Guest

Cisco 6400 Series Broadband Aggregators

Cisco Service Selection Gateway

Hierarchical Navigation

Downloads

 

Data Sheet

Cisco Service Selection Gateway

The Cisco Service Selection Gateway (SSG) is a Cisco IOS® Software feature module that enables service providers to create new revenue-generating opportunities by offering usage-based services. Value-added services such as videoconferencing, streaming video, personalized Internet, business-grade Internet, shopping, and gaming not only create new, higher-margin revenue streams but also help attract and retain subscribers.

The Cisco SSG allows subscribers to dynamically select on-demand services. It then switches subscriber traffic to the selected services, applying full edge routing and quality of service (QoS) policies (Figure 1). This improves flexibility and convenience for subscribers (including the ability to log on to multiple services simultaneously) and enables service providers to bill subscribers based on connection time and services used, rather than charging a flat rate. For example, Internet access may be a fixed service, but additional on-demand services such as corporate telecommuting, gaming, or other extranet networks allow billing beyond a single service.


Figure 1: Cisco Service Selection Gateway

Together with the Cisco SSG, the Cisco Subscriber Edge Services Manager (SESM) allows a service provider to create a branded Web portal that presents subscribers with a menu of services, enabling them to log on to and disconnect from different services using a Web browser. With the power to offer multiple services under a branded portal, service providers and Internet service providers (ISPs) can implement creative pricing strategies and develop a captivating Internet experience.

Features and Benefits

Service Selection Methods

  • Web Selection—A Web-based selection method that enables captive and retail portals and a walled garden, whereby subscribers can concurrently access multiple on-demand services from a list of personalized services. This unique service selection method takes advantage of the ubiquity of Web browsers, and eliminates logistics related to client software (such as license fees, distribution logistics, and an increased customer support burden).

  • PPP Termination Aggregation (PTA)—A PPP selection method whereby service is selected based on structured domain name (username@service.com) and supports one service at a time.

  • PTA Multidomain (PTA-MD)—A PPP selection method that supports overlapping IP addresses and concurrent connection to more than one service.

Service Types

  • Pass-Through—Traffic is forwarded via normal routing or next-hop table. The Cisco SSG performs authentication, authorization, and accounting (AAA), while Network Address Translation (NAT) is not performed. This service type is well suited to standard Internet access.

  • Tunnel—The Cisco SSG initiates a Layer 2 Tunneling Protocol (LT2P) connection to the remote L2TP network server (LNS). NAT is performed between subscriber IP address and LNS assigned address. This service type is ideal for services that are already equipped for LNS.

  • Proxy—A remote server performs AAA and supports NAT when it assigns an IP address. This service type is well suited when a service must perform AAA.

Transmission Control Protocol Redirect

The Cisco SSG allows users to authenticate without knowing the URL of the Cisco SESM Web portal. If a user who has not logged in sends packets upstream to a configurable group of Transmission Control Protocol (TCP) ports, the Cisco SSG sends those packets to a captive portal group (one or more servers). The Web portal handles the incoming packets in a suitable manner, such as returning a login page.

Domain Name System Fault Tolerance

The Cisco SSG can be configured to work with a single Domain Name System (DNS) server, or two servers in a fault-tolerant configuration. Based on an internal algorithm, DNS requests will be switched to the secondary server if the primary server fails to respond with a DNS reply within a certain time limit.

Concurrent or Sequential Service Access Mode

Cisco SSG services can be configured for concurrent or sequential access. Concurrent access allows users to log in to this service while simultaneously connected to other services. Sequential access requires that the user log out of all other services before accessing a service configured for sequential access.

Host Key

Cisco SSG and Cisco SESM use host key identifiers to ensure that each currently logged-on subscriber is uniquely identified, regardless of the IP address being used. This feature allows Cisco SESM applications to support the following types of subscribers:

  • Overlapping IP addresses in PPP and bridged environments—Cisco SESM can differentiate between various subscribers using the same IP address

  • Nonroutable subscriber IP addresses—Cisco SESM supports subscribers at sites using private IP addressing schemes, including subscribers of ISPs using private addressing schemes

  • Dynamic IP address assignment—Cisco SESM and Cisco SSG maintain user state synchronization when the subscriber IP address changes

Additional Features

  • Local forwarding—Cisco SSG can forward packets locally between directly connected subscribers

  • Single sign on—Once a subscriber has logged on using a PPP client, he or she can access the Web portal without having to re-enter the user name and password

  • Multicast—Cisco SSG supports multicast traffic, which includes normal multicast packets and Internet Group Management Protocol (IGMP) packets

  • Usage-based billing—Cisco SSG works with RADIUS-based AAA servers that accept vendor-specific attributes

Ordering and Availability

The Cisco SSG is a feature module of Cisco IOS Software. The Cisco SSG software may be downloaded from Cisco.com.