Академический Документы
Профессиональный Документы
Культура Документы
V4
Table of Contents
1. INTRODUCTION................................................................................................................................ 3
List of Figures
1. INTRODUCTION
The Network Management System (NMS) is an important operational element of a modern satellite
communications network. The Network Management System is not only the network operator's interface
into the control and monitoring of network performance, but it also is the repository of the parameters that
shape the subscriber's experience as a participant in the network. This white paper shows how the
SatNet NetManager will satisfy the needs of the network operator and ensure that the subscriber
experience is positive and rewarding.
SatNet has responded to these market demands by developing the SatNet NetManager™, a powerful
management system capable of meeting the functional and scalability requirements of a variety of system
configurations. The NetManager™ controls all the key operational elements of the SatNet Max & Mini
Hubs, consisting of the RLSS, FLSS and IPSS elements, defined as follows:
• The Forward Link Subsystem (FLSS) which contains the components necessary for the DVB-
S/DVB-S2 outbound link (forward channel).
• The Return Link Subsystem (RLSS) which contains those components necessary to process the
inbound links (return channels).
• The IP/ISP Subsystem (IPSS) which contains the components necessary for connection to the
Internet or to the customers premise site.
The NetManager™ provides several functions, all presented through a common GUI, including:
• Management of multiple service providers on the same hub with secure, independent access to
the NMS
• Configuration management
• Monitoring of all links, timing, and signal levels
• Subscriber management
• SLA management
• QoS management
• Management of VSATs
• Hierarchical operator layers for service provision
2.1 GUI
The nature of the NMS is such that the application is in itself complex: managing bandwidth on a satellite
network for multiple segregated users is far from a trivial task. The goal of the GUI in such an application
should be to present a view of the data and underlying concepts that allows users to understand and
manage it intuitively.
The NetManager™ GUI helps the user manage this complexity. The user is presented with a consistent
GUI, additional distinctive features are be used in key pages to help the user recognize each individual
page at a glance. Given the diversity of types of end-users, the GUI presents data and concepts based on
a domain model analysis representation.
• Automatic configuration of N routes for each VSAT in the DVB encapsulator(s) and router(s).
• Commanding VSATs with any of the following: Tx Enable/Disable, DB Disable/Enable, Logoff,
VSAT status access, ping
• Monitoring of VSAT software version.
• Visibility to a detailed connection management activity log.
• Storage of the previous 24 hours of return link connection statistics, with graphing capabilities.
Multiple service providers can access the system simultaneously through remote connections. Web
access allows service providers located in different regions to effectively operate a section of the hub.
Security is provided at two levels.
• Remote access to the system is via secure mechanisms, e.g. Secure Socket Layer (SSL).
• Access to the database is restricted to ensure that any given Service Provider can view and/or
make modifications only within the scope of the Service Level Agreements (SLAs) granted to
them.
Functionality is provided to allow automatic VSAT configuration import via an XML file containing add,
delete, modify commands, perform queries on VSAT configuration, faults and performance, as well as
performance data relative to VSAT groups.
The CMS is used by the network operator, either at a local console or remotely via a client-server
interface. The CMS provide a graphical environment where the user can monitor the health of the
gateway system and allow corrective action to be taken in the event of a system fault. The CMS catches
SNMP traps and gathers performance indicators, and presents this information to the network operator in
an intuitive manner via a simple and clean Graphical User Interface (GUI). The GUI includes the following
set of basic windows:
¾ A Functional View, displaying device and flow status (IP, ASI and RF) (Figure 1)
¾ A Device Status view as they appear in the gateway rack (Figure 2).
¾ An Alarm Window, including root cause analysis (top of Figure 3).
¾ An Event Window (bottom of Figure 3).
¾ Device Windows, with detailed monitoring information per device (Figure 4).
All views are completely user-configurable to match all possible system configurations. A large set of
drivers are available to add RF equipment to the views. Drivers for custom equipment can be provided by
Advantech, at an additional cost. In addition, map views displaying the status of witness terminals can be
easily added to the CMS. To summarize, the CMS offers the following functionality, sorted according to
the FCAPS (Fault, Configuration, Accounting, Performance, Security) categories.
Faults:
¾ Provides map views of Gateway sub-systems.
¾ Provides Gateway sub-system status on an iconic representation.
¾ Provides status of flows within the gateway, independently of device status.
