Скачать презентацию SIGMA SBR Carrier 7 0 Copyright 2007 Скачать презентацию SIGMA SBR Carrier 7 0 Copyright 2007

255ccf9a7d131ece41805814fc4650be.ppt

  • Количество слайдов: 48

SIGMA SBR Carrier 7. 0 Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential SIGMA SBR Carrier 7. 0 Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 1

Agenda § The product: SBR Carrier 7. 0 • Converged Carrier grade AAA • Agenda § The product: SBR Carrier 7. 0 • Converged Carrier grade AAA • New Wi. MAX module § New Pricing model § Use cases (for wireline & wireless) • Use case • Pricing • Migrating from legacy SBR products § Literature Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 2

The product: SBR Carrier 7. 0 Converged Carrier grade AAA Copyright © 2007 Juniper The product: SBR Carrier 7. 0 Converged Carrier grade AAA Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 3

AAA Evolution to FMC and Wi. MAX Wireline GSM/UMTS SBR/HA SBR/SPE SBR/HA Wi. MAX AAA Evolution to FMC and Wi. MAX Wireline GSM/UMTS SBR/HA SBR/SPE SBR/HA Wi. MAX SBR/Carrier SBR/SIM SBR/MIM CDMA Copyright © 2007 Juniper Networks, Inc. Wi. Fi/UMA Proprietary and Confidential www. juniper. net 4

One AAA to Manage All Access § A centralized AAA Architecture that supports all One AAA to Manage All Access § A centralized AAA Architecture that supports all access technologies and user credentials is an important element of the NGN network § A benefit of centralizing AAA is that it allows for the centralization of subscriber session information on the networks § Enhancement to service delivery and new services can be delivered by leveraging this active subscriber database. Services PKI LDA P Sess ions UMA DSL GPRS/UMTS Copyright © 2007 Juniper Networks, Inc. Applications/ Proprietary and Confidential Femtocell Wi. MAX www. juniper. net 5

Step 1: SBR Carrier v 7. 0 Modular AAA for Wireless and Wireline carriers Step 1: SBR Carrier v 7. 0 Modular AAA for Wireless and Wireline carriers • Standalone AAA server • combining all previously existing Juniper AAA carrier functionality into 1 modular product • Adding a mobile Wi. MAX module (Now!!) SNMP LDAP GUI CLI ces OSS Interfa Optional modules SQL Scripting nds Front-E SIM auth LDAP Mobility modules Authentication modules SMS Auth * CDMA Mobility * SBR Carrier Core Wi. MAX Mobility Back-End s RADIUS HLR Gateways Proxy RADIUS *CDMA mobility and SMS auth EFT only in v 7. 0 Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 6

SBR Carrier Core Built on Industry-proven SBR SPE technology! • Open and flexible AAA SBR Carrier Core Built on Industry-proven SBR SPE technology! • Open and flexible AAA functionality regardless of end user access technology (through RADIUS, EAP, Http-digest), integrated into 1 platform • Supports SQL or LDAP based user repository, regardless of DB schema • Advanced service delivery features • Carrier grade proxy engine and filtering features • Virtualization support • Network integration features + • All 3 GPP support built into SBR Carrier Core • Comes with all EAP methods enabled out of the box (except SIM/AKA): MD 5, LEAP, GTC, POTP, PEAP, TLS, TTLS • Supports unlimited virtualization (directed realms) • Multiple additional optional features available Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 7

SBR Carrier 7. 0 core new features Location based profiles • Enables policy granularity SBR Carrier 7. 0 core new features Location based profiles • Enables policy granularity on location basis • Access technology based policy SBR Carrier 7. 0 Available in 2 flavors: • Location based profiles for users • Location based profiles for groups Improved Management • Web delivered Administration UI • Downloadable to any station • No permanent UI install • A browser is sufficient • UI managed EAP configuration • UI based filter management • Administration audit logs ensuring administration accountability Enhanced scripting features • Enabling precise implementation of custom service and business logic • Providing unparalleled flexibility in implementing and growing service and business logic • Java. Script realm selection and Java. Script filter selection can: • Query and modify any AVP • Query LDAP or SQL databases Copyright © 2007 Juniper Networks, Inc. Flexible sub-TLV support • Support for sub-TLV’s in the core AAA engine • allow any sub-TLV requirement to be configured in the AAA core Proprietary and Confidential www. juniper. net 8

