The market is poised to embrace mobile data services as a way for users to stay connected while on the move. However, success in the mobile Internet is not just about being connected - it is also about delivering desirable content and applications to users. Businesses want to enable mobile virtual-private-network (VPN) access to corporate intranets to access e-learning, e-mail, and workforce optimization applications, to name just a few. Consumers are looking for services such as Web-based shopping and Internet gaming.
Cisco® applies its undisputed IP leadership to the mobile Internet with the Cisco mobile Service Exchange Framework (mSEF), a standards-based framework that links the Radio Access Network (RAN) to IP networks and their value-added services. This framework delivers solutions that simplify and enhance service delivery independent of underlying technologies. Cisco mSEF takes advantage of the proven performance of Cisco switch and router platforms, offering mobile operators an affordable insertion cost, almost unlimited scalability, and the carrier-class reliability that service providers expect from Cisco.
Creating the mobile Internet poses both logistical and technical challenges. The most obvious challenge is reaching a variety of client devices with similar services over different access media. Subscribers may use General Packet Radio Service (GPRS) with a personal digital assistant (PDA) while on the move and a public wireless-LAN (WLAN) service with a PC while sitting in an airport lounge. No matter how they access public network services, subscribers need a common user experience and a single bill each month.
Cisco mSEF comprises many different components (refer to Figure 1), including packet gateways, mobile services, load balancing, and network management services delivered on a range of Cisco platforms and application modules. Together, these components successfully address the many challenges that face mobile network operators as they seek profitability from their second-generation (2G), 2.5G, or 3G mobile packet infrastructures and their 802.11 public WLAN hot spots.
Figure 1. Cisco mSEF
Packet Gateways
The packet gateway is the interface between the mobile radio infrastructure and standard IP networks. A gateway translates between the access-specific protocols of the RAN and the access-independent world of the Internet. Mobile operators transmit IP packets through the air using one of two standards:
• The Global System for Mobile Communications (GSM) standard, deployed worldwide, delivers data via GPRS protocols through the gateway GPRS support node (GGSN).
• The Code Division Multiple Access (CDMA) standard found in North and South America and many Asia-Pacific countries delivers data using the 1X RTT protocol through the packet data serving node (PDSN).
Many first--generation packet gateways do not scale to accommodate profitable numbers of users and sessions. For mobile operators seeking to upgrade their first-generation packet gateways, Cisco offers both GGSN and PDSN gateways on the Cisco 7200 and 7600 routers and Cisco Catalyst® 6500 Series switches, with scalability features an order of magnitude beyond previous solutions.
Mobile Services
Packet gateways are an important part of the network, but they are transparent to subscribers. People pay for content; therefore, mobile operators need to look beyond simple packet conversion toward rich data, voice, and video services tailored for each subscriber. Personalized services require higher-layer network intelligence that accommodates the unique requirements of mobile networking. The network needs to know its subscribers, where they are, and what they want to do - and that is where Cisco mSEF excels.
Cisco invests in mobile networking with leadership solutions that enable mobile operators to tap the rich revenue potential of IP services. Currently, Cisco mSEF solutions span four areas: mobile IP, service selection, content monitoring, and security. Each area supplies a critical function for enabling profitable, content-based services.
Mobile IP
In wired networks, routing is based on a stationary IP address, similar to the way a postal letter is delivered to a fixed address printed on an envelope. However, problems occur when an IP device roams away from its home network and is no longer reachable using normal IP routing. This causes an active session on the device to be dropped. Mobile IP (IETF RFC 2002) enables users to keep the same IP address while traveling to a different network (which may even be operated by a different wireless provider), thus keeping their session active. This is especially important in enterprise applications that use end-to-end VPNs, because it means not having to reestablish the tunnel and reauthenticate into the enterprise.
Mobile IP can be used to allow a subscriber to seamlessly roam between a mobile data service (GPRS or CDMA 1x) and a public WLAN service or to roam between a corporate 802.11 WLAN and a mobile data service.
Service Selection
Service selection is a technology that helps service providers to brand their services. It allows them to intervene in data flows and determine particular services that subscribers can access. It also provides a common user interface and a uniform billing infrastructure. These capabilities allow a service provider to exercise discrete control over service access and enable self-provisioning to reduce operational costs, speed service availability, and increase revenue.
