JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper PDF

Summary

This document discusses the concept and operation of different application software, such as Motive, Metasolv, Elitecore, and Netsweeper. It describes the AAA (Authentication, Authorization, Accounting) service framework used in data centers to manage broadband services. These services are crucial for controlling access, enforcing policies, and managing user accounts.

Full Transcript

JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper 9 MOTIVE, METASOLV, ELITECORE, NETSWEEPER 9.1 LEARNING OBJECTIVE In this chapter, we will understand the concept and working of different application softwares like Motive, Metasolv, Elitecore and...

JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper 9 MOTIVE, METASOLV, ELITECORE, NETSWEEPER 9.1 LEARNING OBJECTIVE In this chapter, we will understand the concept and working of different application softwares like Motive, Metasolv, Elitecore and Netsweeper used in data center to manage broadband services. 9.2 AAA SERVICE  AAA is an abbreviation for Authentication, Authorization, and Accounting.  It is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.  These combined processes are considered important for effective customer management and security. AUTHENTICATION  Authentication provides a way of identifying a user, typically by checking the a valid user name and valid password before access is granted.  The process of authentication is based on each user having a unique set of criteria for gaining access.  The AAA server compares a user's authentication credentials with user credentials stored in a database. If the credentials match, the user is granted access to the network. If the credentials are at variance, authentication fails and network access is denied. AUTHORIZATION  Following authentication, a user must gain authorization for doing certain tasks.The authorization process determines whether the user has the authority to use the resources.  Authorization is the process of enforcing policies: determining what types or qualities of activities, resources, or services a user is permitted.  Usually, authorization occurs within the context of authentication. Once you have authenticated a user, they may be authorized for different types of access or activity. ACCOUNTING  The final plank in the AAA framework is accounting, which measures JTO Ph-II Version 3.0 Aug 2021 Page 93 of 103 For Restricted Circulation JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper the resources a user consumes during access.  This can include the amount of system time or the amount of data a user has sent and/or received during a session.  Accounting is carried out by logging of session statistics and usage information and is used for authorization control, billing, trend analysis, resource utilization, and capacity planning activities. 9.3 BSNL SERVER SITES In order to control the call traffic BSNL has placed the servers at different sites which can be used to control the Network Traffic. These sites are:  NOC Site( Network Operation Centre) 9.3.1 Bangalore is an Network Operations Center (NOC) site.  POP Site( Point of Preference) 9.3.2 Mumbai and Noida are both Point of Preference (POP) sites.  DR Site ( Disaster Recovery Site) 9.3.3 DR site is site where back up of all the sites information will be maintained. 9.3.4 Pune is the Disaster Recover (DR) site. Number of sites can be added or removed as per the changes in functional and Business requirements. JTO Ph-II Version 3.0 Aug 2021 Page 94 of 103 For Restricted Circulation JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper Figure 51: Server Placement at different NOC sites Pune Network D Mu elhi mbai Networ Network k Bangalore Network Figure 52: Connectivity between NOC sites 9.4 PROXY AAA PREPAID SERVICE If customer type is prepaid service, Proxy AAA will forward authentication request to Main AAA server for getting balance information. Main AAA will receive request from proxy AAA for prepaid customers. JTO Ph-II Version 3.0 Aug 2021 Page 95 of 103 For Restricted Circulation JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper POSTPAID SERVICE If customer type is postpaid proxy AAA will verify customer Status from LDAP server and authenticate customer. In postpaid scenario it will store CDRs for each NAS(Network Access Servers) and mediation system will extract these CDRs with Pull method. WHICH DATA WILL BE VERIFIED? There will be two proxy AAA servers at Delhi, Mumbai, and Bangalore. Proxy AAA will verify following information from LDAP server. Username Password Status Credit Limit Access Type Customer Type Called Station ID Calling Station ID Check item Reply item AAA Policy Access Policy Concurrent logins IP Pool 9.5 LDAP SERVER LDAP server store customer information, service information and access source information of all types of customer. (prepaid and postpaid).Proxy AAA use LDAP server to authenticate User Request. BSNL maintains a LDAP server that stores the latest credentials of the user, but Proxy AAA use a Replica of LDAP to authenticate the user request. 