  • A zone to differentiate between off-net and on-net flows.

Example of assigning a zone to a session:

  • Zone A and Zone B are two user-defined zones. Zone A includes the IP address range 10.1.0.0/16, and Zone B includes the IP address range 10.2.0.0/16. Analysis of a new session shows that its network IP address is 10.1.1.1—the session belongs to zone A.

Zone Items

A zone is a collection of related zone items.

A zone item is an IP address or a range of IP addresses.

Table 3.2. Examples of Zone Items

Network Address

Example

IP address

123.123.3.2

IP address range (and mask)

123.3.123.0/24

This means that the first 24 bits of the IP address must be included as specified and the final 8 bits can take any value. (That is, all IP addresses in the range 123.3.123.0 to 123.3.123.255.)

Flavors

Flavors are advanced classification elements that are used to classify network sessions according to signature-specific Layer 7 properties.

Flavors provide an additional level of granularity in defining services in the Cisco Service Control solution. A protocol flavor uses an additional protocol attribute in classifying a service, making this service a flavor of the service based on the protocol only. For example, the user-agent attribute of the HTTP protocol could be added as a protocol flavor, enabling the definition of all HTTP traffic generated by the same browser type (indicated in the user-agent field) as one service.

Examples of flavor types are HTTP User Agent and SIP Source Domain.

Flavor Items

A flavor is a collection of flavor items.

The type of a flavor item depends on the flavor type. For a list of available flavor types, see Flavor Types and Parameters.

The default service configuration includes some predefined flavors, such as HTTP Streaming Agents (a flavor of HTTP) and Vonage (a flavor of SIP).

Content Filtering

Content filtering involves classification and control of HTTP flows according to the requested URL. The classification of the URL is performed by accessing an external database.

Service providers require effective Web filtering for their subscribers, for various purposes such as avoiding litigation and providing parental control. The problem is that the Web is huge and constantly growing, and SCA BB and the SCE Platform are not designed to track and maintain the huge database of URLs that is required for effective filtering.

SCA BB provides content filtering by integrating with SurfControl Content Portal Authority (CPA). SurfControl’s technology enhances SCA BB URL classification capabilities by eliminating the need for a network administrator to manage a URL database or interact with the server, while creating a powerful filtering solution. It provides complete coverage of the Web’s most trafficked sites and access to the most accurate and relevant database of URLs classified by risk category, such as sexually explicit, racist, hacker, and so forth.

The integration of SurfControl’s CPA into SCA BB provides the required web-filtering solution. SCA BB, running on the SCE Platform, contacts a CPA server to categorize the web site that a subscriber requests. The returned category is then used to classify the HTTP flow. This classification is then used for the normal SCA BB traffic control and reporting.

Note

SCA BB includes an internal database of URLs that is used by the HTTP URL flavor classification. When a URL is found in both the internal database and the external content filtering database, the URL is classified according to the internal database.

Mapping Flow Attributes to Services

The following figure illustrates the mappings of flow elements of a session to service elements of a service.

Figure 3.1. Mapping Flow Attributes to Service

Mapping Flow Attributes to Service

Traffic Accounting and Reporting

You can use data gathered by the SCE platforms for real-time signaling, billing, and reporting.

Various metrics are collected in different scopes—global (per entire link), per service (or group of services), per package (or group of packages), and per subscriber—based on user-defined counters.

Note

Global control bandwidth is based on Layer 1 volume.

Subscriber bandwidth control (and accounting and reporting) is based on Layer 3 volume.

The values from the counters can be either pushed or pulled:

  • The SCE platform generates and transmits Raw Data Records (RDRs) that contain flow, usage, and other data.

  • The SCE platform maintains an SNMP MIB that can be queried by external systems.

Usage Accounting

SCA BB collects and maintains various network metrics, per service, in different scopes.

The network metrics are:

  • Upstream volume (L3 kilobytes)

  • Downstream volume (L3 kilobytes)

  • Sessions

  • Active subscribers

  • Concurrent sessions

  • Session duration

Note

For VoIP services, such as SIP and MGCP, the concurrent sessions counter counts concurrent voice calls, and the session duration counter measures voice call duration.

Per service accounting takes place in the following scopes:

  • Per subscriber

  • Per group of subscribers (package)

  • Per link (global)

Several services may share the same service counter. For example, in the default service configuration, the SMTP service and the POP3 service share the E-Mail Counter. The assignment of services to counters is determined by the service hierarchy, as explained in the following section. Similarly, several packages may share the same package counter, and the assignment of packages to counters is determined by the package hierarchy.

The Service Hierarchy

Services are arranged in a hierarchal tree. A single default service is at the root, and you can place each new service anywhere in the tree.

Services inherit the rule of their parents. When a rule is defined for a particular service (in a specific package), all its child services are controlled by the same rule for that package, unless explicitly specified.

Service Counters

The service hierarchy provides a way to share usage counters and to organize services according to their semantics. Services are accounted in groups, as defined in the service hierarchy. Each service is assigned usage counters.

There are two categories of usage counters for services:

  • Global—Used for Link and Package RDRs and reports

  • Subscriber—Used for Subscriber RDRs and reports

A global counter and a subscriber counter are assigned to each service. The use of a service can be accounted either exclusively for traffic classified to it or in conjunction with the traffic of its parent service. For example, if a service called Premium Video Content is defined as a child of Streaming, the operator can either define a special usage counter for Premium Video Content or configure it to use the same counter as Streaming. The global counter and the subscriber counter are independent; for the same service, one counter may be the same for parent and child, whereas the other is exclusive to the child.

The Package Hierarchy

Packages are arranged in a hierarchal tree. A single default package is the root of the tree, and you can place new packages anywhere in the tree.