Operators need the ability to support multiple billing approaches based on different services and markets, and Cisco provides this capability with its service-selection technologies. Over the last few years, much of the mobile subscriber growth has been as a result of prepaid billing rather than the conventional postpaid model. Today, the prepaid subscriber base is as high as 70 percent in some markets. Price has traditionally been the driver for attracting and retaining the prepaid subscriber, but through the use of innovative mobile services and billing models targeted at the prepaid market segment, the operator can increase average revenue per user (ARPU) and build consumer loyalty. The coupling of the prepaid subscriber base with mobile services will be an essential go-to-market focus of the mobile operators. Cisco mSEF provides easy integration with external systems such as pre-or postpaid billing for maximum billing flexibility.
Content Monitoring
Alternatively called content billing, content monitoring examines packets to obtain higher-layer information such as destination IP addresses, URLs, domains, applications, or file names. With this kind of information, a mobile operator has great flexibility in how to bill for services. Multimedia messaging service (MMS) and push-to-talk are both packet data services, but they both offer unique value to the subscriber. With content monitoring, those data streams can be singled out for special treatment in the bill.
Another interesting application for content monitoring is legal intercept, which makes it easier for mobile operators to comply with per-country legal service requirements. For more information on legal intercept, see your Cisco account executive.
Security
Security is a critical function for services targeting the business community. There are several different approaches to supporting security. Most businesses bring the security function in house by using end-to-end VPN solutions based on technologies such as IP Security (IPsec). In this case, users initiate an encrypted tunnel from their client device (laptop or PDA) all the way through to the remote concentrator behind a firewall in their enterprise data center. They do not rely on the security capabilities of the mobile network operator. The other alternative is for the business customer to outsource security to the mobile network operator. This is done through a combination of over-the-air encryption, tunneling within the mobile operator's network, and a site-to-site VPN from the mobile operator's network across the Internet to the enterprise's data center. The Cisco mSEF solution can add value in both scenarios, through either creative billing approaches with end-to-end VPNs or support for a wide variety of site-to-site VPN technologies, including IPsec, generic routing encapsulation (GRE), Layer 2 Tunneling Protocol (L2TP), and Multiprotocol Label Switching (MPLS).
Elements of the Cisco mSEF Solution
Figure 2 shows the Cisco mSEF positioned as the critical link between the RAN and the IP networks and their value-added services.
Figure 2. Network Positioning
Cisco mSEF Components
The cornerstones of the Cisco mSEF are the Cisco Catalyst 6500 Series switches and the Cisco 7600 Series routers, which are deployed extensively by mobile operators worldwide. In combination with external applications on the Cisco 7200 and 7400 series routers, or on applications hosted on application modules within the Cisco Catalyst 6500 Series and Cisco 7600 Series, the range of solutions delivered by Cisco mSEF is leading the market in terms of cost, performance, and scalability.
The Cisco mSEF currently includes the following applications:
• Cisco Content Services Gateway (CSG)
• Cisco Service Selection Gateway (SSG)
• Cisco Subscriber Edge Services Manager (SESM)
• Cisco Gateway GPRS Support Node (GGSN)
• Cisco Packet Data Serving Node (PDSN)
• Cisco CNS Access Registrar®
• Cisco Mobile IP Home Agent
• Remote Access Dial-In User Service (RADIUS) and server gateway load balancing
• Cisco Mobile Wireless Center (MWC)
The following platforms are components of the Cisco mSEF:
• Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers
• Cisco Catalyst 6500 Series and Cisco 7600 Series application modules
• Cisco 7200 Series routers
• Cisco 7400 Series routers
The following sections provide an overview of each application.
Cisco Content Services Gateway
The Cisco CSG, an application module for the Cisco Catalyst 6500 Series and Cisco 7600 Series platforms, provides a content-metering function for network traffic accounting, content billing, network planning, network monitoring, and data mining. The Cisco CSG tracks user content transactions in real time and forwards this information to a billing agent for further processing, rating, and invoicing.
The Cisco CSG provides the following key benefits:
• Performance - The Cisco CSG can handle up to 300,000 connected subscribers per application module while deciphering a finer level of granularity for use in content-based billing.
• Content measurement - HTTP content is deciphered based on the actual object requested. By differentiating the content requests, the Cisco CSG enables billing applications to charge differently for each object, thereby charging for the true value of the content.
• Enhanced user identification - In many environments, the IP address is not sufficient for properly identifying the user. IP addresses can be dynamically assigned, or hidden by proxies and firewalls. In real time, the Cisco CSG associates a user's ID to each transaction that it reports. This allows for user-based charging in a broader set of environments than is currently possible.
• Price or performance value for large data centers and Internet service providers (ISPs) - The Cisco CSG features a low connection cost and occupies a small footprint. The Cisco CSG slides into a slot in Cisco Catalyst 6500 or Cisco 7600 systems, conserving valuable data-center space.