SBR Carrier: Authentication Modules, Mobility Modules and Optional Modules SIM auth SMS Auth * SBR Carrier: Authentication Modules, Mobility Modules and Optional Modules SIM auth SMS Auth * SIM authentication methods for PWLAN and UMA § SIM authentication and authorization (against HLR over SS 7 or SIGTRAN) § Kineto INC S 1 interface (UMA & Femtocell) SMS OTP provisioning and authentication methods CDMA Mobility module CDMA Mobility* Scrip ting § CDMA mobility, resource assignment and prepaid features § CDMA Rev. A Qo. S support Java. Scripting module § LDAP Java. Scripting § Java. Scripted Filters § Core routing Java. Scripting Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential *CDMA mobility and SMS auth EFT only in v 7. 0 www. juniper. net 9

Wi. MAX in SBR Carrier 7. 0 Wi. MAX § Modular approach, SBR Carrier Wi. MAX in SBR Carrier 7. 0 Wi. MAX § Modular approach, SBR Carrier Core + • Wi. MAX Module for wireline integration (EAP-TLS, EAP-TTLS) • Wi. MAX module + SIM authentication module for GSM/UMTS integration (EAP-AKA) • Wi. MAX Module + CDMA mobility module for CDMA integration § Wi. MAX mobility management: • Mobile IP v 4 support • ASN and CSN authentication authorization • ASN and CSN key management § Wi. MAX resource management • Home Agent Management • Home Address (IP-address) Management § § Wi. MAX Qo. S support Charging Roaming: H-AAA and V-AAA Standards: Wi. MAX Forum NWG Stage 3 rev. 1. 0, 1. 1 and 1. 2 compliant Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 10

Modular Carrier Grade AAA Step 2: SBR Carrier v 7. 2 • Available standalone Modular Carrier Grade AAA Step 2: SBR Carrier v 7. 2 • Available standalone or with HA cluster • combining all previously existing carrier functionality into 1 product • Adding central address allocation, concurrency and Session Control modules SNMP LDAP GUI ces OSS Interfa Xml/ https** CLI Optional modules Session Control RADIUS Scripting nds SMS auth Front-E * Only in combination with Session control module Copyright © 2007 Juniper Networks, Inc. Address Allocation Wi. MAX Mobility CDMA Mobility SBR Carrier Core DB HA Cluster Session DB Proprietary and Confidential SQL LDAP Mobility modules Authentication modules SIM auth Concur rency SQL* Back-End s (March 2009) HLR Gateways Proxy RADIUS DB www. juniper. net 11

Service SBR Carrier Non-Stop AAA and Service Delivery FR VPN ATM VPN PSTN IPTV Service SBR Carrier Non-Stop AAA and Service Delivery FR VPN ATM VPN PSTN IPTV Home Vo. IP Internet Video Telephony Mobile Vo. IP Video Roaming FMC Push to Talk Applications Provider Unique Services SQL/LDAP/CLI/Https Policy & Control SBR Session DB cluster RADIUS/RADIUS Co. A Network Wireless Access CPE Copyright © 2007 Juniper Networks, Inc. Edge Proprietary and Confidential Core Data Center www. juniper. net 12

SBR Carrier 7. 2: New Optional Modules In-session service changes Session Control § RADIUS SBR Carrier 7. 2: New Optional Modules In-session service changes Session Control § RADIUS Co. A based § XMLover. Https and CLI (scripting) based interfaces § Applications: In session Hotlining, Legal Intercept, Disconnect, Prepaid, Tiered Services User/ Group based concurrency Concur rency Address Allocation § Requires HA Cluster session DB for enforcement across the network § Concurrency limitations on a per-user basis § Concurrency limitations on a configurable attribute Centralized IP-address allocation § Requires HA Cluster session DB for central ip-address pool management § All SBR Carrier Frontend AAA nodes use the same address pools § Splitting of address pools per AAA no longer required Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 13

The product: SBR Carrier 7. 0 new Wi. MAX module Copyright © 2007 Juniper The product: SBR Carrier 7. 0 new Wi. MAX module Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 14