9.6 RADIUS SERVICE BY ELITECORE Remote Authentication Dial In User Service  RADIUS is a AAA server : Authentication, Authorization and Accounting  RADIUS is a distributed security system. JTO Ph-II Version 3.0 Aug 2021 Page 96 of 103 For Restricted Circulation JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper  Distributed security separates user authentication and authorization from the communications process and creates a single, central location for user authentication data.  PORT 1812: Used for authentication requests, replies, and challenges.  PORT 1813: Used for accounting purposes.  Radius and Network element communicate with each other using UDP Protocol A RADIUS access client sends an authentication request containing identification and connection information to a network access server (NAS). Access clients may be a remote office, remote user, mobile user with dialup or wireless network access. The NAS is meant to act as a gateway to guard access to a protected resource. This can be anything from a telephone network to the Internet. The client connects to the NAS. The NAS then connects to another resource (RADIUS ) asking whether the client's supplied credentials are valid. Based on that answer the NAS then allows or disallows access to the protected resource.I n Dial VPN service it was NRAS while in Multiplay Broadband service it is the BNG which acts as NAS. 9.7 ELITE RADIUS & EXTERNAL SYSTEM INTERFACE External Systems Interface (ESI) Layer is the API functional block of the Elite Radius system. The following table shows the solution components and the interface mapping in terms of the integration overview. 3rd Party System Integration Purpose Interface ID Kenan Mediation All Post-Paid CDRs need to be processed by I0001 System the Mediation System before being passed to the Rating and Billing System. It will be FTP interface with pull or push functionality. JTO Ph-II Version 3.0 Aug 2021 Page 97 of 103 For Restricted Circulation JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper Kenan Pre-Paid PARLAY CORBA OSA API interface will be I0002 Billing System used to get authorization parameters and balance-related details. All the API Functions need to be decided. OpenWave Elite Radius (AAA) will query OpenWave I0003 LDAP LDAP to perform AAA related functions. Oracle Database Elite Radius (AAA) will have interface with I0004 Oracle RDBSM to perform different Radius Policy related action and satisfy various Tender Clauses Network Element Elite Radius (AAA) will interface with I0005 (NAS) different Network Element to perform AAA related activity. It will interface with different NAS based on Radius Protocol. Figure 53: Elite Radius Interfaces 9.8 POSTPAID SERVICE FLOW Process Step Description Step 1 Subscriber will be provisioned in the LDAP system. Step 2 To connect the service, the subscriber will enter Username & Password. The request is received by the Proxy AAA from NAS/BNG. Proxy AAA will do AA functionality locally. Step 3 To complete AA functionality Elite Radius will have to check the Credit Limit of the subscriber. JTO Ph-II Version 3.0 Aug 2021 Page 98 of 103 For Restricted Circulation JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper Step 4 If necessary Credit Limit is available, Elite Radius will get other attributes from Subscriber LDAP Profile along with the Credit Limit.. Step 5 Subscriber will successfully connect the service. Step 6 When the subscriber disconnects the service, NAS/BRAS will send Accounting Stop request to Elite Radius and Elite Radius will generate CDRs. 9.9 NETSWEEPER Before netsweeper application is discussed, let us review some important associated applications:  SSSC – Subscriber Service Selection Centre is the system that communicates user-specific information to the Netsweeper system.  LDAP – The system repository for user data (the subscriber profile) including the current IP address for the user and the users account information, including which filtering group they belong to. NETSWEEPER COMPONENTS  Gateway filter – the software that interpcepts the HTTP request and asks whether to allow the request (the Gateway filter does not make the decision itself)  Policy Server - the software that holds the BSNL categorization list and user filtering rules (the policy server makes the allow or deny decision)  Reporter Server – the software that records the HTTP requests, user id, and ruling made  Administration Console – the interface that allows manual control of the policy server, Gateway filter and reporter server. FILTERING TERMS  Client – the subscriber as identified by multiplay network  Category – a name given to describe web sites that are similar or are intended for a certain audience  Policy – a list of categories that will be denied for a client  Group – the container which associates Clients with the policy HOW MULTIPLAY USES NETSWEEPER Multiplay uses a sub-set of the Netsweeper functionality JTO Ph-II Version 3.0 Aug 2021 Page 99 of 103 For Restricted Circulation JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper  Uses gateway filter interceptor to monitor http traffic on the network  Uses SSSC to identify individual subscribers and their filtering rules  Uses BSNL supplied category list to make catgorization decisions 9.10 HTTP REQUEST FLOW THROUGH NETSWEEPER  SSSC recognizes a subscriber accessing the system and sends Netsweeper the user ID and their assigned IP address.  The policy server authenticates the user and confirms the filtering group.  