• Ease of configuration - The Cisco CSG uses the same native Cisco IOS® Software interface used to configure the Cisco Catalyst 6500 Series and Cisco 7600 Series platforms.
• Partners - The Cisco CSG integrates with the billing and mediation platforms of numerous third-party companies.
Cisco Service Selection Gateway and Subscriber Edge Services Manager
The Cisco SSG is an essential component for mobile operators that wish to offer multiple services (intranet, extranet, Internet, and special content and application connections) to subscribers using a single architectural framework.
The Cisco SSG supports multiple access technologies (GPRS, CDMA2000, and 802.11 public WLANs), enhances the user experience, and provides service selection and control. Used with the Cisco SSG, the Cisco SESM allows a service provider to create a branded Web portal that presents subscribers with a menu of services, enabling them to log on to and disconnect from different services using a Web browser.
The Cisco SSG and SESM provide the following key benefits:
• Service and access separation - The mobile network operator can add access technologies and services independently, rapidly, and with minimal service impact.
• Simple service provisioning - With Cisco SSG and SESM, service and access provisioning is simple and scalable because only one database - RADIUS server or Lightweight Directory Access Protocol (LDAP) - has to be provisioned for new services or access.
• User experience - The subscriber can have multiple services active within a single Protocol Data Packet (PDP) context (single access point name [APN]) at the same time. This not only enhances the user experience, but also allows the mobile operator to make more money in the same timeframe using the same radio infrastructure by offering simultaneous services, each billed by a different billing schema. The same is true for CDMA2000, where a user can have multiple services active within a single Point-to-Point Protocol (PPP) session at the same time.
Cisco PDSN
The Cisco PDSN is a standards-compliant, wireless gateway that enables packet data services in a CDMA environment. Acting as an access gateway, the Cisco PDSN provides simple IP and mobile IP access, foreign-agent support, and packet transport for VPN. It also acts as a client for authentication, authorization, and accounting (AAA) servers. Cisco PDSN supports all required standards, including the 3GPP2 TSG-P standard and the Wireless IP Network Standard (also known as TR45.6 or TIA/EIA/IS-835), which defines the overall structure of a CDMA2000 network. It includes features such as enhanced mobile IP, carrier-class accounting, compression, security, and authentication.
Cisco PDSN also supports 3GPP2 TSG-A, and Interoperability Specification for CDMA2000 Access Network Interfaces (also known as TR45.4 or TIA/EIA/IS-200 1). The 3GPP2 TSG-A standard focuses on the RAN and the interfaces between RAN and the PDSN.
The Cisco PDSN provides the following key benefits:
• Standards compliance - Cisco PDSN is fully compliant with 3GPP2 TSG-P and TSG-A, providing interoperability with other standards-compliant components.
• Proxy mobile IP - Cisco PDSN provides IP mobility for non-Mobile IP mobile stations.
• PDSN clustering and intelligent selection - The Cisco PDSN is highly scalable without disrupting service.
• Multiple flows - Multiple PCs can share a common access device.
• Support for overlapping private IP addressing - This constitutes a key feature in certain enterprise applications.
• Prepayment options - The Cisco PDSN supports prepaid service for simple and mobile IP.
Cisco Gateway GPRS Support Node
The Cisco GGSN is a standards-compliant, wireless gateway that enables packet data services in a GPRS environment. Providing interworking between the external packet data networks and the GPRS RAN, the Cisco GGSN is deployed in numerous commercial GPRS networks throughout the world. In addition to acting as a client for AAA servers, the Cisco GGSN offers unrivalled enterprise VPN connectivity features.
The Cisco GGSN supports the Gn, Gp, Ga, and Gi interfaces; supports GPRS quality-of-service (QoS) classes and negotiation; and is compliant with both GPRS and Universal Mobile Telecommunications Service (UMTS) standards. In the IP arena, the Cisco GGSN supports Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and RADIUS, with the Cisco DNS/ DHCP Manager eliminating the need for manual configuration and synchronization of DNS and DHCP servers.
This suite of TCP/IP management applications assigns and monitors domain names and synchronizes IP addresses between DHCP and DNS servers. Cisco is the first to implement the GGSN with the SGSN from multiple partners (Motorola and Alcatel) and is the first to offer a complete GPRS solution for the GSM wireless operator.
The Cisco GGSN provides the following key benefits:
• Standards compliance - The Cisco GGSN is fully compliant with 3GPP (R97, R98, and R99).
• Scalability - The Cisco GGSN scales easily from 100,000 PDPs to over 1 million PDPs through clustering and intelligent selection, providing scalability without disrupting service.
