Table of Contents
- About This Guide
- Objectives
- Audience
- Documentation Conventions
- Related Juniper Networks Documentation
- Obtaining Documentation
- Documentation Feedback
- Requesting Support
- Installing the SDX Applications
- Software CDs
- Installing the Applications
- Installation Prerequisites
- Solaris Patches
- ACP
- Workflow
- Installing Application Packages
- Notes on the Installation
- Uninstalling Packages
- Installing Sample Data
- Installing Web Applications
- Installing Web Applications Inside JBoss
- Removing Web Applications
- Removing a Web Application from JBoss
- Reviewing Port Settings
- Activating Services Through SOAP
- Overview of Advanced Services Gateway
- Terminology
- Overview of Dynamic Service Activator
- Dynamic Service Activator Operation
- Dynamic Service Activator in a Redundant Environment
- Installation Tasks
- Prerequisite Tasks
- Installing Dynamic Service Activator
- Configuration Tasks
- Configuring Security for Gateway Clients
- Accessing the Configuration Files
- Configuring General Properties
- Configuring Subscriber Types
- Configuring the NIC Proxies
- Configuring Access to Methods and Scripts
- Configuring Access Constraints
- Deleting Subscriber Types, NIC Proxies, Methods, Scripts, and Clients
- Configuring the Logging Properties
- Exporting Configuration Objects
- Sample Data
- Methods, Scripts, and Clients
- Monitoring Dynamic Service Activator
- Monitoring the Performance of Dynamic Service Activator
- Resetting the GalMgmt MBean Counters
- Monitoring the SOAP Operations
- Resetting the GalOpMgmt MBean Counters
- Monitoring the NIC Proxies
- Testing Dynamic Service Activator
- Web Application Gateway Client
- Installing the Gateway Client
- Starting the Gateway Client
- Connecting to the Gateway
- Running Methods and Scripts
- Gateway Client for PCs
- Requirements
- Installing the Gateway Client
- Starting the Gateway Client
- Customizing the Default Settings
- Using the Gateway SOAP Client
- Sample Scripts
- API for Dynamic Service Activator
- Public SOAP Interfaces of Web Applications
- Methods for the Dynamic Service Activator SOAP Interface
- Format of the Subscriber's URI
- Subscription Attributes
- SOAP Fault Codes for Dynamic Service Activator
- Managing Subscribers Through SOAP
- Overview
- Subscriber Manager Operation
- Interactions Between Subscriber Manager and OSMW
- Configuration and Installation Tasks
- Prerequisite Tasks
- Configuring Subscriber Manager
- Subscriber Manager Properties
- Installing Subscriber Manager
- Sample Data
- Testing Subscriber Manager
- Developing Gateway Clients
- Trace Requests
- Managing Gateway Clients
- Error Codes That Subscriber Manager Returns
- Results from OSMW Actions
- Error Codes for Trace Requests
- Mirroring Subscriber Traffic in the SDX Network
- Overview
- Traffic-Mirroring Application
- Configuration Tasks
- Configuring Scopes
- Configuring Services for Mirroring
- Configuring Services
- Subscribing to the Aggregate Service
- Configuring Subscriber Sessions
- Subscriber Classification Scripts
- Interface Classification Scripts
- Managing Traffic Mirroring
- Overview of the Traffic Mirroring Administration Portal
- Accessing the Portal
- Starting New Mirroring Tasks
- Managing Mirroring Tasks
- Configuring the Traffic Mirroring Administration Portal
- Configuring the Traffic-Mirroring Application
- Configuring NIC Proxy
- Configuring Logging
- Deploying the Updated WAR File
- Providing Threat Mitigation Services with IDP
- Overview
- Before You Integrate IDP into an SDX Environment
- Sample Implementation
- Sample Network Topologies
- Components in Sample Data
- Integration Tasks
- Directing Subscriber Traffic to IDP for Monitoring
- Surveillance Director
- Router and Interface Subscriber Sessions
- Subscriber Session to Host an Aggregate Service
- Subscriber Session to Host a Core Interface Fragment Service
- Subscriber Session to Host a Router Interface Fragment Service
- Configuration Tasks to Direct Subscriber Traffic to IDP
- Configuring Scopes
- Configuring Scopes When Policy-Routing Traffic
- Configuring Scopes When Mirroring Traffic
- Defining Services for Policy-Based Routing on JUNOSe Routers
- Configuring a Subscriber Interface Service
- Configuring a Core Interface Service
- Configuring an Aggregate Service
- Defining Services for Mirroring on JUNOS Routing Platforms
- Subscribing to an Aggregate Service from a JUNOSe Router
- Configuring Subscriber Sessions
- Classifying Subscribers
- Classifying Interfaces
- Configuring Initial Properties for the Surveillance Director
- Configuring General Properties
- Configuring Java Properties