¾ Provides a change of color per severity (e.g., Information – Blue, Clear – Green, Warning –
Yellow, Minor – Orange, Major – Red and Critical – Magenta).
¾ Displays events/alarms and allows them to be acknowledged and cleared.
¾ Supports alarm filtering and sorting.
¾ Events/alarms summarized (suppression of redundant alarms)
¾ Events/alarms saved in log file.
¾ Audible alarms (sound card required).
¾ Optional email notification on selectable set of alarms.
¾ Supports root cause analysis of gateway faults.
¾ Capability to log and search operator notes attached to alarms or devices.
¾ Supports control functions for each subsystem, where possible (e.g., Start, Stop, Save
Configuration, Restore Configuration).
¾ Local or remote operation.
¾ SNMP Northbound interface for external Network Management Systems (NMS).
Configuration:
¾ Configuration of gateway devices via SNMP (e.g. modulator).
¾ Access to all gateway device’s native applications from the gateway map (right-click).
Performance:
¾ Supports performance monitoring (collect, store and display counters) of Gateway sub-
systems.
¾ Supports graphical display of historical performance monitoring results (trending example
shown in Figure 5).
Security:
¾ Three standard user role categories with configurable access privileges (Administrator,
Operator, Viewer). Additional roles may be added.
¾ Log of user actions.
¾ Automatic backup of database and restore feature.
The network operator of a shared hub needs to be able to serve both sophisticated and novice service
providers with equal ease. The question is, however, how to satisfy these two diverse user groups? The
sophisticated service provider wants the freedom to set up his network with as few constraints as
possible. The novice service provider wants as much help and “hand-holding” as possible.
The SatNet NetManager™ is ideally suited for the shared hub concept. It allows the network operator to
divide his resources among a number of service providers and support each to the degree necessary for
a successful business. In the case of the sophisticated service provider, the network operator can simply
give him a fixed portion of the network resources. The service provider is then responsible to develop his
own Service Level Agreements (SLAs) and aggregated streams for the forward and return link satellite
resources. The service provider then defines his own SIT Groups with QoS profiles for the forward and
return link traffic and places his subscribers into the appropriate group. This structure is shown in Figure 6
below.
The remaining itSatNet in the figure below are the responsibility of the sophisticated service provider.
The sophisticated service provider establishes the following parameters as shown in the figure above:
¾ The SIT Group Forward Link Service Level Agreements (SG FL-SLAs) that define the
characteristics of the forward link “pipe” associated with a group of like subscribers. Depending
on the complexity of the service provider’s network, there may be several SIT Groups and several
SG FL-SLAs. A SIT Group may have its own SG FL-SLA or share one with other groups. Each
SG FL-SLA or pipe is partitioned into combinations of traffic types such as CBR, VBR, UBR, EF,
AF and BE depending on the needs of the subscribers assigned to the SLA. (Please refer to the
end of this document for a list of acronyms).
¾ The SIT Groups and their associated forward and return link QoS profiles. A Sit Group is a
collection of like subscribers that have common capabilities and QoS profiles. The forward link
QoS profile states the minimum guaranteed forward capacity and the maximum allowable peak
forward capacity per subscriber (SIT). The return link QoS profile defines the minimum
guaranteed and maximum allowable peak return link traffic in terms of the DVB-RCS assignment
types (CRA, RBDC and VBDC).
¾ The Service Provider Return Link Service Level Agreements (SP RL-SLAs). In the figure two RL-
SLAs are defined, the Gold Service and the Silver Service. Here is where the over-subscription
factors are defined for the forward link and the return link. In there return link there is an
oversubscription factor for each of the traffic assignment types (CRA, RBDC and VBDC).
¾ The Lower Level Return Link Service Level Agreements (LL RL-SLAs). The LL RL-SLA defines
the characteristics of the return link “pipe” associated with Scheduling Block defined by the
network operator. Each LL RL-SLA specifies the guaranteed minimum and allowed maximum
capacity of this “pipe” connecting the SIT Group to the Scheduling Block. The capacity is
expressed in terms of the DVB-RCS traffic assignment types (CRA, RBDC and VBDC). Note
there is only one Scheduling Block associated with an LL RL-SLA, however there can be several
LL RL-SLAs associated with a single Scheduling Block. This is illustrated in Figure 6. The LL RL-
SLA also specifies the overbooking associated with the pipe. The overbooking is specified both at
the CRA traffic demand and the RBDC traffic demand.