• Key IP networking features - IP routing, tunneling, IPsec, VPNs, access control, and firewall features are provided.
• Support for overlapping private IP addressing - This constitutes a key feature in certain enterprise applications.
• Field proven - The Cisco GGSN is commercially deployed with mobile operators worldwide.
Cisco CNS Access Registrar
Cisco CNS Access Registrar supports service provider deployment of access services by centralizing AAA information and simplifying provisioning and management. This standards-based RADIUS and proxy RADIUS server is designed for high performance and extensibility.
Cisco CNS Access Registrar provides the following key benefits:
• It supports multiple services (dial, DSL, voice, and wireless) with a single AAA platform.
• Its high-performance architecture reduces the number of AAA servers that must be deployed.
• Cisco CNS Access Registrar offers service providers an off-the-shelf, standards-based RADIUS server that provides the flexibility and extensibility previously available only by maintaining "homegrown" versions of public domain RADIUS software.
• It reduces operational costs and speeds service rollout by supporting integration with provisioning, billing, and other service management components via directory support and scriptable configuration interfaces.
• Cisco CNS Access Registrar offers the extensibility and flexibility of nonsupported freeware RADIUS software, while being supported by Cisco.
• Cisco CNS Access Registrar can be integrated with provisioning, billing, and other management and operational systems of the customer's choice.
Cisco Mobile IP Home Agent
The Cisco Mobile IP Home Agent is an integral part of the Cisco Mobile IP solution and Cisco CDMA2000 Packet Data solution, which includes the Cisco PDSN with internal foreign agent functionality, AAA servers, and several other security products and features. The home agent is the anchor point for mobile terminals for which mobile IP or proxy mobile IP services are provided. Traffic for the mobile node is routed via the home agent, with the home agent also providing proxy Address Resolution Protocol (ARP) service. For mobile IP and proxy mobile IP types of access, this solution provides roaming capabilities so that mobile users can roam within and beyond their service provider boundaries, while always being reachable and addressable via the IP address assigned on initial session establishment.
Available on a range of Cisco routing platforms or on an application module for the Cisco Catalyst 6500 Series and Cisco 7600 Series, the Cisco Mobile IP Home Agent supports a wide range of physical interfaces, including Fast Ethernet and Gigabit Ethernet.
The Cisco Mobile IP Home Agent provides the following key benefits:
• Standards compliance - Cisco Mobile IP Home Agent is fully compliant with the following RFCs: 2002, 2003, 2005, 2006, 3024, 3012 -bis 03, 2794, 1701, 2890, 3220, 2486, 826, 2409, and 2281.
• Proxy mobile IP - The proxy mobile IP provides IP mobility for non-MIP mobile stations, allowing the mobile operator to evolve gracefully to the benefits of MIP in line with terminal deployment.
• Functionality - Cisco Mobile IP Home Agent is an integral component in delivering seamless mobility to mobile users.
• Performance - Cisco Mobile IP Home Agent offers high capacity in terms of bindings, throughput, and setup rates.
Site-to-Site VPN Support
These technology options include:
• L2TP VPN access - This scalable and reliable solution can be used with IPsec for additional security.
• IPsec VPN access - IPsec can be used to ensure secure access from the access network to the corporate network. Hardware-based encryption and decryption options are available to offer high-performance and scalable solutions.
• GRE VPN access - GRE tunnels can be used toward the enterprise, if IP connectivity is in place.
• MPLS VPN access - MPLS VPN access is available for operators who need to interconnect the access network with their MPLS networks.
• Dial-out access - This feature can be used to provide enterprise connectivity to small businesses, or for operators who want to take advantage of an existing infrastructure to provide VPN access via the public switched telephone network (PSTN).
Load Balancing
Service providers that manage Internet data centers understand the value of load balancing, which spreads incoming traffic across many servers to optimize performance, reliability, and scalability. Load balancers also detect server availability and associate user sessions with specific servers or network elements. As mobile data services grow from thousands to millions of subscribers, load balancing also fulfills scalability and reliability requirements by monitoring the in-service state of nodes and by redirecting traffic as needed.
Cisco offers load-balancing functions for firewalls, GPRS nodes, PDSN nodes, Wireless Application Protocol (WAP) gateways, server farms, Web cache devices, SSGs, and the Cisco CSG. Load balancing optimized for Cisco mSEF applications is available via the Cisco Service Gateway Load Balancer aboard the Cisco Content Services Module or the Cisco Supervisory Module resident in the Cisco Catalyst 6500 Series switches.