Juniper SBR/AAA functions in Wi. MAX network § Network Attachment: Securely attach a user/device Juniper SBR/AAA functions in Wi. MAX network § Network Attachment: Securely attach a user/device (or both to the network), and manage its session keys throughout the session lifetime § Mobility Management: Manage a user’s mobility throughout the session lifetime. § Resource Management: Assign and manage a user’s network resources • User IP-Addresses • Home Agent assignment § Quality of Service: Manage and assign a user’s Wi. MAX Qo. S flows and authorize their activation § Billing: Provide user/session and Qo. S flow (service session) based accounting to billing and reconciliation systems § Roaming: Act as a Visited or Home AAA in roaming scenario’s. Ensure proper authentication and billing Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 15

§ § § If the authentication is successful the AAA server responds to the § § § If the authentication is successful the AAA server responds to the ASN-GW with an accept message that provides all the information NAP necessary for the ASN-GW to initiate a Network Access Provider Mobile IP tunnel for the subscriber to the CSN SBR Carrier in Wi. MAX NSP Upon tunnel initiation the CSN will generate a RADIUS request to the AAA server to request the mobility keys for the subscriber § The ASN-GW is relay agent between MS and AAA The RADIUS server will respond with the access-accept that will include the mobility keys allowing the CSN to grant the subscriber an IP session on the network Network Service Provider RADIUS Steel-Belted Radius H-AAA V-AAA Steel-Belted Radius Application Service Provider RADIUS EAP/RADIUS § ASN GW Tunnel Network Access Provider MS § § The MS can respond to the identity request with either Mobile IP / EAP v 2 PKM After MS connects to the radio network, it will be challenged Internet by the ASN-GW to authenticate • The Extensible Authentication Protocol (EAP) is the protocol used for credential exchange in Wi. MAX Once the ASN-GW receives the access accept message from the AAA server it will use the information in the request to initiate a Mobile IP tunnel to the CSN Copyright © 2007 Juniper Networks, Inc. • Device Credentials CSN-GW • A certificate is used for device authentication • User Credentials Mobile Core Connectivity Service Provider • A USIM or a username/password can be used for user authentication • Both device and User Credentials • A device certificate and username/password are used Proprietary and Confidential www. juniper. net 16

Standard Attachment methods supported with Wi. MAX mobility key generation EAP/TTLS SQL LDAP EAP/TLS Standard Attachment methods supported with Wi. MAX mobility key generation EAP/TTLS SQL LDAP EAP/TLS PKI EAP/SIM-AKA SBR/Carrier SS 7 SIGTRAN HLR • EAP methods support Wi. MAX mobility key generation • EAP-TTLS implementation from the pioneer of the protocol (Funk) • EAP-SIM/AKA implementation proven in countless PWLAN/UMA solutions • Support for other EAP protocols: MD 5, LEAP, GTC, POTP, PEAP Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 17

Authentication Types and Dependencies EAP-Type Credential form Authentication Database EAP-TLS Device certificate PKI infrastructure Authentication Types and Dependencies EAP-Type Credential form Authentication Database EAP-TLS Device certificate PKI infrastructure EAP-TTLS Username & Password - Or Username & Password + Device certificate Could be an LDAP Directory, SQL database, internal AAA database. + PKI infrastructure (if user+device) EAP-AKA Smart card (USIM) HLR Access to the HLR is available via SS 7 or Sigtran Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 18

Wi. MAX Mobility Management § Mobile IP key derivation: • Derive mobile keys and Wi. MAX Mobility Management § Mobile IP key derivation: • Derive mobile keys and store them for re-authentication or handover • When Implementing SBR Carrier in clustered configuration, these keys are available to ALL of the SBR Carrier frontend servers in subsequent transactions § Mobile IP key distribution: • Distribute Mobile IP keys to Foreign Agent (ASN-GW) • Distribute Mobile IP keys to Home Agent § Mobile IP resource assignment: • Manage Home Agent resources • Ho. A (Home Address) Assignment RA ASN CSN EAP Access Copyright © 2007 Juniper Networks, Inc. [ Aggregation ] P ASN-GW Proprietary and Confidential RADIUS S IU D EA HA www. juniper. net 19

Home Agent Management and Assignment § Simple Home Agent Assignment: • Fixed HA is Home Agent Management and Assignment § Simple Home Agent Assignment: • Fixed HA is assigned to the ASN on authentication § Dynamic Home Agent Assignment: • Primary-backup HA assignment • Home Agent Load Balancing • Round Robin HA assignment • Weighted Round Robin HA assignment Dynamic HA Assigment t en t nm ep ig cc s A As ss A H cce A 70% load HA 30% load HA Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 20