As can be seen above, the sophisticated service provider has considerable flexibility in how he defines
his network. He has the complete freedom to determine his own QoS performance for his subscribers. His
only constraints are the limits imposed by the network operator on his forward and return link capacity.
The novice service provider on the other hand will not likely have the experience to effectively manage his
resources. He will rely heavily on the network operator at least for the initial operational configuration.
This situation can be very expensive to the network operator (NO) if the novice service provider is allowed
to monopolize the network operator’s support staff. This is an excellent case where the SatNet
NetManager™ can provide substantial savings in operational costs. The network operator simply
prepares suites of predefined Service Level Agreements, QoS profiles and SIT Group definitions.
Preparing the suites is a relatively simple task for the network operator and provides him the opportunity
to resell his expertise to the novice service provider. Each novice service provider selects the predefined
suite that most closely matches his desire network configuration and performance. The only task left to
the novice is to configure his subscribers in the NetManager™. Even in this step the NetManager™ has
safeguards to ensure the novice service provider makes no mistakes. The subscriber IP addresses
(OA&M and traffic) are validated for the correct range, no duplications and no overlapping subnets. The
MAC address of each subscriber is validated for uniqueness across all service providers on the network.
PIDs or VCCs required for the encapsulation on the return link are auto-configured by the NetManager™.
Finally the NetManager™ checks that a valid SIT Group name is used by the novice service provider. The
SatNet NetManager™ allows the network operator to support the novice service provider with very little
effort, substantially reducing the manpower requirements for “hand-holding” and custom engineering.
The SatNet NetManager™ is designed with security as one of the most important requirements. SatNet
has designed a triple guard architecture that effectively shields the network management system from
unauthorized access and attacks.
The SatNet NMS has three-tier architecture to provide optimum security from Internet based attacks. This
architecture is illustrated in Figure 7 below. The interface to the Internet is the SIT Management
System/web server. The SIT Management System users (service providers) do not access directly the
management LAN. Their accesses are protected by the DMZ on a hardware firewall in front of the SMS
server. The recommended hardware firewall is the Cisco PIX 515. The firewall rules are established to
block malicious attacks. The SMS server runs auditing software and limits the number of processes
accessible to users. In addition, the critical database server is not directly accessible from the Internet. A
second firewall (software) protects the link between the SMS and the Connection Manager/database
server.
Two barriers exist to protect the RLSS and the management LAN from malicious attacks. If the first
barrier fails, the web server, there is no impact on real-time operations. If the second barrier fails, the only
effect is that new SITs are not permitted to login. SITs that are currently logged in remain unaffected.
The SatNet security practices used in the NetManager™ design phase also enhances the security of the
NMS. SatNet uses proven, open source software (SuSe Linux and PostGresql) because it has been
rigorously scrutinized for weaknesses by the community at large. A separate database connection is used
per NMS user (service provider) so the database itself enforces the access to it. Defined database views
are used to exclude access to other users’ data. In addition, SatNet does not use Java applets because
they are such easy targets for hackers.
Special care has been taken to secure the traffic routing management. When Service Providers (SPs) are
defined in the NMS database, the Network Operator can assign address ranges to them (IP, VCC, PID).
The NMS checks that the SPs assign addresses within the range, preventing conflicts. The NMS
configures the routing in the router from data in its secure database, which was validated not to conflict.
Traffic QoS Management is another area for security concerns that SatNet has addressed. When Service
Providers (SPs) are defined in the NMS, the Network Operator (NO) can assign bandwidth to them, on
outbound and inbound links. The NMS configures the QoS in the traffic shaper and in the IP/DVB
encapsulator, ensuring the separation of traffic and the policing of the SLAs on the outbound link. The
NMS uses the QoS configuration of the RLSS to create SLAs on the inbound link, assigned to service
providers. The RLSS ensures the separation of traffic and the policing of the SLAs.
The result of this focus on security is a network management system hardened against outside attack.
The network operator can rest assured his network is safe and secure.
The SatNet NetManager™ has been designed from the start to be operator-friendly. It features such
capabilities as:
¾ Task-based graphical user interface (GUI),
¾ Consistency checking of operator entries, and
¾ Simplified industry-based terminology.