- Customizing Configuration for the Surveillance Director
- Configuring Directory Properties for the Surveillance Director
- Configuring Logging for the Surveillance Director
- Configuring an Instance of the Surveillance Director
- Defining Actions to Be Taken for Subscriber Traffic
- Redirecting Web Requests
- Developing and Customizing the Sample IDP Captive Portal
- Overview of the Sample IDP Captive Portal
- Sequence for Redirecting Traffic
- About the Record Servlet
- Configuration Tasks to Deploy the Sample IDP Captive Portal
- Configuring Properties for the Sample IDP Captive Portal
- Deploying the Updated WAR File
- Accessing the IDP Captive Portal
- Configuring the Redirect Server to Redirect Traffic to the IDP Captive Portal
- Applying SDX Services to Subscribers Associated with Problem Traffic
- Sending E-Mail to Subscribers
- Overview of IDP E-Mailer
- Configuring Deployment Properties for IDP E-Mailer
- Configuring Application Properties for IDP E-Mailer
- Deploying IDP E-Mailer
- Enabling SDX Actions from IDP Manager
- Before You Configure Scripts
- Configuring Scripts
- Sample idpsdx.py Script
- Providing Endpoint Security with IVE
- Overview
- Before You Integrate IVE into an SDX Environment
- Sample Implementation
- Configuration Tasks
- Configuring the Host Check Result Portal
- Overview of the Sample Host Check Result Portal
- Configuring Properties for the Sample Host Check Result Portal
- Deploying the Updated WAR File
- Accessing the Portal
- Configuring the Redirect Server to Redirect Traffic to the Captive Portal
- Configuring SDX Services for Subscribers
- Scheduling Subscriber Host Checking
- Providing Admission Control with ACP
- Overview
- Deriving Congestion Points Automatically
- Deriving Edge Congestion Points
- Deriving Congestion Points from a Profile
- Deriving Backbone Congestion Points
- Allocating Bandwidth to Applications Not Controlled by ACP
- Use of Multiple ACPs
- Interactions Between ACP and Other Components
- Redundancy
- Fault Recovery
- State Synchronization
- Installation Tasks
- Configuring Local Properties for ACP
- Configuration Tasks for Using ACP in an SDX Network
- Configuring SAE Plug-In Properties
- Configuring ACP as an External Plug-In
- Configuring Event Publishers
- Configuring the SAE to Monitor Interfaces for Congestion Points
- Configuring ACP Properties
- Configuring Logging
- Configuring ACP Operation
- Configuring CORBA Interfaces
- Configuring ACP Redundancy
- Configuring State Synchronization
- Configuring Connections to the Subscribers' Directory
- Configuring Connections to the Services' Directory
- Configuring Eventing Properties for Databases
- Working with Partitioned Directories
- Configuring ACP Scripts and Classification
- Configuring ACP to Manage the Edge Network
- Configuring Network Interfaces in the Directory
- Configuring Bandwidths for Subscribers
- Assigning Network Interfaces to Subscribers
- Configuring Bandwidths for Services
- Configuring ACP to Manage the Backbone Network
- Configuring Network Interfaces in the Directory
- Extending ACP Congestion Points
- Configuring Action Congestion Points
- Configuring Bandwidths for Services
- Configuring Congestion Points for Services
- Configuring Congestion Points in the Directory
- Assigning Interfaces to Congestion Points
- Defining a Congestion Point Profile
- Congestion Point Expressions
- Examples of Congestion Profiles
- Changing and Removing a Congestion Point Profile
- Starting and Stopping ACP
- Monitoring and Managing ACP
- Displaying Information About the Edge Network
- Displaying Information About Subscriber Sessions
- Displaying Information About Congestion Points
- Displaying Information About the Backbone Network
- Displaying Information About Services
- Displaying Information About Congestion Points
- Displaying Information About Action Congestion Points
- Displaying Information About the Configuration
- Displaying Information About Redundancy
- Displaying Information Obtained from External Applications
- Displaying Information About Subscribers
- Displaying Information About Congestion Points
- Reorganizing the File That Contains ACP Data
- Updating Congestion Point References
- Modifying Congestion Points
- API for ACP
- Controlling Volume Usage with the VTA
- Overview of the VTA
- Types of VTAs
- Terminology
- VTA Service and Subscriber Accounts
- VTA Sessions
- Managing Subscriber Accounts with Portals
- Volume-Based Services
- VTA Architecture and Connections to SDX Components
- How the VTA Works
- Events
- Event Attributes
- Event Handlers
- Actions
- VTA Processors
- Database Engine Processor
- Mail Processor
- SAE Proxy Processor
- Script Runner Processor
