The SSX-3000 Mobile Broadband Gateway can perform a variety of roles in today's mobile network environments. StokeOS delivers the features to perform these roles and it manages the system reliability and redundancy functions to ensure non-stop operations. The following table presents the key specifications of the StokeOS Gateway Software Suite.
StokeOS Specifications * |
| Session Management |
| Tunnel & Session Support |
IPSec, PPP / PPPoE, DHCP |
AAA Capabilities
|
RADIUS authentication (RFC 2865)
RADIUS accounting (RFC 2866)
RADIUS extensions (RFC 2869)
RADIUS Change of Authorization (RFC 3576) |
| IP Address Assignment |
Static, Internal address pool
IPSec mode-config (draft-dukes-ike-mode-cfg-02.txt)
IKEv2 Configuration Payload (CP) |
| Routing |
OSPFv2 (RFC 2328)
BGP4 (RFC 1771, 1997)
RIPv2 (RFC 2453) |
| Virtualization |
Up to 250 Contexts (virtual routers) |
| Mobility |
Mobile IP (RFC 3344)
MOBIKE (RFC 4555) |
| Traffic Management |
| Traffic Classification |
Payload inspection for application aware flow classification
Static payload filter definitions with regular expressions
Stateful packet classification
L2/L3/L4 header based classification |
| QoS |
802.1p, IP SA/DA, UDP/TCP port, protocol, ToS, DSCP
DSCP-to-ToS Mapping
Session and flow level marking, policing, queuing
Deficit Round Robin scheduling
Session and flow level RED |
| Reporting / Accounting |
Call Detail Records 9ASN.1, CSV, TLV, XML upload formats)
Session and flow level records
Time and volume based |
| Mobile Network Standards Compliance |
| Wireless LAN Interworking |
3GPP system to WLAN Interworking; System Description (TS 23.234)
3GPP system to WLAN Interworking; Stage 3 (TS 29.234)
3GPP 3G Security; WLAN interworking security (TS 33.234)
3GPP2 Wireless LAN (WLAN) Interworking - List of Parts (X.S0028) |
| UMA |
3GPP Generic access to the A/Gb interface (UMA Protocols) (TS 43.318) |
| IP Security |
3GPP Network domain security; IP network layer security (TS 33.210) |
| Session Security |
| IKE |
IKEv1 and IKEv2 (Main mode, agressive mode, quick mode) |
| Authentication |
PSK, digital certificate |
| Diffie-Hellman Groups |
1,2,5 (RFC 2409, 3526) |
| Encryption Algorithms |
DES-CBC (RFC 2405)
3DES-CBC (RFC 2451)
AES-CBC (RFC 3602)
AES-XBC-PRF-128 (RFC 3664)
AES-XCBC-MAC-96 (RFC 3566)
AES-128-CTR (RFC 3686) |
| HMAC Algorithms |
HMAC-MD5-96 (RFC 2403) & HMAC-SHA-1-96 (RFC 2404) |
| Secondary Authentication: |
XAUTH (IKEv1) (draft-beaulieu-ike-xauth-02.txt)
EAP (IKEv2) |
| Client Configuration |
MODECFG (IKEv1)
Configuration payload (IKEv2) |
| Other IKE/IPSec Features |
Rekeying
Traffic Selector
Negotiation of NAT Traversal (RFCs 3947)
UDP encapsulation of IPSec ESP Packets (IKEv2)
Liveness Detection (RFC 3948)
Dead Peer Detection (IKEv2)
Stateless cookies (IKEv2)
MOBIKE (IKEv2) |
| Access Control List (ACL) |
Static and Dynamic ACLs |
Administration & Management |
| System Management |
Command Line Interface (CLI) - console and telnet
Syslog (RFC 3164)
SNMP v1 / v2c / v3
Comprehensive MIB Support |
| System Administration |
Privilege-based administrator and operator user-types
External administrator database via RADIUS
Local administrator database |
| Standard MIBs |
ENTITY
Interface
IP FORWARD
IP
IPV6
IPV6 TCP
IPV6 UDP
OSPF
RADIUS ACC CLIENT
RADIUS AUTH CLIENT
RADIUS DYNAUTH SERVER
RFC1213
RFC1213 SMI
RMON
SNMP COMMUNITY
SNMP FRAMEWORK
SNMP MPD
SNMP NOTIFICATION
SNMP USM AES
SNMP USM DH OBJECTS
SNMP VIEW BASED ACM
SNMPV2
SNMPV2 TM
SNMPV2 USEC
TCP MIB
TRANSPORT ADDRESS
UDP |
| Enterprise MIBs |
IPSEC MIB
IPV4 EXTENSION
IPV4 INTERFACE
IPV4 PREFIX LIST
IPV4 STATIC ROUTES
SNMP RESEARCH
SR AGENT INFO
STOKE ENVMON
STOKE PRODUCTS
STOKE SMI
STOKE SYSTEM
TGT ADDRESS MASK
USM TARGET TAG |
| Traps |
Documentation Available on Request |
| Alarms |
Documentation Available on Request |
Document Library
Video Library