In order for an operating system to be easy to learn and the training easily retained, the operator must be
presented with a user interface that is intuitive and centralized. A graphical user interface (GUI) is a
common means of achieving an interactive interface between the operator (man) and the network
management system (machine). The SatNet NetManager™ takes this concept one step further with its
task-based GUI. Each task is completed on a single page. The NetManager™ Web Page structure is
shown in Figure 8. The core of the page assembles all elements necessary to accomplish a task, coming
from different branches of the database model. For example, to reserve bandwidth for a SIT group on the
forward link, the properties of the parent bandwidth aggregate are displayed (i.e. min and max). Please
refer to Figure 9 for an actual screen capture of this page. At the bottom of the page, navigational buttons
take the users to another web page within the appropriate context to accomplish an associated task. For
example, within the GUI for SIT profile, there are buttons to lead the user to GUIs to configure the SIT
Queues, to monitor SIT status and control them, to configure their FL and RL QoS profiles. This is seen in
Figure 10 below. In addition, the standardized layout ensures even an uncommon task is performed in the
same manner as others thus preserving the training.
Title Page ?
Menus
Navigational Buttons
This pulling together of all the relevant data from the database and displaying it as necessary on the
appropriate page is essential for simplified operation. The operator does not have to hunt for decision
making information as he configures the system. Referring to Figure 10 above, some of the parameters
listed on the left side of the screen are underlined. This denotes the presence of tool-tips, a valuable
feature of the SatNet NetManager™. Tool-tips are drop down lists that provide additional information to
the operator. This information is in three broad categories:
¾ List of available variables for specific parameters. An example of this is shown in Figure 11. This
figure is the screen capture from the Default SIT Return Link (RL) Quality of Service (QoS). In the
screen the tool-tip showing the Maximum Best Effort Traffic (VBDC) data rates available for the
SIT profile.
¾ Definition of named parameters such as RL QoS profile. Figure 12 below shows the
NetManager™ screen capture of the SIT Group. The Group Return Link (RL) QoS is selected
from a drop down list on the right side of the page. The tool-tip provides the definition of the two
RL QoS settings (Standard Login and Standard Max).
¾ Display of over-written default parameters. The SatNet NetManager™ allows the operator to
overwrite default settings for some parameters. This allows the operator a greater degree of
freedom to tune his network performance. Figure 13 shows the screen capture of the SIT Level
RL QoS page on the NetManager™. Here we see the NetManager™ is displaying the original
default value for the Constant Rate (CRA) traffic that has been over-written.
Consistency checking is another important feature of the SatNet NetManager™ that simplifies operation.
Apart from checking for typographical errors, every data entry is checked against the content of the
database. This check is done when a configuration element is added or updated. The NetManager™
software checks more than 60 separate rules. Each rule may have sub-rules as well (e.g. some for ATM
traffic bursts on the return and others for MPEG). These data entry validations result in a green flag, a
warning (yellow) or the cancellation of the transaction (red). Examples of validation rules include:
¾ Verification that the SIT-Level RL QoS doesn’t exceed the user carrier rate.
¾ The sum of the FL guaranteed bandwidth configured for SIT groups does not exceed the
guaranteed bandwidth of their service provider bandwidth aggregate.
¾ Verification that IP addresses are within the configured range assigned to the service provider
and not duplicated elsewhere on the network.
¾ Verification that selected return link service level agreement is paired with the appropriate forward
link service level agreement.
The SatNet NetManager™ automatically adjusts its consistency check rules based on the equipment
configured in the hub. For instance the inclusion of a traffic shaping QoS device such as the
PacketShaper adds extra rules to allow for the setting of guaranteed bandwidth per route on the forward
link.
Finally, the SatNet NetManager™ presents to its users a widely accepted terminology derived from ATM
networks to represent the configuration of the return link. Constant Bit Rate (CBR), Variable Bit Rate
(VBR) and Unspecified Bit Rate (UBR) replace segment capacity, access to pool, area traffic capacity.
The return link traffic types are also translated with their DVB-RCS acronym in parenthesis, such as
constant traffic (CRA), persistent traffic (RBDC), best-effort traffic (VBDC) and left-over capacity (FCA).
This simplified terminology reduces the training requirements on service providers sharing a DVB-RCS
hub.