SBR Carrier roaming features § Act as Home AAA § Act as a Visited SBR Carrier roaming features § Act as Home AAA § Act as a Visited AAA • Mobility management, resource management, billing, Qo. S, … • Advanced proxy features: 1 alm Re Realm 1 – Support for multiple proxy realms – Proxy load balancing – Proxy fast fail groups Home Network 2 Realm 2 V-AAA – Advanced filtering and scripting: » Inbound and Outbound » Remove, add and change attributes » Scripting allows custom attribute manipulation and DB access Home Network 1 • Network attachment, mobility management, resource management, billing, Qo. S, Service delivery, … AAA server in Fastfail Outbound filter SBR as V-AAA FA Visited Network Copyright © 2007 Juniper Networks, Inc. SBR as H-AAA Home Network Inbound filter Proprietary and Confidential www. juniper. net 21

Wi. MAX access network Qo. S § Access network Qo. S profile transmitted to Wi. MAX access network Qo. S § Access network Qo. S profile transmitted to ASN-GW: • Access network Qo. S • Subscriber and Service Qo. S • Uplink/downlink rate limiting § Qo. S AAA modes: • HAAA: subscriber based Qo. S • VAAA: roaming peer based: Enforce visited network Qo. S over home network provided Qo. S § Types of Qo. S profiles: • HAAA: Subscriber/group based LDAP SQL • Home network Qo. S • Roaming Qo. S • VAAA: Ability to rewrite Qo. S profile attributed by HAAA Access Copyright © 2007 Juniper Networks, Inc. ile o. S QASN CSN ASN-GW Proprietary and Confidential f ro P HA www. juniper. net 22

New Pricing Model Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. New Pricing Model Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 23

SBR Carrier Pricing 4 different types of SKU’s: § SBR Carrier core base server SBR Carrier Pricing 4 different types of SKU’s: § SBR Carrier core base server § Additional concurrent session licenses § Additional optional modules § HLR gateways licenses Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 24

SBR Carrier Core server: SBR-CAR-AAA § The base server license, representing the SBR Carrier SBR Carrier Core server: SBR-CAR-AAA § The base server license, representing the SBR Carrier Core functionality. § Licensed on a per server basis: • Customer needs to purchase 1 license per instance he has running in his network, regardless of the fact those instances are running on separate hardware or within virtual domains on the same hardware. Model SBR-CAR-AAA Copyright © 2007 Juniper Networks, Inc. Description Price SBR Carrier Core AAA server license, includes $34, 900 50, 000 concurrent sessions (license key only) Proprietary and Confidential www. juniper. net 25

SBR Carrier Concurrent User Licenses Additional concurrent user licenses § Concurrent sessions for the SBR Carrier Concurrent User Licenses Additional concurrent user licenses § Concurrent sessions for the whole customer site § Licensed on a site basis: • ordered on top the SBR Carrier Core base model to expand on the number of concurrent sessions licensed in the product (concurrently attached to the network) • This is a cumulative license: For example if the customer purchases another 50, 000 sessions, the customer is licensed for 100, 000 sessions total. • The number of sessions are measured as concurrent sessions in the AAA session database. • The customer has the right to apply additional concurrent session licenses to all SBR Carrier servers on his site. Model SBR-CAR-ADD-50 K SBR-CAR-ADD-100 K SBR-CAR-ADD-250 K SBR-CAR-ADD-500 K SBR-CAR-ADD-1 M SBR-CAR-ADD-2 M Copyright © 2007 Juniper Networks, Inc. Description SBR Carrier - Add 50, 000 concurrent sessions (license key only) Price $16, 000 SBR Carrier - Add 100, 000 concurrent sessions (license key only) $30, 000 SBR Carrier - Add 250, 000 concurrent sessions (license key only) $70, 000 SBR Carrier - Add 500, 000 concurrent sessions (license key only) $130, 000 SBR Carrier - Add 1, 000 concurrent sessions (license key only) $240, 000 SBR Carrier - Add 2, 000 concurrent sessions (license key only) $440, 000 Proprietary and Confidential www. juniper. net 26

