Cisco Access Policy Server Data Sheet
Available Languages
The Cisco® Access Policy Server is a fully virtualized, carrier-grade network discovery, selection, and authentication solution. It uses the Cisco Policy Suite policy, charging, and subscriber data management platform to promote a better user experience, optimize resource usage, and generate new monetization opportunities.
The Cisco Visual Networking Index™ (Cisco VNI™) Forecast and Methodology, 2015–2020 predicts that, by 2020, 55 percent of all traffic from mobile-connected devices (more than 38 exabytes) will be offloaded to the fixed network using Wi-Fi devices and femtocells. Add the growing use of dual-mode devices and acceptance of voice-over-Wi-Fi (VoWiFi) services, and you can see that the convergence or macro- and microcellular networks are well under way, only highlighting the importance of delivering an “always best connected” experience to the end user.
Challenge
Mobile network operators (MNOs) continue to deploy carrier Wi-Fi in their networks to effectively handle data growth and meet offload objectives. Consequently, they want the user’s process of discovering, selecting, and authenticating onto a Wi-Fi network to be as easy and secure as possible, avoiding issues, such as poor connection and network “ping-pong,” that often occur in mixed-carrier Wi-Fi and macrocellular environments. Ultimately, MNOs are looking for better ways to manage users’ quality of experience, as they move between networks, rather than leave it to device only–based logic, as is typical today.
Solution
The Cisco Access Policy Server (Figure 1) supports network-aware, configurable, service provider–driven access policy on the device. To do so, it uses an open S14 interface strategy for broad device and OS applicability and uptake, which helps improve Wi-Fi and macro access selection, for smoother subscriber connections.
The Cisco network solution provides personalized, network-aware device access network selection (ANS) policy at the time the device is registered, which provides dynamic, responsive policies running in real time in the device. The rules and policies are assigned to devices during registration based on the user profile and current user location and are configured according to the service provider’s choice of access selection use cases and business outcomes. For example, ANS rules for devices are based on cellular network status or forecast; traffic trends (daily, weekly, and geolocation); site operations and maintenance; carrier, site, and access point expansion; and/or new phone and application launch programs.
Cisco Access Policy Server Components
The core Access Selection Policy module provides fundamental intersystem mobility policies (ISMPs), along with access network discovery management objects (ANDI MOs). These include access selection policies based on time and location (cell site or geofence) and push/pull updates:
● Flexible network attachment uses mutual client-server authentication techniques, as well as support for multiple user authentication credentials.
● The server supports policy update (pull) based on local rules, such as location and time change. This includes support for updated access policies in runtime, based on cell ID or service set identifier (SSID) changes, or by entering a new geofence area defined by the operator. A geofence may include customized sets of adjacent macrocells or groups of SSIDs within the geofence area.
● It also supports personalized policy (push)—Google Cloud Messaging (GCM), Apple Push Notification Service (APNS), and Short Messaging Service (SMS)—to devices, based on user profile state and profile changes, including user groups.
Feature Modules
● The Subscriber Management feature module refines policies by adding personalization based on user (group) profiles, preferences, and state changes, using an integrated profile repository. Personalization can be in the form of optimized quality of experience (QoE), based on defined service levels, or through billing optimization (postpaid or prepaid). It can also include use of a unified API for subscriber provisioning.
● The Link Quality-of-Service module assesses the Wi-Fi link quality before attaching or as a condition of remaining connected. It establishes a received signal strength indicator (RSSI) threshold level within the access network selection policy. It can define a kilobit per second threshold below which Wi-Fi QoE is deemed poor, resulting in selection of an alternative network. And it includes a speed test and a ping test.
● The Wi-Fi Power geofence module provides network-driven control of the devices’ Wi-Fi radio power (ON/OFF), based on cell ID zones defined by the operator.
● The Smart Security module provides support for managed (trusted) and unmanaged (untrusted) Wi-Fi attachments, according to operator policies. Managed Wi-Fi attachments are highly secure, using mutual client-server authentication techniques, and they support multiple user authentication credentials. Unmanaged Wi-Fi attachments provide security, using virtual private network (VPN) connection techniques.
Cisco’s Market-Leading Platform for Policy and Access Control
The Cisco Access Policy Server uses the proven Cisco Policy Suite software platform to deliver a service provider–grade network solution. It incorporates all the benefits of the underlying software platform, including extensibility and flexibility, an open Java-based software design for features and interfaces, and service velocity through a state-of-the-art programming and service-creation environment. In addition, it offers high performance and linear scale and a proven virtualized software platform that uses NoSQL database technologies to reduce total cost of ownership.