- VTA Operation
- Example: Limiting Subscriber Access Based on Account Balances
- Installing and Initially Configuring the VTA Software
- Before You Start
- Installing and Initially Configuring the VTA Software
- Using JavaScript Programs in VTA Configurations
- Related Configuration Tasks
- Configuring a Database to Store Account and Session Data
- Configuring the J2EE Application Server
- Creating Deployment Descriptors
- Configuring VTA Services and Policies
- Configuring Subscribers and Subscriptions to VTA Services
- Accessing the J2EE Application Server's Client Libraries
- Specifying How the VTA Loads Configurations from the Directory
- Properties in ejb-jar.xml file
- Configuring the SAE to Send Tracking Events to the VTA
- Specifying Tracking Plug-Ins for Enterprise Subscribers on JUNOS Routing Platforms
- Using NICs with the VTA
- Configuring a NIC
- Configuring NIC Proxies for the VTA
- Identifying Subscribers, SAEs, and Sessions
- Managing VTA Accounts and Sessions
- Managing Subscriber Sessions and Service Sessions
- Configuring Identifiers for Subscribers and Sessions
- Configuring Logging Properties for All VTA Configurations
- Installing and Running VTA Configuration Manager
- Installing VTA Configuration Manager
- Running VTA Configuration Manager
- Loading and Importing VTA Configurations
- Loading a Configuration from a Directory
- Connecting to the Directory Fields
- Importing a VTA Configuration from a Local File
- Configuring the VTA
- Configuring the VTA to Manage Database Accounts
- Configuring Scripts That Update Accounts
- Configuring the VTA to Manage Subscriber Accounts
- Configuring a Usage Metric for Service Accounts
- Defining a Formula for Determining Network Resource Usage
- Sample Formulas for Usage Metrics
- Configuring an Interim Accounting Interval for Service Accounts
- Adjusting the Interim Accounting Interval for a Service
- Configuring Actions for the Database Engine Processor
- Setting Up the VTA to Send E-mail Notifications
- Configuring the VTA to Send E-Mail Notifications
- Configuring the SAE Proxy Processor
- Configuring Actions for the SAE Proxy Processor
- Configuring the VTA to Run Scripts
- Configuring JavaScript Programs
- JavaScript Fields
- Configuring External Scripts
- External Script Fields
- Configuring VTA Actions to Run Scripts
- Configuring Events
- Configuring Event Handlers
- Validating VTA Configurations
- Saving VTA Configurations to a Directory or Local File
- Committing a VTA Configuration to a Directory
- Exporting a VTA Configuration to a Local File
- Renaming a VTA
- Renaming the VTA
- Modifying the Renaming Rules
- Overview of Managing Subscriber Accounts with VTA Portals
- Automatic Login of Subscribers
- Configuring Web Applications for the VTA
- Properties for VTA Portals
- Managing Subscriber Accounts with the Administrator Portal
- Accessing the Administrator Portal
- Viewing Subscriber Accounts
- Replenishing Periodic Accounts
- Deleting Information from the VTA's Database
- Testing the VTA Configuration
- Allowing Subscribers to Manage Their Accounts with the Subscriber Portal
- Accessing the Subscriber Portal
- Viewing Information About the Account
- Purchasing a Periodic Account
- Suspending a Periodic Account
- Purchasing Extra Bandwidth
- Troubleshooting Database Deadlocks
- Example: Bucket VTA
- Events for Bucket VTA
- Event Handlers for Bucket VTA
- GetBucket Event Handler
- RefillBucketWithBehavingRate Event Handler
- UpdateBehavingUsage Event Handler
- ToMisbehaving Event Handler
- Database Engine Processor for Bucket VTA
- Account Update Scripts
- Subscriber Account
- Service Accounts
- SAE Proxy Processor for Bucket VTA
- Actions for Bucket VTA
- GetBucketBalance Action
- CalcUsage Action
- UpdateBucketForBehaving Action
- RefillBucketWithBehavingRate Action
- StartMisbehavingService Action
- StopBehavingService Action
- Providing Application-Level Session Tracking and QoS Control
- Overview of Application-Level Session Tracking and QoS Control
- Benefits of Application-Level Session Tracking and QoS Control
- Integration of the SDX Software and the Ellacoya DPI Platform
- Ellacoya Networks DPI Platform
- Juniper Networks Platforms
- IPSCS Service Offers and Service Bundles
- Mapping Service Offers and Service Bundles to SDX Concepts
- Synchronization Between the SDX Software and the Ellacoya System
- Collecting Accounting Data
- Subscriber Login and Logout in a DPI Environment
- Service Activation and Deactivation in a DPI Environment
- Loading the Sample Data for the DPI
- Configuring the SDX Software for DPI Integration
- Setting Up Script Services for DPI
- Adding a Service Scope