Package Counters

The package hierarchy allows you to organize packages according to their semantics and provides for sharing package usage counters. You can define a maximum of 1024 different exclusive package counters per service configuration, one of which is used for the Unknown Subscriber Traffic package.

Usage reporting at a package level is grouped as follows:

  • Package assigned an exclusive package counter—All traffic associated with this package is accounted separately in the assigned counter, along with any children that are not assigned exclusive counters.

  • Package NOT assigned an exclusive package counter—All traffic associated with this package is accounted together with its parent package.

For example, in the sample package tree shown in the following figure, if the Mail & Web Baseline package is allocated an exclusive counter, but none of its child packages are, then all Package Usage RDRs and the derived reports (such as “Package Bandwidth per Service”) would group together usage of subscribers assigned to all three packages.

On the other hand, if the Mail & Web Boost package also had an exclusive counter, the traffic for Main & Web Baseline and Mail & Web Captive HTTP would be accounted together, but traffic for Mail & Web Boost would be accounted separately. (In general this is not an efficient configuration. You should use the hierarchical structure to group packages that can share the same counter.)

RDRs

SCE platforms running SCA BB generate and transmit Raw Data Records (RDRs) that contain information relevant to the service provider.

RDRs contain a wide variety of information and statistics, depending on the configuration of the system. The following are the main categories of RDRs:

  • Usage RDRs—Generated periodically. These RDRs contain the state of the usage counters, per service and per accounting scope. There are four types of usage RDRs:

    • Link Usage RDRs—Global usage per service, for the entire link.

    • Package Usage RDRs—Usage per group of subscribers, per service.

    • Subscriber Usage RDRs—Usage per subscriber, per service. These RDRs are generated for all subscribers. The Cisco Service Control Management Suite (SCMS) Collection Manager (CM) and Cisco Service Control Application (SCA) Reporter use these RDRs to generate top-subscriber reports and aggregated usage billing records.

    • Real-Time Subscriber Usage RDRs—Generated for specific subscribers selected by the user. The SCMS-CM and SCA Reporter use these RDRs by to generate detailed subscriber activity reports.

  • Transaction RDRs—Generated for a sample of the flows. These RDRs are used to create statistical histograms such as Top TCP Ports.

  • Transaction Usage RDRs—Generated for every flow according to user-defined filters. These RDRs contain detailed Layer 7 information for browsing, streaming, and voice flows. They are used for flow-based billing.

  • Real-Time Signaling RDRs—Generated to indicate specific network events such as flow start or end. These RDRs are used to signal external systems to allow real-time actions across the network.

  • Malicious Traffic RDRs—Generated to indicate that the SCE platform has detected a traffic anomaly, such as a DDoS attack.

Traffic Control

Traffic Control provides means to block, limit, or prioritize traffic flows according to service, subscriber package, subscriber quota state, and so on.

Packages

A package is a collection of rules describing subscriber policy. The package defines the group of services delivered to a specific group of subscribers and the system’s behavior for each service. It may contain restrictions on network flows, guidelines for flows’ prioritization, and instructions regarding how to report flows.

Each subscriber in the network is provided a reference to a package to which that subscriber belongs. The system:

Maps each network flow to a service by matching the flow with a service element

Identifies the subscriber to whom the flow pertains, according to the subscriber’s network ID (usually the subscriber’s IP address)

Identifies the package to which the subscriber belongs

Applies the correct rule to the service of the subscriber’s network flow

Unknown Subscriber Traffic

The SCE platform tries to identify the subscriber responsible for every traffic flow that it processes. The platform looks at the IP address or VLAN tag of the traffic flow, and checks its internal database for a subscriber that is identified by this IP Address or VLAN tag. If such a subscriber is not found in the database, the traffic flow is mapped to the Unknown Subscriber Traffic category.

Rules

A rule is a set of instructions that tell the SCE platform how to treat network flows of a specific service. A rule may:

  • Specify that a flow should be blocked or be granted a certain amount of bandwidth

  • Define an aggregate volume or session limit, after which a set of different restrictions will be enforced on the flow

  • Specify how a flow will be reported for billing or analysis purposes

Calendars

Calendars are used to split the hours of the week into four time frames.

After you have configured a calendar, you can add time-based rules to a package that is using the calendar.

Each service configuration includes one default calendar. You can add nine more calendars, each with a different time-frame configuration. You can use different calendars for different packages. They can also be used where a service provider has customers in more than one time zone.

Time-Based Rules

A time-based rule is a rule that applies to only one time frame. Time-based rules allow you to set rule parameters that will only apply at specific times. You might, for example, want to define different rules for peak, off-peak, nighttime, and weekend usage.

You can add time-based rules to any rule. If a time-based rule is not defined for a time frame, the parent rule is enforced.

Often, you will want the rules for the different time frames to be similar. When you add a time-based rule, the settings of the parent rule are copied to the new time-based rule; you can make any needed changes. Subsequent changes to the parent rule do not affect the time-based rule.

Bandwidth Management

The physical link bandwidth is an absolute limit on the bandwidth that can pass through the system. You can limit the total bandwidth passing through the SCE platform even further. For example, if another device sitting next to the SCE platform on the IP stream has limited BW capacity, you can limit the bandwidth passing through the SCE platform to match the capacity of the other device.

Bandwidth control in SCA BB is accomplished in two stages:

  • Global control

  • Subscriber bandwidth control

Note

Global control bandwidth is based on Layer 1 volume.

Subscriber bandwidth control (and accounting and reporting) is based on Layer 3 volume.

Global Bandwidth Control

Total bandwidth