Network Management and Operations
Cisco is developing a comprehensive network management suite based on its successful Internet operations-support-system (OSS) framework for Cisco mSEF. Two network management applications, Cisco Mobile Wireless Center and CiscoWorks for Mobile Wireless, are under development to deliver full fault, configuration, accounting, performance, and security (FCAPS) management functions within a larger OSS environment. Today, these applications fully enable automated fault analysis in all Cisco mSEF components, while other management functions are accessible via command-line interface (CLI) communication with individual devices.
Key Benefits
• Reduces time to deployment
• Eases management of IP mobile wireless networks
• Provides open interfaces for integration with traditional systems
Solving Problems with the Cisco mSEF
Using the Cisco Content Services Gateway in a Billing Application
Billing is an ongoing challenge for the mobile operator. The mobile operator must balance the need to charge for the use of the valuable radio resource while ensuring that the service offering is attractive to the subscriber. The use of one specific billing model may suit one market segment but not another. The Cisco CSG, when combined with a third-party billing and mediation solution, can provide the flexibility needed to support multiple billing models. Tiered billing allows the operator to provide general Internet access at a discounted rate while charging specific content as a premium. Downloads can be charged based on volume. Any billing solution must also be scalable and highly resilient. Figure 3 shows a possible deployment scenario for the Cisco CSG with multiple CSGs split between two separate Cisco Catalyst switches to demonstrate scalability and remote-site stateful failover.
Figure 3. Cisco CSG Deployment in a Billing Application
The Cisco CSG, in addition to supporting a variety of charging models, can provide the level of granularity required to bill only on user traffic rather than on network-generated overhead. The Cisco CSG has the functionality, scalability, and reliability needed to be the cornerstone of your billing solution.
Transparent Roaming
Today, the need for "always-on" IP connectivity is an essential motivator for the mobile subscriber. Although mobility may be enabled by link-layer technologies, data crossing networks or different link layers remains a problem. The solution is a standards-based protocol: Mobile IP, deliverable through the Cisco mSEF. An open standard defined by the IETF, Mobile IP allows users to keep the same IP address, stay connected, and maintain ongoing applications while roaming among IP networks. Mobile IP is scalable for the Internet because it is based on IP - any media that can support IP can support mobile IP (refer to Figure 4).
Figure 4. True Mobility with Mobile IP
Figure 4 shows how business users on a GPRS or CDMA 1x network can roam over to a public WLAN network without dropping their VPN sessions. The users may not even know that they switched radio technologies; the only indicator would be the increased performance that they suddenly observe on the public WLAN network.
At the component and network level, support for mobile IP provides the technology that enables a subscriber's end device to retain the same IP address and maintain existing communications while traveling from one network to another. Mobile IP eliminates a stop-and-start approach to IP connectivity that is required with network location changes, enabling users to maintain the same IP address regardless of their point of attachment to the network. The end result is a much-improved user experience and true competitive advantage for the mobile operator.
Security Services for the Enterprise
The inherent flexibility of the Cisco mSEF enables mobile operators to deliver corporate security services suited to the access method desired or mandated by the enterprise. The key Cisco differentiator is the range of scalable access VPN technologies available and the ability to cater to all sizes of enterprises (refer to Figure 5).
Figure 5. Delivering Enterprise Connectivity
Common Access and Service Control
The Cisco mSEF enables the adoption of a common access and service control architecture. This is shown in the Figure 6 with the Cisco SSG deployed with the AAA server and Cisco SESM.
Figure 6. Common Control
Functions provided include:
• Control - The Cisco mSEF provides a common mechanism for subscriber authentication and access control to services, and the ability to tailor service offerings to specific subscribers or market segments. New service offerings can be introduced rapidly to react to competition or as part of the service refresh cycle.
• User experience - The Cisco mSEF improves the subscriber experience through a common and simplified process, enabling subscribers to self-manage their accounts and services. Putting the consumers in charge of their own service management reduces churn and lowers operating costs in terms of customer-care personnel.
• Provisioning - The Cisco mSEF is simple and scalable, with only one database to be provisioned for user access.
• Service connection - Numerous options are available, including automatic connections to all subscribed services on successful authentication.
Conclusion
Cisco mSEF delivers a powerful range of products and solutions to mobile operators, enabling them to meet the business challenges they are facing in today's competitive environment. From delivering support across multiple access technologies and maintaining an always-on connection, to enabling rapid and controlled new service introduction with the appropriate billing model, Cisco mSEF offers market-leading functions.
The Cisco mSEF is the framework for enabling the mobile Internet - and is the catalyst for the acceleration of revenue through mobile services.
