Manualsbrain.com
  1. Manuels
  2. Marques
  3. Cisco
  4. Cisco Prime Access Registrar 6.0
  5. Fiche De Données

Cisco Cisco Prime Access Registrar 6.0 Fiche De Données

Télécharger
Page de 9
 
 
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. 
Page 2 of 9 
Cisco Prime Access Registrar provides a 3GPP-compliant RADIUS/Diameter server designed from the ground up 
for scalability and extensibility for deployment in complex service provider environments including integration with 
external data stores and systems and multivendor network access servers (NASs). Session and resource 
management tools track user sessions and allocate dynamic resources to support new subscriber service 
introductions. The solution supports service provider deployment of access services by centralizing AAA 
information and simplifying provisioning and management. 
Cisco Prime Access Registrar Director provides proxy function and scripting capability for RADIUS. Cisco Prime 
Access Registrar Director is intended for use in scenarios such as roaming or those in which a customer is going to 
use the solution to perform an intelligent proxy or load-balance the RADIUS packet based on certain conditions or 
rules. 
Product Architecture 
At the core of Cisco Prime Access Registrar (Figure 1) is a policy engine that determines processing based on the 
contents of the request packet. The policy engine makes the following types of decisions: 
● 
Whether to perform one or more of the following against any incoming packet: authentication, authorization, 
accounting, proxy. 
● 
Which authentication/authorization data store to perform authentication and authorization against: 
Supported options are Lightweight Directory Access Protocol Version 3 (LDAPv3) directories, Oracle 
database, MySQL database, and the local embedded database. 
● 
What type of authentication to use: Built-in authentication mechanisms or a custom-built mechanism. 
Built-in mechanisms include Password Authentication Protocol (PAP), Challenge Handshake Authentication 
Protocol (CHAP), and the following Extensible Authentication Protocol (EAP) authentication methods: 
EAP-SIM/AKA/AKA-
PRIME (AKA’) over M3UA/SIGTRAN (ITU and ANSI variant) and SWx (Diameter), 
EAP-TLS, EAP-TTLS, EAP-GTC, EAP-MSCHAPV2, LEAP, EAP-FAST, EAP-MD5, PEAPv0, and PEAPv1. 
● 
Whether accounting against an external database like Oracle or MySQL or a local flat file is required. 
● 
Whether a request should be proxied to an external RADIUS/Diameter server. 
● 
What type of accounting is required. 
● 
Whether user/group session limits apply. 
● 
Whether an IP address has to be allocated and whether to use static mapping or to allocate one from a 
preconfigured pool. 
While the basic operation of the server is determined by configuration, multiple extension points within the server 
provide optional callouts to custom code. Extension points can be used for several purposes, including influencing 
the processing of a request or modifying incoming or outgoing packets to meet specialized requirements.