Concurrent User Licenses Example A customer requires a basic redundant AAA server (2 licenses) Concurrent User Licenses Example A customer requires a basic redundant AAA server (2 licenses) and estimates that he requires a total of 250, 000 concurrent users on his site. The customer will need to order: § 2 X SBR-CAR-AAA, which will give him the ability to install SBR Carrier on 2 servers, with 100, 000 concurrent users (the base license comes with 50, 000 concurrent users, X 2) § The customer still needs 150, 000 concurrent users (for a total of 250, 000 concurrent users) so will need to order SBR-CARADD-50 K and SBR-CAR-ADD-100 K = 2 SBR Carrier AAA + 250, 000 concurrent users Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 27

SBR Carrier Optional Modules Additional optional modules licenses: § Unlocks extra functionality on top SBR Carrier Optional Modules Additional optional modules licenses: § Unlocks extra functionality on top of the SBR Carrier Core license § Licensed on a per server basis: • optional modules can be unlocked by an additional feature license key. • SBR Carrier core license needs to be present to unlock functionality • Customer needs to purchase 1 license per instance of SBR Carrier he wants the functionality unlocked on. Model SBR-CAR-SIM Description SBR Carrier AAA optional SIM Authentication Module (license key only) SBR-CAR-WMM SBR Carrier AAA optional Wi. MAX Mobility Module $34, 600 (license key only) SBR-CAR-JSC SBR Carrier AAA optional Java. Scripting Module (license key only) Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential Price $29, 500 $9, 800 www. juniper. net 28

SBR Carrier HLR Gateways for Authentication & Authorization on backend HLR § Required to SBR Carrier HLR Gateways for Authentication & Authorization on backend HLR § Required to use HLR as backend database for SIM based authentication, in combination with SIM authentication module (SBR-CAR-SIM) § Licensed on a per server basis: • ordered on top the SBR Carrier Core base model and SIM authentication module to allow authentication on a backend HLR • SQL and LDAP backends are part of the SBR Carrier Core license, the HLR backend is not • Customer needs to purchase 1 license per instance of SBR Carrier he wants the functionality unlocked on. • The customer can choose either SIGTRAN or SS 7 based HLR gateways. Model SBR-HLR-SS 7 Description SBR Carrier HLR Gateway - SS 7 stack (includes 2 SS 7 links) Price $16, 500 SBR Carrier HLR Gateway - SS 7 stack (includes 2 SS 7 links) + PH 0301 PCI SS 7 board (2 E/T 1 interfaces) SBR Carrier HLR Gateway - SS 7 stack (includes 2 SS 7 links) + XH 0303 PCI-E SBR-HLR-SS 7 BOARD 2 low profile SS 7 board (2 E/T 1 interfaces) SBR Carrier HLR Gateway - PH 0301 PCI SS 7 board (2 E 1 interfaces) SBR-HLR-BOARD SBR Carrier HLR Gateway - XH 0303 PCI-E low profile SS 7 board (2 E 1 SBR-HLR-BOARD 2 interfaces) SBR-HLR-SS 7 -UP 6 SBR Carrier HLR Gateway - Upgrade SS 7 stack from 2 to 8 SS 7 links SBR-HLR-SS 7 BOARD SBR-HLR-SS 7 -UP 8 SBR-HLR-SIG $27, 500 $12, 950 $16, 900 SBR Carrier HLR Gateway - Upgrade SS 7 stack with an additional 8 SS 7 links $17, 700 SBR Carrier HLR Gateway - SIGTRAN stack (includes 2 SIGTRAN associations) $27, 900 SBR Carrier HLR Gateway - Add SIGTRAN stack to existing SS 7 install (includes $18, 800 2 SIGTRAN associations) SBR Carrier HLR Gateway - Upgrade SIGTRAN stack with 2 additional SIGTRAN $17, 750 SBR-HLR-SIG-ADDASC associations SBR-HLR-SIGADD Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 29

Service pricing § Service pricing now fully in line with Juniper corporate model. § Service pricing § Service pricing now fully in line with Juniper corporate model. § All service is minimal 24/7 (Core support) § Limited support (Formerly Funk) 8/5 is not offered on the SBR Carrier product line and will be discontinued on all SBR Service Provider products § Direct Core support is approx 20% of product price (formerly 25%) § Partner Core support is approx 15% of product price Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 30

Use Cases Wireline PPP & DHCP Copyright © 2007 Juniper Networks, Inc. Proprietary and Use Cases Wireline PPP & DHCP Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 31