As seen in the above, the SatNet NetManager™ has a graphical user interface (GUI) that is simple to
learn and easily retained. The use of standardized page layouts, the aggregation of the appropriate
information for decision making, tool-tips and consistency checking make the SatNet NetManager™ the
ideal network management system tool.
The network operator needs to manage the migration of subsystem features as new software versions
are rolled out. This is a major headache for network operators. Over the service life of the system,
improvements are being continually made to each subsystem in the hub. For example, the SatNet DVB-
RCS terminal and the SatNet Return Link Subsystem designs are continually being enhanced with new
features and improved performance. Typically these improvements are available as software updates. It
is a relatively simple matter to update the hub software and naturally the SatNet NetManager™ is
updated to reflect any changes in the hub. The terminals, on the other hand, pose more of a challenge to
the operator. SatNet encourages all its customers to update the software in the terminals with the latest
version available. SatNet has even developed a special tool called the Forward Link Control Manager to
help the network operator with this task.
The Forward Link Control Manager (FLCM) is used to send commands and push files to individual
terminals, groups of terminals or all terminals in a network. The files that can be sent to a terminal(s)
include:
¾ Software image,
¾ Terminal configuration,
¾ Delta configuration,
¾ IPSec and custom logos.
¾ Enable transmission,
¾ Disable transmission
¾ Acquire the return link,
¾ Force acquire the forward link
¾ Logoff the terminal
¾ Reboot from alternate software image
¾ Apply delta configuration
¾ Start CW test
¾ Disable CW test.
Even with the full capabilities of the FLCM the network operator may find himself in the situation where
some terminals are using the latest software version while others are not. The SatNet NetManager™,
however, is specifically designed to handle such a situation. Each time a terminal logs onto a network the
NetManager™ reads the software version field of the network entry burst from the terminal. It records and
displays the current software version and configures the appropriate hub elements to support this version
of terminal. This includes remapping of the MIB for the terminal if necessary and establishing modified
protection modes for the terminal based on its rain fade countermeasures capability. This process is
repeated each time the terminal logs on the network. The NetManager™ will always ensure the hub is
matched to the terminal capabilities without any operator intervention.
The network operator needs to know about performance problSatNet before customer service lines start
to blaze. Network performance is critical to customer satisfaction and the customer service line is the. The
key to keeping on top of the network performance is having the right monitoring tools for the job. The
SatNet NetManager™ has all the tools necessary for the network operator to assess his network
performance. In a bandwidth on demand environment with over-subscription and overbooking features,
detailed reporting is crucial. The operator has to know how many of his customers are active on the
network at any time. He also has to know how many customers have been denied access and why.
Knowing these kinds of details allows to network operator to assess if his assumptions on traffic patterns
are accurate and whether he must adjust his over-subscription and overbooking rates. The SatNet
NetManager™ provides all this information and more.
The SIT Monitoring/Control screen (Figure 14) displays the status of terminals logged onto the network. It
displays the traffic assignment types available to the terminal as well as the received return link signal to
noise (Es/N0).
Statistics are also gathered on terminal group performance as seen in Figure 15 below. In this screen we
see the activity of the group of terminals as percentages of the available capacity in use.
The advanced return link statistics are shown in Figure 16 below. This screen shows the rejection ratios
for the different traffic types. This screen is very useful in determining the applicability of the QoS profile
used for the terminal group. Excessive rejection of one type of traffic or another indicates the QoS profile
is not well matched to the traffic.
The above are just a few of the performance monitoring screens available to the network operator. Using
the data on these screens will help the operator to make any adjusTMents necessary to fine tune his
Service Level Agreements and QoS profiles in the forward and return links.
Of course gathering statistics from a series of web pages can be very tedious. That is why the SatNet
NetManager™ is equipped with a fully functional Application Programming Interface (API). The API works
by XML file exchanges that are controlled through PERL/cURL scripts. This interface allows the operator
to collect performance statistics and alarms in the format most suitable to his needs. It also allows the
operator to add, update and delete terminals in the NetManager™ database.
4. CONCLUSION
This white paper has attempted to provide insight into the capabilities of the SatNet NetManager™ as
they relate to the network operator. We have seen how the NetManager™ is well suited to the tasks and
concerns a network operator is likely to have in the operation of his network, particularly in a shared
service environment. The NetManager™ is an easy-to-learn, easy-to-use platform that provides the
network operator with the means to maximize the capabilities of his network in terms of customer
satisfaction and low operating costs.