APE Rulebase Example: Using User-Role-Based Rules to Support Tiered Subscriptions
Internet service providers (ISP) can use the application policy enforcement (APE) rulebase to support tiered subscriptions. Suppose your company offers Internet access at premier, standard, and economy levels. Premier customers pay extra for unlimited bandwidth. Standard customers pay a lower rate and have some limitations. Economy customers pay a still lower rate and have additional limitations.
To deploy this solution:
- Deploy a Juniper Networks IC Series Unified Access Control (UAC) appliance to manage user access to the content provider Web site.
Use the IC Series administration console to map users to roles, including:
- Premier–Customers who pay extra for unlimited access.
- Standard–Customers who pay for standard service.
- Economy–Customers who pay for basic service.
- Configure communication between the the IC Series appliance and the IDP Series appliance so you can use the IDP user-role-based policy feature.
- Configure APE rules to limit bandwidth for specified applications according to the user roles.
Figure 1 shows a rule that gives premier customers unlimited access. Standard customers get unlimited access to all applications except peer-to-peer filesharing, which is rate-limited. Economy customers get unlimited access to all applications except peer-to-peer filesharing and Skype, which are rate-limited.
Figure 1: APE Rulebase: User-Role-Based Rules to Support Tiered Access
