Cisco Cisco Packet Data Gateway (PDG) Documentation Roadmaps
Content Filtering Support Overview
▀ Category-based Content Filtering Support
▄ Cisco ASR 5000 Series Product Overview
OL-22937-01
Category-based Content Filtering Support
The Category-based Content Filtering application is a fully integrated, subscriber-aware in-line service provisioned on
chassis running HA services. This application is transparently integrated within the ECS, and utilizes a distributed
software architecture that scales with the number of active HA sessions on the system.
chassis running HA services. This application is transparently integrated within the ECS, and utilizes a distributed
software architecture that scales with the number of active HA sessions on the system.
Content Filtering policy enforcement is the process of deciding if a subscriber should be able to receive some content.
Typical options are to allow, block, or replace/redirect the content based on the rating of the content and the policy
defined for that content. For the list of content categories, refer to the Category List appendix in the Content Filtering
Services Administration Guide.
Typical options are to allow, block, or replace/redirect the content based on the rating of the content and the policy
defined for that content. For the list of content categories, refer to the Category List appendix in the Content Filtering
Services Administration Guide.
Benefits of Category-based Content Filtering
The Category-based Content Filtering solution enables operators to ensure a simplified end-to-end traffic flow with a
simple network topology. In-line deployment of Content Filtering provides a more attractive solution in contrast to out-
of-line solutions where the filtering and policy enforcement is provided at some offload point that is decoupled from the
bearer-processing layer.
simple network topology. In-line deployment of Content Filtering provides a more attractive solution in contrast to out-
of-line solutions where the filtering and policy enforcement is provided at some offload point that is decoupled from the
bearer-processing layer.
The out-of-line model forces a session to make multiple hops through a redundant array of equipment which has a
negative impact on traffic latency and limits subscriber and network visibility. In addition, the out-of-line model
requires all subscriber sessions to be steered to the adjunct Content Filtering platform for policy enforcement regardless
of whether this additional processing is needed. This leads to increased bandwidth provisioning requirements on
gateway routers.
negative impact on traffic latency and limits subscriber and network visibility. In addition, the out-of-line model
requires all subscriber sessions to be steered to the adjunct Content Filtering platform for policy enforcement regardless
of whether this additional processing is needed. This leads to increased bandwidth provisioning requirements on
gateway routers.
To facilitate network simplicity, it makes sense to leverage the benefits of deep packet inspection at a single policy
enforcement point that is tied to the bearer processing layer. The advantages of this approach implemented in include
the following benefits:
enforcement point that is tied to the bearer processing layer. The advantages of this approach implemented in include
the following benefits:
Reduced processing latency: In-line service processing eliminates unnecessary hand-offs and forwarding to
external network elements.
Simplified policy provisioning: Enables all policies like Content Filtering, ECS and QoS to be retrieved from
same AAA/Policy Manager signaling interface thus reducing total volume of control transactions and
associated delay.
associated delay.
Simplified provisioning and complete service integration: Provisioning of separate resources like packet
processing cards for processing subscriber data sessions and discrete services are eliminated. The same CPU
can contain active Session Manager tasks for running Content Filtering and ECS charging.
can contain active Session Manager tasks for running Content Filtering and ECS charging.
Integration with Content Service Steering (CSS) architecture: Enables applicable sessions to be forwarded to
the in-line content filtering subsystem while delay and time sensitive voice/multimedia services immediately
forwarded to Internet.
forwarded to Internet.
Service control: Precise control over the interaction and service order handling of bearer flows with required
applications like Content Filtering, ECS, Subscriber-aware Stateful Firewall, integrated Policy Charging and
Rules Function (PCRF) for Service Based Bearer Control.
Rules Function (PCRF) for Service Based Bearer Control.