At Konnex Networks, we have built our own technology platform for the management of devices and networks. This section provides an overview of how this works.
The MASP Core Management Platform controls users and devices on your broadband network and provides support for your business model. This document focuses on the management of wireless networks as this presents many challenges for widescale deployment but most of the features are also applicable to wired networks such as fibre and DSL. MASP provides an in-built edge control module that enables the services to be separated from the network type, thereby enabling the services to be ubiquitous, subject only to the capacity of the network.
In the context of a Wireless LAN (WLAN), the MASP Core Management Platform sits between the end user sites and the Internet feed for that network. The product scales from providing a small guest access solution overlaying onto existing internal wireless networks through to full scale urban mesh networks providing a range of fixed and mobile services across large geographic areas.
The MASP system is a management platform built aroung a Radius AAA core that provides a number of key elements
• Authentication of the users trying to access the wired or wireless network
• Management of the network, including monitoring, capacity planning and remote diagnostics
• Management of the user sessions, including traffic shaping and usage allowances
• Management of the administrative users
• Management and control of the branding and look-and-feel of the User Interface
• Integration of added-value services and applications to users over the network
MASP provides Service Providers, Systems Integrators and estate owners with a single management interface that securely authenticates users trying to connect to a wired or wireless network, with a range of access mechnisms.
MASP provides a Core Management Platform for control and management of access across the WLAN to the broadband network. The system supports two main network models :
a) Local Egress – whereby an Access Controller is installed at the user’s premises (the “Edge Network”) and a secure tunnel is established between the Edge Network and the Core Management Platform. All access requests are delivered to the Core Management Platform across this tunnel and if authenticated, the user requests are accepted and connection to the network is made. Users can be connected to a local Internet feed or to a local corporate network.
b) Central Egress – whereby a network device such as a router is installed at the local site but when the user or device is authenticated, the traffic is backhauled to a central Internet feed. The access control is managed from devices within a central data centre. Presentation to the network can be over a secure tunnel or via a Layer 2 connection to the core. The approach can be used for smaller sites or where common policies and branding exist across a number of sites. A single access controller at the Core Management Platform is used to aggregate all of the connections to run across one central Internet feed.
All access control policies as well as branding, user management and session control are provided through a Service Management Portal which provides authorized users with the ability to access the Core Management Platform and update site or enterprise details.