SBR Carrier in PPP and DHCP scenario’s ERX & MX local DHCP server • SBR Carrier in PPP and DHCP scenario’s ERX & MX local DHCP server • authenticates subscriber on SBR AAA and SBR returns local DHCP pool name • authenticates subscriber on SBR AAA and SBR returns ip address from a pool SBR manages RADIUS Premium Content PPP Core Transit Point/ Internet DHCP Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 32

Migrating customers from Legacy SBR products § Legacy products: • SBR/SPE • Optionally Java. Migrating customers from Legacy SBR products § Legacy products: • SBR/SPE • Optionally Java. Scripting module § Migration package for each SBR/SPE server under valid maintenance contract: • • SBR Carrier Core (SBR-CAR-AAA) Additional 50 K concurrent user license (SBR-CAR-ADD-50 K) Additional 100 K concurrent user license (SBR-CAR-ADD-100 K) Optionally Java. Scripting Module (SBR-CAR-JSC) § Cost: minimal, TBD § Why migrate: • SBR Carrier is a true converged AAA that will allow the Carrier to extract additional value from its subscriber base • SBR Carrier has a future • Better performance/scalability: SBR Carrier is tested and dimensioned for newer HW with better performance/scalability • More value in the base package • More options to expand provide higher value per subscriber • Free 150 K concurrent user license for every migrated SPE license Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 33

Use Cases 3 GPP GPRS/UMTS/HSx. PA Copyright © 2007 Juniper Networks, Inc. Proprietary and Use Cases 3 GPP GPRS/UMTS/HSx. PA Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 34

SBR Carrier in 3 GPP networks BTS Service and policy 2 GSGSN Subsriber Databases SBR Carrier in 3 GPP networks BTS Service and policy 2 GSGSN Subsriber Databases BSC Identity and Policy repositories Base Switching Station (GSM): TDMA Data technologies (2. 5 G): • GPRS (60 -80 kbps) • EDGE (100 -200 kbps) GGSN Billing platforms Service Gateways HLR Service platforms SS 7 signaling Network SBR Carrier GGSN Node-B 3 G-SGSN RNC Packet Backbone Network Intranets/ Internet UTRAN (UMTS): WCDMA Data technologies (3 G): • UMTS (384 kbps) • HSDPA (1 Mbps-3. 6 Mbps) Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 35

Migrating customers from Legacy SBR products § Legacy products: • SBR/SPE • Optionally Java. Migrating customers from Legacy SBR products § Legacy products: • SBR/SPE • Optionally Java. Scripting module § Migration package for each SBR/SPE server under valid maintenance contract: • • SBR Carrier Core (SBR-CAR-AAA) Additional 50 K concurrent user license (SBR-CAR-ADD-50 K) Additional 100 K concurrent user license (SBR-CAR-ADD-100 K) Optionally Java. Scripting Module (SBR-CAR-JSC) § Cost: minimal, TBD § Why migrate: • SBR Carrier is a true converged AAA that will allow the Carrier to extract additional value from its subscriber base • SBR Carrier has a future • Better performance/scalability: SBR Carrier is tested and dimensioned for newer HW with better performance/scalability • More value in the base package • More options to expand provide higher value per subscriber • Free 150 K concurrent user license for every migrated SPE license Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 36

Use Cases SIM based authentication PWLAN/UMA/Femtocell Copyright © 2007 Juniper Networks, Inc. Proprietary and Use Cases SIM based authentication PWLAN/UMA/Femtocell Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 37

Services & Applications SBR Carrier in UMA / Femtocell Environments HLR / AUC SIG Services & Applications SBR Carrier in UMA / Femtocell Environments HLR / AUC SIG L SQ SS 7/ / AP Policy & Control LD TR AN UMA Subscriber Database AAA server identifies / differentiates traffic and routes to appropriate backend for authentication RA DIU Wm Transport UMA Mobile Phone GSM IPsec Tunnel Broadband IP network Odyssey Access Client 802. 1 x Copyright © 2007 Juniper Networks, Inc. S 1 Gn Gb Security Gateway S Gb Backbone / Edge Router Gi A Up Mobile Services A Broadband Services Router UMA Network Controller Proprietary and Confidential www. juniper. net 38

