| Oracle® Communications Service Broker VPN Implementation Guide Release 6.0 Part Number E23531-02 |
|
|
View PDF |
| Oracle® Communications Service Broker VPN Implementation Guide Release 6.0 Part Number E23531-02 |
|
|
View PDF |
This chapter introduces Oracle Communications Service Broker VPN (Virtual Private Network). It describes the steps for implementing Service Broker VPN services.
Service Broker VPN is an optional component of the Oracle Communications Service Broker that offers VPN capabilities and features traditionally associated with PBX-based voice VPN systems to mobile devices.
Service Broker VPN makes traditional PBX-based VPN features (such as private extension dialing, calling line identity presentation, and reduced charging rates) available to mobile device users even while away from their home office, city, or country.
Network operators use Service Broker VPN to offer voice VPN services to subscribing organizations. Subscribers typically benefit from reduced charging rates for on-net calls, improved employee connectivity, and a consistent user experience for their employees across mobile and desktop telephones.
The Service Broker VPN application is installed as an integrated component of the Service Broker. As shown in Figure 1-1, the VPN application resides in the Service Broker processing tier domain, where it operates alongside other application-level components such as Service Broker Social Voice Communicator (SVC).
Figure 1-1 The VPN Application in a Service Broker Deployment
The VPN application is tightly integrated with Service Broker, but in other ways, it can be regarded as any external application for which Service Broker performs mediation and orchestration.
Like other applications, the services of Service Broker VPN are integrated into the Processing Tier through an application-facing interworking module (IM). An IM is a Service Broker configuration component that serves as the mediation interface for external entities and Service Broker applications. The IM provides the mediation and session state management capabilities that, along with Signalling Tier components, make the VPN services available over multiple networks, including SS7 and IMS networks.
Service Broker VPN services can be adapted according to the requirements of each subscribing organization. Features of the service can be enabled or adapted based on the requirements of the organization. For example, while one subscribing organization may choose to use call control rules extensively, another may not.
The VPN Provisioning API gives VPN administrators configuration access to the features of Service Broker VPN application.
The features of the Service Broker VPN include:
Short code dialing for mobile and PBX-based devices
Forced on-net call handling, which provides users who dial the public number of another on-net user with on-net call features, including differentiated charging rates.
N-level user groups and profiles, which help administrators manage their VPN policies in large or small enterprises.
Support for Diameter-based online and offline charging applications
Line identity presentation for private number calling
Blocking of incoming or outgoing calls based on configurable black list rules
Call duration control
Private calling, allowing users to bypass call restrictions or other types of call processing for personal calls
Partner VPN relationships, which allow the provider to apply differentiated charging rates to calls between two subscribing organizations
Virtual users, which allocates on-net extension to external users
In addition, the Service Broker VPN provides tools that ease configuration and management of the VPN, such as policy profiles, user groups, batch tools, and more. The batch tools include the Batch Loader and Batch Validator, which are command-line utilities for loading and validating VPN subscriber and policy data.
From the VPN subscriber's perspective, VPN services are delivered as hosted software. The subscriber can acquire VPN services without having to install and maintain software or equipment.
From the VPN provider's perspective, implementing and offering VPN services involves the following steps:
Install the Service Broker VPN application with Service Broker.
Configure the Service Broker domains and managed servers.
Configure the database used to store VPN application data.
Verify and configure the basic operating settings of the Service Broker VPN application, such as database connectivity.
Add an IM instance for the Service Broker VPN application to the Service Broker configuration, orchestrating the IM with the network layer and other application layer services.
Use the VPN Provisioning API to configure the common properties for VPN services, such as provider properties and global policy rules. The VPN Provisioning API is the RESTful programming interface for configuring the services of the Service Broker VPN application.
For each subscriber, use the bulk provisioning tools to populate the data store with initial user data.
For each subscriber, provide access to the VPN self-management portal that the subscriber will use to configure their policy, add users, assign mobile device extensions, and so on. You develop the VPN self-management portal using the operations of the VPN Provisioning API.
Manage and monitor the VPN services deployment.
This guide provides information on each of these steps.
The VPN application integrates with the Service Broker configuration using a type of IM intended for use with Service Broker applications, IM-ASF-SAL. This type of IM provides similar functionality to the IM-ASF, which Service Broker uses to interact with external IMS applications and session control entities.
Figure 1-2 shows the Service Broker configuration components for connecting the Service Broker VPN application to the telecommunication networks on which it delivers services.
Figure 1-2 Service Broker Network Connectivity Components
For information on the complete Service Broker functional architecture, see Oracle Communications Service Broker Concepts Guide.
To integrate the Service Broker VPN application with the Service Broker configuration, you use the Administration Console user interface. The Administration Console enables you to connect the VPN application to the communication networks on which it operates. You also use the Administration Console to orchestrate the VPN services with other applications for which Service Broker performs message brokering.
Like other Service Broker components, the VPN application presents its basic operating settings as JMX MBean attributes. These properties specify the application identity of the VPN application, its database connectivity settings, and how it generates accounting information for external charging servers.
You can connect to the MBean interface using any JMX client, such as JConsole or a custom MBean client application. The Service Broker scripting engine also provides configuration and read access to Service Broker MBean attributes.
Note:
For complete information on the Administration Console and the MBean interface, see Oracle Communications Service Broker System Administrator's Guide.The VPN Provisioning API is the primary interface for configuring the services provided by the VPN application. Using a client application, VPN administrators invoke API operations to add subscribing organizations, configure the VPN usage policy, define numbering plans, add users, and allocate device extensions, among other tasks.
The Service Broker VPN application stores the data generated by API clients in an external database accessed by JDBC connection. Statistical information generated by VPN activity can also be persisted.
Figure 1-3 shows the general access points for the configuration tools and other components in a Service Broker VPN application deployment.
Figure 1-3 Configuration Tools and Resources
|
 Copyright © 2011, 2012, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