- Creating a DPI Script Service
- Configuring the Script Service
- Configuring a Virtual Router Object for DPI
- Configuring Subscriptions to DPI Services
- Configuring the Ellacoya DPI Platform for SDX Integration
- Provisioning the IPSCS
- Service Bundles
- Service Offers
- Traffic-Accounting Profiles
- Configuring the SLE
- Synchronizing System Clocks
- Providing IPTV Services in the SDX Network
- Overview
- Installing the IPTV Application
- Configuring the Sample IPTV Application
- Setting Up the IPTV Network
- Configuring the SAE for the IPTV Application
- Managing the Routers in an IPTV Network
- Configuring IPTV Subscribers and Services
- Configuring ACP as an External Plug-In for the IPTV Application
- Configuring Event Publishers for the IPTV Application
- Configuring the NIC as an External Plug-In for the IPTV Application
- Configuring ACP
- Defining ACP Properties for the IPTV Application
- Defining the Sample Congestion Points
- Configuring the NIC
- Running the Sample IPTV Application
- Providing Prepaid Services
- Overview
- Account Server
- Time-Based Services
- Volume-Based Services
- Prepaid Account Web Admin
- Accessing Prepaid Account Web Admin
- Administering Accounts
- Installing and Configuring the Demo
- Installing the UMCppdemo Package
- Configuring the Account Server
- Publishing the Object References
- Manual Configuration
- Starting and Stopping the Account Server
- Configuring the SAE for the Prepaid Plug-In
- Configuring the Prepaid Services
- Deploying the Prepaid Account Web Admin File
- Configuring Prepaid Account Web Admin
- Integrating IP Address Managers with the SAE
- Overview
- Monitoring DHCP Messages
- Monitoring RADIUS Messages
- Installation Tasks
- Configuring Monitoring Agent
- Configuring Properties
- Configuring NIC Proxy
- Managing Monitoring Agent
- Starting Monitoring Agent
- Stopping Monitoring Agent
- Displaying Monitoring Agent Status
- Cleaning Monitoring Agent Logs
- Workflow Overview
- Workflow Execution
- Workflow Language
- Workflow Framework Classes and Types of Work Items
- LDAP Model for Workflow
- Persistent Storage
- Work Item Life Cycle
- Configuring the Workflow Application
- Configuring the SDX Workflow Application
- Execution Control Tab
- EC—Event Adapters Tab
- Library Tab
- Persistent Store Tab
- Repository Tab
- R-LDAP Tab
- R-Reporter Tab
- Other Tab
- Configuring the Object State Manager
- Request Tab
- Report Tab
- LDAP Tab
- Workflow Engines Tab
- Other Tab
- Configuring the Object State Manager for the Web
- Request Tab
- Report Tab
- LDAP Tab
- Workflow Engines Tab
- Building Workflows
- Before You Begin
- Creating a Simple Workflow
- Building the Workflow
- Creating a Parameter List
- Deploying the Workflow via the Directory
- Implementing the Workflow
- Work Item Library
- Start State and End State Work Items
- Synchronization Work Items
- Token Processor Work Items
- Token Value Checker Work Item
- Token Value Assigner Work Item
- Filter/Pass Work Item
- MIME Form Encoder Work Item
- Token Logger Work Item
- Regular Work Items
- Send E-Mail Work Item
- Receive E-Mail Work Item
- Logger Work Items
- Directory Lookup Work Item
- Directory Update Work Item
- Directory Query Work Item
- Directory Modify Work Item
- External Program Work Item
- HTTP Work Item
- Script Work Item
- Status Logger Work Item
- XML Decoder Work Item
- XML Encoder Work Item
- Workflow Translation Table
- Sample Workflows
- Test E-Mail Workflow
- Test Compound Workflow
- Fred Workflow
- Test Script Workflow
- ADSL Workflow
- Test Directory Workflow
- Other Available Examples
- Available Workflow Event Descriptors
- Class EMailEventDescriptor
- Class ProcessEventDescriptor
- Class TimerEventDescriptor
- Object State Manager for the Web
- Overview
- Target URI
- Observer URI
- Process States
- CorrelationData Tag
- ContextData and ResultData Tags
- Results and the Exception Codes
- Operations Specifics
- CreateProcess Instance
- GetProcess InstanceData
- ChangeProcess InstanceState
- Process InstanceState Changed
- Architecture
- Servlet 2.2 API Compatible
- Standard HTTP Authentication
- Executing a Transaction Using the OSMW - Example
- Object State Manager Functionality
- Object Life Cycle Management
- Transactions
- Executing Transactions
- Socket Interface
- Web Interface
- State Machine
- Transaction Execution Example
- Creating a State Machine
- Locking a Workflow Transaction
- Workflow Engine Functionality
- Workflow Engine
- Workflow Execution
- How a Workflow Is Started
- Event (Notification)
- Workflow Manager
- Workflow Manager GUI
- Library Tab
- Execution Control Tab
- Maintenance Tab
- Using the Workflow Probe
- Index