Migrating customers from Legacy SBR products § Legacy products: • SBR SIM server § Migrating customers from Legacy SBR products § Legacy products: • SBR SIM server § Migration package for each SBR/SPE server under valid maintenance contract: • SBR Carrier Core (SBR-CAR-AAA) • SIM authentication module (SBR-CAR-SIM) • Java. Scripting Module (SBR-CAR-JSC) § Cost: minimal, TBD § Why migrate: • SBR Carrier is a true converged AAA that will allow the Carrier to extract additional value from its subscriber base • SBR Carrier has a future • Pricing for concurrent subs is lower than SIM server • Better performance/scalability: SBR Carrier is tested and dimensioned for newer HW with better performance/scalability • More value in the base package • More options to expand provide higher value per subscriber • 50 K concurrent subscribers in base package vs 1 K in SIM server Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 39

Use Cases Wimax Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. Use Cases Wimax Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 40

SBR Carrier in Wi. MAX NAP NSP Network Access Provider Network Service Provider RADIUS SBR Carrier in Wi. MAX NAP NSP Network Access Provider Network Service Provider RADIUS Steel-Belted Radius V-AAA MS Internet Mobile IP ASN GW Network Access Provider Copyright © 2007 Juniper Networks, Inc. Application Service Provider RADIUS EAP/RADIUS / EAP v 2 PKM H-AAA Steel-Belted Radius Tunnel CSN-GW Connectivity Service Provider Proprietary and Confidential Mobile Core www. juniper. net 41

Migrating customers from Legacy SBR products § Legacy products: • None! § SBR Carrier Migrating customers from Legacy SBR products § Legacy products: • None! § SBR Carrier is the first product that support true Mobile Wi. MAX Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 42

Competitive Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 43 Competitive Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 43

Cisco Access Registrar § Knockoffs: • • Not as feature rich as SBR Carrier Cisco Access Registrar § Knockoffs: • • Not as feature rich as SBR Carrier Manageability not as good SBR Performance is better Requires programming in TCL or C for advanced features that are simply configurable in SBR • No EAP-AKA support, EAP-SIM support requires ITP • No IPv 6 support • No native Oracle support § Watch out for: • RADIUS Co. A support in base package • Aggressive discounting in turnkey solutions § Pricing: CPU (Core) based • Base Server (1 CPU/Core): $35, 000 • Additional $10, 000 per CPU/Core • SIM support more expensive and requires ITP product for HLR connectivity Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 44

Bridgewater AAA service controller § Knockoffs: • Very basic base feature package, SBR Carrier Bridgewater AAA service controller § Knockoffs: • Very basic base feature package, SBR Carrier Core comes with a lot more features packed in the base package • Everything is an option (from EAP to accounting to assigning an ip-address) • Base package with 10 K subs already more expensive then SBR Carrier core with 50 K subs • List price overall 3 to 10 times as expensive as SBR Carrier, based on functionality • Requires expensive pro-services for expansion or custom business logic • Comes with integrated subscriber database, no support for existing subscriber databases. SBR can integrate with existing infrastructure • No EAP-SIM and EAP-AKA HLR support § Watch out for: • Good entry level price for 1 K subs basic package, which allows customer penetration, anything beyond that is very expensive • Aggressive marketing • Company focus, this is their only product • DCHP server support • Integrated subscriber database can be an asset if that is a customer requirement § Pricing: subscriber based • Fully subscriber based • Everything is optional Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 45

Apertio (NSN) One-AAA § Knockoffs: • • Pretty basic feature package acquired from AAA Apertio (NSN) One-AAA § Knockoffs: • • Pretty basic feature package acquired from AAA vendor focusing on German market SBR Carrier is more mature and feature rich, has a large install base Most of NSN’s customers are running SBR Comes with integrated subscriber database, no support for existing subscriber databases. SBR can integrate with existing infrastructure • No EAP-SIM and EAP-AKA HLR support • No Wi. MAX support (NSN is selling SBR Carrier into Wi. MAX opportunities), but they are working on it § Watch out for: • Pure subscriber based pricing allows good entry level price, but scales out higher then SBR Carrier • Aggressive discounting in turnkey solution • The centralized subscriber management • Integrated HLR/HSS/AAA package • Integrated subscriber database can be an asset if that is a customer requirement • NSN approaching customers they have sold SBR to for a migration § Pricing: subscriber based • Fully subscriber based, estimated between $0. 80 - $1. 20/sub Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 46

Literature Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 47 Literature Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 47

Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 48 Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidential www. juniper. net 48