Competitive Benefits
The Cisco Access Policy Server provides the following benefits (see Table 1):
● Carrier-grade reliability: Gain carrier-grade reliability, high availability, and fault tolerance with a virtual architecture that supports flexible, cost-effective, carrier-grade strategies and a smooth transition into a network function virtualization (NFV) deployment environment. Virtual instances are spread across multiple blade servers for full hardware and software redundancy within a Cisco Access Policy Server cluster. If a blade server fails, incoming requests are directed to available virtual instances on other blade servers. This capability helps ensure high availability and tolerance against software faults as well as hardware failures.
● Exceptional scalability: Increase scalability to support today’s networks and upcoming next-generation networks, such as LTE with voice over LTE (VoLTE), which are driving policy transactions per second (TPS) to unprecedented heights. Cisco Access Policy Server is built to handle high TPS at low latencies. The solution can be sized to fit your network performance requirements and then grow with the addition of virtual instances, contributing to a lower total cost of ownership.
● Service creation velocity: Accelerate service creation with rapid solution rollout and extensibility. Prepackaged use case templates help speed time to market. The extensible Cisco Access Policy Server lets operators go beyond standard policy definition to support nonstandard, proprietary interfaces and customized service logic without affecting the core platform.
Table 1. Features and Benefits
| Feature |
Benefit |
| Carrier-Grade NFV Architecture |
|
| Powerful core rules engine |
Gain a powerful rules engine that binds the various Cisco Policy Suite applications. It provides the framework for the policy rules as well as the APIs present on the system. |
| NFV orchestration |
Use the CapEx and OpEx efficiencies of NFV. Rapidly deploy, configure, and scale CPS in an NFV environment for pursuit of vertical markets with bespoke CPS instances and network traffic demands. |
| Highly scalable, fully virtualized architecture, including geographic availability |
Support the scale required by large mobile networks while maintaining low latency at high transaction rates. Operators can easily add capacity simply by adding blades. In addition, carrier-grade geographic high availability is available as an option. Geographic high availability provides for geographical redundancy and disaster recovery and can be deployed in active-active mode and active-passive mode. |
| Extensive multivendor interoperability |
Get proven interoperability across numerous mobile packet core, data packet inspection (DPI) devices, VoLTE/IMSs, OCSs, AAA servers, broadband remote access servers (B-RASs), broadband network gateways (BNGs), billing applications, and provisioning vendors. |
| Policy Services |
|
| Policy control enforcement function (PCEF) controls |
Correlate, control, and coordinate policies across multiple policy enforcement points, for example, a packet data network gateway (PDN GW) and/or a DPI device for a subscriber’s session. |
| Quality of experience (QoE) control |
Improve QoE with always-best-connected policies based on signal strength and other access network parameters. |
| Time-based triggers |
Recognize time of day, day of week, month, year, weekday, workday, weekend, and so forth, as inputs for policy decisions. |
| User notification |
Notify subscribers through Apple Push Notification (APN), Google Cloud Messaging (GCM), email, browser redirect, or other notification extensions. |
| Location awareness |
Use the subscriber’s location as an input for policy decisions. Apply access policy rules based on configurable geofenced areas. |
| Motion awareness |
Network selection policies based on end-user device motion detection (for example, don’t connect to Wi-Fi when user is in motion) |
| Subscriber Data Management |
|
| Flexible schema |
Fit your data, not the other way around. |
| Simplified provisioning |
Simple Object Access Protocol/Representative State Transfer (SOAP/REST) web services API support simplifies integration to OSS/BSS applications. Onboard subscriber management GUI provides a single interface for viewing data from multiple repositories. |
Why Cisco?
Cisco is an industry leader in policy management deployments, offering one of the only policy platforms that includes network control, subscriber awareness, application integration, and service monetization. Cisco is committed to promoting innovation in the service provider market and continues to develop new products and solutions to help service providers transform their networks to more profitable, service-rich, and flexible IP next-generation networks (IP NGNs). Cisco provides world-class networking solutions that help service providers dramatically boost sales, improve customer satisfaction, and increase profitability.
Service and Support
Using the Cisco lifecycle services approach, Cisco and its partners provide a broad portfolio of end-to-end services and support that can help increase your network’s business value and return on investment. This approach defines the minimum set of activities needed, by technology and by network complexity, to help you deploy and operate Cisco technologies and optimize their performance throughout the network lifecycle.
Cisco Capital
Financing to Help You Achieve Your Objectives
Cisco Capital can help you acquire the technology you need to achieve your objectives and stay competitive. We can help you reduce CapEx. Accelerate your growth. Optimize your investment dollars and ROI. Cisco Capital financing gives you flexibility in acquiring hardware, software, services, and complementary third-party equipment. And there’s just one predictable payment. Cisco Capital is available in more than 100 countries. Learn more.
For More Information
For more information about the Cisco Access Policy Server, contact your local account representative.
For more information about policy management, go to cisco.com/go/mobilepolicy.
Feedback