Netsweeper intercepts (Gateway Filter) http traffic requests of a subscriber (Client), compares them to the BSNL category list ( Policy Server) and allows or denies the request.  The Policy server receives the request (Client ID and URL) for a ruling from the Gateway Filter  First the Policy server checks to see that it can associate the client to a group. If not, the default group is used.  Next the policy server looks up the URL in the BSNL category list. If found, the category number is assigned. If not found, a special ―new URL‖ category number is assigned.  Now, the active policy for the group is reviewed to see if the assigned category is allowed or denied for this client.  The policy server responds to the gateway filter, telling it to allow or deny the request.  If allowed the HTTP request is forwarded on, if denied, the deny page is served to the client.  The request, the client Id, the assigned category, and the allow/deny decision are all logged. 9.11 METASOLV OVERVIEW Oracle communications MetaSolv soultion offers robust and leading-edge inventory and order management capabilities to facilitate the delivery of traditional and next-generation services. With Metasolv, we can  Leverage the power of inventory across the enterprise, getting key data into the hands of decision-makers. 9.11.1 Metasolv solution allows you to capture all network and JTO Ph-II Version 3.0 Aug 2021 Page 100 of 103 For Restricted Circulation JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper service inventory data, and correlate and report that data as meaningful information that empowers your entire organization 9.11.2 The solution can integrate with network facing information sources- including existing network management system, element management systems, fault and performance management systems, and legacy data stores-enabling you to further leverage the intelligence of a strategic network and service inventory plateform 9.11.3 Metasolv provides configurable portlets that allow users to tailor access to the data that is important and relevant to them  Manage inventory across diverse networks, enabling rapid delivery and intelligent design of all services, from optical to IP. 9.11.4 Metasolv provides multilayer graphical visualization across all hierarchies of the network, from optical to IP, within a single system. 9.11.5 It lets you view the relationships between different network technologies, so you can see where you can make improvements- and where you are already achieving your goals. 9.11.6 Metasolv modules support current and emerging technologies a) IP services such as VoIP and IP VPN b) Cable and Broadband services c) Ethernet d) ATM/FR including Layer 2 VPNs e) Mobile services f) MPLS and MPLS VPN g) DSL h) SONET/SDH i) Optical, including meshed SONET and DWDM. 9.11.7 Metasolv maintains information about the equipment supporting your network, and the equipments relationship to the locations, connections and carrier systems. 9.11.8 Using a specification that reflects your unique implementation, you can install inservice or spare equipment, JTO Ph-II Version 3.0 Aug 2021 Page 101 of 103 For Restricted Circulation JTO Ph-II (DNIT) Motive Metasol Elitecore Netsweeper associate equipment with network components and track equipment for capcity planning, troubleshooting or other purposes. 9.11.9 Equipment capabilities can be integrated with other asset tracking capabilities such as bar coding or other auditing mechanism – to get timely accurate data about all the equipment in your network- whether on or off-net. 9.11.10 Metasolv helps you manage your database of numbers - both telephone numbers and IP resources – more effectively. 9.11.11 It provides user-defined telephone formats and defined functionality for managing number portability.  Deliver faster time to revenue with a product catalog that efficiently correlates simple and complex product offerings with the functional and technical capabilities of the network. 9.11.12 Metasolv communicates with customer relationship management systems to help you integrate front-office information about your customers with back-office information about your networks, so you can capture and manage complete, up-to-date customer information. 9.11.13 It helps you to efficiently manage the products and services that are delivered across your network 9.11.14 It provides automated path analysis and network design across all network layers, significantly reducing the time needed to provision advanced optical-to-IP services.  Improve productivity with an intuitive, configurable and easy-to-use user interface. Users can customize navigation to quickly access the parts of the application they use most, without costly and time- consuming custom development work. 9.12 CONCLUSION For an ISP, provisioning of digital data is not sufficient. It has to manage the provisioning based on user credentials to prevent unauthorized access, provisioning based on type of service for which end user or cusomter has subscribed for and keep account of all number of bytes accessed by the user. This requires some servers to be deployed in center location so that overall management of customers, their varying demand and services can be done for overall network from single interface as provided by the servers. JTO Ph-II Version 3.0 Aug 2021 Page 102 of 103 For Restricted Circulation

Use Quizgecko on...
Browser
Browser